var SECUINTER_LOCAL_MACHINE_STORE = 0;
var SECUINTER_CURRENT_USER_STORE= 1;
var SECUINTER_MY_STORE = 0;
var SECUINTER_OTHER_STORE= 1;
var SECUINTER_CA_STORE= 2;
var SECUINTER_ROOT_STORE= 3;
var SECUINTER_SHA1_ALGORITHM= 1;
var SECUINTER_ALGORITHM_RC2=0;
var SECUINTER_ALGORITHM_DES = 6;
var SECUINTER_CMS_ENCODE_BASE64=1;

function IsSecuInterInstalled()
{
	var oUtil = new ActiveXObject("SecuInter.Utilities");
	if(typeof(oUtil) == "object")
	{
		if( (oUtil.object != null) )
			return true;
	}

	return false;
}
/*根据姆印得到证书*/
function getCertByThumbprint(szThumbprint)
{	
	
	if (szThumbprint.length < 32)
	{
		alert("证书的姆印太短!");
		return null;
	}
	var oUtil;
	var MyStore;
	try
	{
		oUtil = new ActiveXObject("SecuInter.Utilities");
		MyStore = new ActiveXObject("SecuInter.Store");
	}
	catch (e)
	{
		alert("NetCA SecuInter没有安装");
		return null;
	}

	try
	{
		MyStore.Open(SECUINTER_CURRENT_USER_STORE,SECUINTER_MY_STORE);
	}
	catch(e)
	{
		alert("打开证书库失败\r\n"+e.description);
		return null;
	}
	var certs=MyStore.X509Certificates;
	MyStore.Close();
	MyStore = null;	

	for(i=0;i<certs.Count;i++)
	{	
		if(oUtil.BinaryToHex(certs.Item(i).Thumbprint(SECUINTER_SHA1_ALGORITHM)).toLowerCase() ==szThumbprint.toLowerCase() )
			return certs.Item(i);
	}

	return null;
}
/*选择证书,返回 X509Certificate*/
function getX509CertificateBySelect()
{	
	var oUtil;
	var MyStore;
	try
	{
		oUtil = new ActiveXObject("SecuInter.Utilities");
		MyStore = new ActiveXObject("SecuInter.Store");
	}
	catch (e)
	{
		alert("NetCA SecuInter没有安装");
		return null;
	}

	try
	{
		MyStore.Open(SECUINTER_CURRENT_USER_STORE,SECUINTER_MY_STORE);
	}
	catch (e)
	{
		alert("打开证书库失败\r\n"+e.description);
		return null;
	}
	var certs=MyStore.X509Certificates;
	MyStore.Close();
	MyStore = null;	
	if(certs.Count>0)
		return certs.SelectCertificate();
	
	return null;

}
/*选择证书,本地计算机
storeType:SECUINTER_MY_STORE=0(个人);SECUINTER_OTHER_STORE:1(其他人)
isSignCert:true(sign cert);false(env cert)
*/
function getX509Certificate(storeType,isSignCert)
{	
	var oUtil;
	var MyStore;
	try
	{
		oUtil = new ActiveXObject("SecuInter.Utilities");
		MyStore = new ActiveXObject("SecuInter.Store");
	}
	catch (e)
	{
		alert("NetCA SecuInter没有安装");
		return null;
	}

	try
	{
		MyStore.Open(SECUINTER_CURRENT_USER_STORE,storeType);
	}
	catch (e)
	{
		alert("打开证书库失败\r\n"+e.description);
		return null;
	}
	var certs=MyStore.X509Certificates;
	MyStore.Close();
	MyStore = null;	
	
	var MyCerts = new ActiveXObject("SecuInter.X509Certificates");
	for(i=0;i<certs.Count;i++)
	{
		//check issuer
		issuer=certs.Item(i).Issuer;
        if(issuer.indexOf("CN=NETCA")<0)	//not netca
			continue;
		//check key usage
        var iKeyUsage=certs.Item(i).KeyUsage;
        if(iKeyUsage==-1)//测试行证书
        	MyCerts.add(certs.Item(i));	
        else
        {
			if(isSignCert==true)
			{
				if(iKeyUsage%2==1&&iKeyUsage%4>=2)
					MyCerts.add(certs.Item(i));
			}
			else
			{
				if(iKeyUsage%8>=4)
					MyCerts.add(certs.Item(i));	
			}
		}
	}
	if(MyCerts.Count==0)
	{
		if(window.confirm("没有找到NETCA签发的证书,\r\n请插入相应的Ekey再按确定")==true)
			return getX509Certificate(storeType,isSignCert);
		else
			return null;
	}
	//select cert
	if(MyCerts.Count>0)
	 	return MyCerts.SelectCertificate();

