Merge branch 'master' into exchange-2016-support

# Conflicts: # javascript/src/iframe/viamapi-iframe.js

Merge branch 'master' into exchange-2016-support
e9e10317 · Alexey Lunin · a67c64cb · 3112ea9d · e9e10317 · e9e10317
Commit e9e10317 authored 5 years ago by Alexey Lunin
--- a/javascript/src/constants/statuses.js
+++ b/javascript/src/constants/statuses.js
 export const STATUS_DEVICE_REVOKED = "Device revoked";
+export const STATUS_USER_NOT_ACTIVATED = 'User not activated';
--- a/javascript/src/iframe/viamapi-iframe.js
+++ b/javascript/src/iframe/viamapi-iframe.js
 import '../lib/textencoder.polyfill';
-import {
+import { parseSMIME, prepareVCardParts } from "../utilities/emailUtilities";
-  parseSMIME,
-  prepareVCardParts
-} from "../utilities/emailUtilities";
 import {
  stringToUtf8ByteArray,
  utf8ByteArrayToString,
@@ -30,15 +27,19 @@ import {
  createOneTimePassportCertificate,
  createPassportCertificate,
  decryptMessage,
-  encryptMessage, parseCertificate,
+  encryptMessage,
+  parseCertificate,
  signEmail,
  verifySMIME
 } from "../utilities/signingUtilities";
 import { signPdf } from "../utilities/pdfUtilities";
 import CryptoData from "../CryptoData";
 import Identity from "../Identity";
-import { STATUS_DEVICE_REVOKED } from "../constants/statuses";
+import {
-import generateQrCode from '../utilities/generateQrCode';
+  STATUS_DEVICE_REVOKED,
+  STATUS_USER_NOT_ACTIVATED
+} from "../constants/statuses";
+import generateQrCode from "../utilities/generateQrCode";
 const penpalMethods = require("../../temp/penpal-methods").default;
 const WopiAPI = require("./wopiapi-iframe");
@@ -319,6 +320,20 @@ async function executeRestfulFunction(type, that, fn, config, ...args) {
    return response.data;
  }
+  const userNotActivated =
+    type === "private" &&
+    code === "400" &&
+    status === STATUS_USER_NOT_ACTIVATED;
+  if (userNotActivated) {
+    destroyIdentity();
+    const event = createEvent("", "UserNotActivated");
+    iframeParent.onEvent(event);
+    return response.data;
+  }
  const badSession =
    type === "private" &&
    identity &&
@@ -538,14 +553,9 @@ const connection = Penpal.connectToParent({
          newIdentity.setPinCode(pinCode);
          window.currentlyLoadedIdentity = newIdentity;
-          const {
+          const { publicKey, x509Certificate } = newIdentity.authentication;
-            publicKey,
-            x509Certificate
-          } = newIdentity.authentication;
-          window.loadedIdentities[
+          window.loadedIdentities[publicKey] = newIdentity;
-            publicKey
-          ] = newIdentity;
          extendPinCodeTtl(newIdentity.authentication.publicKey, pinCode);
          window.viamAnonymousApi.setIdentity(
@@ -1092,7 +1102,7 @@ const connection = Penpal.connectToParent({
        );
      });
    },
-    verifySMIME: async (smimeString) => {
+    verifySMIME: async smimeString => {
      const authenticationPublicKey = localStorage.getItem(
        "authenticatedIdentity"
      );
@@ -1121,10 +1131,16 @@ const connection = Penpal.connectToParent({
      const rootCaPem = rootCaResponse.data;
      const verificationResult = await verifySMIME(smimeString, rootCaPem);
-      return encodeResponse("200", verificationResult.verified, verificationResult.message);
+      return encodeResponse(
+        "200",
+        verificationResult.verified,
+        verificationResult.message
+      );
    },
    validateDocument: async (documentUUID, contentType) => {
-      const authenticationPublicKey = localStorage.getItem("authenticatedIdentity");
+      const authenticationPublicKey = localStorage.getItem(
+        "authenticatedIdentity"
+      );
      if (
        !authenticationPublicKey ||
@@ -1140,7 +1156,8 @@ const connection = Penpal.connectToParent({
        window.viamApi.documentValidateDocumentByUUID,
        null,
        documentUUID,
-        contentType);
+        contentType
+      );
      if (validateDocumentResponse.code !== "200") {
        return encodeResponse("400", "", validateDocumentResponse.status);
@@ -1149,11 +1166,13 @@ const connection = Penpal.connectToParent({
      const signatures = validateDocumentResponse.data;
      if (signatures) {
        for (const signature of signatures) {
-          const certificateChain = signature.certificateChainPEM.map((certificatePEM) => {
+          const certificateChain = signature.certificateChainPEM.map(
-            const certificate = parseCertificate(certificatePEM);
+            certificatePEM => {
-            const certificateData = new CertificateData(certificate);
+              const certificate = parseCertificate(certificatePEM);
-            return certificateData;
+              const certificateData = new CertificateData(certificate);
-          });
+              return certificateData;
+            }
+          );
          signature.certificateChain = certificateChain;
        }
      }
@@ -1352,7 +1371,11 @@ const connection = Penpal.connectToParent({
      return encodeResponse("200", "", "Document signed");
    },
-    signDocumentJava: async (passportUUID, documentUUID, documentContentType) => {
+    signDocumentJava: async (
+      passportUUID,
+      documentUUID,
+      documentContentType
+    ) => {
      const authenticationPublicKey = localStorage.getItem(
        "authenticatedIdentity"
      );
@@ -1445,7 +1468,14 @@ const connection = Penpal.connectToParent({
    //   body: String if it is a text part (Content-Type = "text/...") or Uint8Array otherwise; filled for leaf MIME nodes
    //   parts: array of instances of the same object; filled for container MIME nodes (Content-Type = "multipart/...")
    // }
-    signVCard: async (passportUUID, senderEmail, attribs, textBody, htmlBody, parts) => {
+    signVCard: async (
+      passportUUID,
+      senderEmail,
+      attribs,
+      textBody,
+      htmlBody,
+      parts
+    ) => {
      const authenticationPublicKey = localStorage.getItem(
        "authenticatedIdentity"
      );
@@ -1490,15 +1520,17 @@ const connection = Penpal.connectToParent({
      }
      let qrCodeImageData;
-      let qrCodeCoordinates = {fromL: -1,
+      let qrCodeCoordinates = { fromL: -1, fromR: -1, toL: -1, toR: -1 };
-        fromR: -1,
-        toL: -1,
-        toR: -1};
-      if (vCardImageClaimValue && "state" in vCardImageClaimValue && vCardImageClaimValue.state === "disabled") {
+      if (
+        vCardImageClaimValue &&
+        "state" in vCardImageClaimValue &&
+        vCardImageClaimValue.state === "disabled"
+      ) {
        vCardImageData = new ImageData({
          contentType: "image/png",
-          contentBase64: "iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mNkYAAAAAYAAjCB0C8AAAAASUVORK5CYII=" //1x1px transparent pixel
+          contentBase64:
+            "iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mNkYAAAAAYAAjCB0C8AAAAASUVORK5CYII=" //1x1px transparent pixel
        });
      } else {
        const vCardImageResponse = await executeRestfulFunction(
@@ -1516,17 +1548,21 @@ const connection = Penpal.connectToParent({
        }
        vCardImageData = new ImageData(vCardImageResponse.data.Image);
        if (vCardImageData.contentType !== "image/png") {
-          return encodeResponse("400", "", "Content type of vCard mmust be 'image/png'");
+          return encodeResponse(
+            "400",
+            "",
+            "Content type of vCard mmust be 'image/png'"
+          );
        }
        qrCodeCoordinates = vCardImageResponse.data.QRCodeCoordinates;
-        const qrCodeBase64Content = await generateQrCode("https://" + location.host + "/check/" + messageUUID);
+        const qrCodeBase64Content = await generateQrCode(
-        qrCodeImageData = new ImageData(
+          "https://" + location.host + "/check/" + messageUUID
-          {
-            contentType: "image/png",
-            content: qrCodeBase64Content
-          }
        );
+        qrCodeImageData = new ImageData({
+          contentType: "image/png",
+          content: qrCodeBase64Content
+        });
      }
      if (typeof parts === "undefined" || parts === null) {
@@ -1545,7 +1581,9 @@ const connection = Penpal.connectToParent({
        };
        parts.unshift(htmlPart);
      } else {
-        console.log("Html body is not passed to signVCard, its value is ", {html: htmlBody});
+        console.log("Html body is not passed to signVCard, its value is ", {
+          html: htmlBody
+        });
      }
      if (textBody) {
@@ -1560,10 +1598,12 @@ const connection = Penpal.connectToParent({
        };
        parts.unshift(textPart);
      } else {
-        console.log("Text body is not passed to signVCard, its value is ", {text: textBody});
+        console.log("Text body is not passed to signVCard, its value is ", {
+          text: textBody
+        });
      }
-      const count = prepareVCardParts(parts);
+      const count = await prepareVCardParts(parts);
      if (count.textParts === 0) {
        return encodeResponse("400", "", "No text parts passed to signVCard");
      }
@@ -1616,17 +1656,21 @@ const connection = Penpal.connectToParent({
        parts,
        vCardAttribs,
        qrCodeImageData,
-        qrCodeCoordinates,
+        qrCodeCoordinates
      );
      if (signVCardResponse.code !== "200") {
        return encodeResponse("400", "", signVCardResponse.status);
      }
      const signedVCardImageData = new ImageData(signVCardResponse.data);
-      return encodeResponse("200", {
+      return encodeResponse(
-        image: signedVCardImageData,
+        "200",
-        messageUUID
+        {
-      }, "vCard signed");
+          image: signedVCardImageData,
+          messageUUID: messageUUID
+        },
+        "vCard signed"
+      );
    },
    // mime - String - the MIME of the email message
    // vCardAttribs - optional attributes for the verification procedure in format
@@ -1660,19 +1704,25 @@ const connection = Penpal.connectToParent({
      }
      const validationResult = validateVMimeResponse.data;
-      const {signatures} = validationResult;
+      const { signatures } = validationResult;
      if (signatures) {
        for (const signature of signatures) {
-          const certificateChain = signature.certificateChainPEM.map((certificatePEM) => {
+          const certificateChain = signature.certificateChainPEM.map(
-            const certificate = parseCertificate(certificatePEM);
+            certificatePEM => {
-            const certificateData = new CertificateData(certificate);
+              const certificate = parseCertificate(certificatePEM);
-            return certificateData;
+              const certificateData = new CertificateData(certificate);
-          });
+              return certificateData;
+            }
+          );
          signature.certificateChain = certificateChain;
        }
      }
-      return encodeResponse("200", validationResult, "Validation result retrieved");
+      return encodeResponse(
+        "200",
+        validationResult,
+        "Validation result retrieved"
+      );
    },
    generateQrCode,
    documentCreateDocument: async (passportUUID, path, contentType, title) => {
@@ -1980,7 +2030,10 @@ const connection = Penpal.connectToParent({
      const resourceID = createDocumentResult.data;
-      const accessTokenResponse = await wopiAPI.getAccessToken(passportUUID, resourceID);
+      const accessTokenResponse = await wopiAPI.getAccessToken(
+        passportUUID,
+        resourceID
+      );
      if (accessTokenResponse.data.code !== "200") {
        return accessTokenResponse.data;
@@ -2009,7 +2062,11 @@ const connection = Penpal.connectToParent({
        return encodeResponse("400", "", "Identity not authenticated");
      }
-      const response = await wopiAPI.getAccessToken(passportUUID, resourceID, contentType);
+      const response = await wopiAPI.getAccessToken(
+        passportUUID,
+        resourceID,
+        contentType
+      );
      return response.data;
    },

--- a/javascript/src/utilities/emailUtilities.js
+++ b/javascript/src/utilities/emailUtilities.js
@@ -17,8 +17,10 @@ import {
 } from "./signingUtilities";
 import {
  byteArrayToBase64,
-  stringToUtf8Base64
+  stringToUtf8Base64,
+  stringToUtf8ByteArray
 } from "./stringUtilities";
+import {getCrypto} from "pkijs";
 export const SIGNATURE_CONTENT_TYPE = "application/pkcs7-signature";
 export const DEFAULT_ATTACHMENT_NAME = "attachment";
@@ -150,14 +152,52 @@ const capitalizeFirstLetter = (s) => {
  return s.charAt(0).toUpperCase() + s.slice(1);
 };
-export function prepareVCardParts(parts) {
+async function sha256(array) {
-  if (!parts) {
+  const cryptoLib = getCrypto();
-    return;
+  const digestTmpBuf = await cryptoLib.digest({ name: "SHA-256" }, array);
+  const digestTmpArray = new Uint8Array(digestTmpBuf);
+  return digestTmpArray;
+}
+async function hashBody(part) {
+  const contentType = part.headers["Content-Type"];
+  const origContentType = part.headers["Original-Content-Type"];
+  if (!origContentType &&
+      !part.headers["Content-Type"].startsWith("application/hash") &&
+      !part.headers["Content-Type"].startsWith("text/plain") &&
+      !part.headers["Content-Type"].startsWith("text/html")) {
+    if (part.body) {
+      if (typeof part.body === "string") {
+        part.body = stringToUtf8ByteArray(part.body);
+      }
+      if (part.body instanceof ArrayBuffer) {
+        part.body = byteArrayToBase64(new Uint8Array(part.body));
+      }
+      if (!(part.body instanceof Uint8Array)) {
+        throw new Error('part body is neither string, nor Uint8Array, nor ArrayBuffer'); // should not happen
+      }
+      if (contentType) {
+        part.headers["Original-Content-Type"] = contentType;
+      }
+      part.headers["Content-Type"] = "application/hash; algorithm=SHA-256";
+      part.body = await sha256(part.body);
+    }
  }
+}
+export async function prepareVCardParts(parts) {
  const count = {
    textParts: 0,
    htmlParts: 0
  };
+  if (!parts) {
+    return count;
+  }
  for (const part of parts) {
    if (!part.headers) {
      part.headers = {
@@ -169,17 +209,18 @@ export function prepareVCardParts(parts) {
        capitalizedHeaders[capitalizeHeaderName(key)] = part.headers[key];
      }
      part.headers = capitalizedHeaders;
-      try {
+      if (!part.headers["Content-Type"]) {
+        part.headers["Content-Type"] = "application/octet-stream";
+      } else {
        if (part.headers["Content-Type"].startsWith("text/plain")) {
          count.textParts++;
        } else if (part.headers["Content-Type"].startsWith("text/html")) {
          count.htmlParts++;
        }
-      } catch (ignore) {
-        //ignore
      }
    }
    if (part.body) {
+      await hashBody(part);
      if (typeof part.body === "string") {
        part.body = stringToUtf8Base64(part.body);
      } else
@@ -193,7 +234,7 @@ export function prepareVCardParts(parts) {
      }
    }
    if (part.parts) {
-      const subcount = prepareVCardParts(part.parts);
+      const subcount = await prepareVCardParts(part.parts);
      count.textParts += subcount.textParts;
      count.htmlParts += subcount.htmlParts;
    }