	return null;
}
function getCertInfo()
{	
	var cert=getX509Certificate(SECUINTER_MY_STORE,true);
	if(cert==null)return;

	var oUtil;
	try
	{
		oUtil = new ActiveXObject("SecuInter.Utilities");
	}
	catch (e)
	{
		alert("NetCA SecuInter没有安装");
		return null;
	}
	cert.Display();
	/*
	alert("证书的Thrumb:   "+oUtil.BinaryToHex(cert.Thumbprint(SECUINTER_SHA1_ALGORITHM)) );
	alert("证书颁发者::"+cert.Issuer);
	alert("证书序列号::"+cert.SerialNumber);
	alert("证书主题::"+cert.Subject);
	alert("KeyUsage:   "+cert.KeyUsage);
	alert("Subject的Email:   "+cert.GetInfo(2));
	alert("Subject的名字:   "+cert.GetInfo(0));
	alert("Subject的UPN:   "+cert.GetInfo(2));
	*/
}

function sign(bContent)
{	
	var oCert=getX509Certificate(SECUINTER_MY_STORE,true);
	if(oCert==null)
		return null;

	var oSigner = new ActiveXObject("SecuInter.Signer");
	var oSignedData = new ActiveXObject("SecuInter.SignedData");

    oSigner.Certificate = oCert;
    oSigner.HashAlgorithm = SECUINTER_SHA1_ALGORITHM ;
    oSigner.UseSigningCertificateAttribute = false;
    oSigner.UseSigningTime = false;
    oSignedData.content = bContent;
    oSignedData.Detached = false;

    var arrRT = oSignedData.sign(oSigner, SECUINTER_CMS_ENCODE_BASE64)
   
	oSignedData = null;
	oSigner = null;
    return arrRT;
}

function signStr(strContent)
{
   	var util;
	try
	{
		util = new ActiveXObject("SecuInter.Utilities");
	}
	catch (e)
	{
		alert("NetCA SecuInter没有安装");
		return null;
	}
	var bCnt= util.StringtoByteArray(strContent);
	return sign(bCnt);
}
/*
校验签名
返回：true为成功；false为失败
*/
function verify(bContent,bSignData)
{	
   	var oSigner;
   	var oSignedData;
   	var oUtil;

	try
	{
		oSigner = new ActiveXObject("SecuInter.Signer");
		oSignedData = new ActiveXObject("SecuInter.SignedData");
		oUtil = new ActiveXObject("SecuInter.Utilities");
	}
	catch(e)
	{
		alert("NetCA SecuInter没有安装");
		return false;
	}
   	if(oSignedData.verify(bSignData,0) == false)
   	{
		alert("签名校验失败!");
   		return false;
	}
   	if(oUtil.ByteArraytoString(bContent) != oUtil.ByteArraytoString(oSignedData.content))
   	{
		alert("内容校验失败!");
   		return false;
   	}
	//display the sign certificates
	/*
	var iCertCount = oSignedData.Signers.Count;
	for(var i=0; i<=iCertCount-1; i++)
		oSignedData.Signers.Item(i).Certificate.Display();
	*/
	oSignedData = null;
	oSigner = null;
	oUtil=null;
	return true;
}
function env(bContent,oCert)
{	
	
   	var oEnv ;
	try
	{
		oEnv = new ActiveXObject("SecuInter.EnvelopedData");
	}
	catch (e)
	{
		alert("NetCA SecuInter没有安装");
		return null;
	}

    oEnv.Algorithm = SECUINTER_ALGORITHM_RC2;
    oEnv.Recipients.Add(oCert);
    oEnv.content = bContent ;
    var arrRT = oEnv.encrypt(SECUINTER_CMS_ENCODE_BASE64);
	oEnv = null;
    return arrRT;
}
function dev(bEnvData)
{	
   	var oEnv ;
	try
	{
		oEnv = new ActiveXObject("SecuInter.EnvelopedData");
	}
	catch (e)
	{
		alert("NetCA SecuInter没有安装");
		return null;
	}
   	oEnv.decrypt(bEnvData);
	var arrRt=oEnv.content;

	oEnv = null;
	return arrRt;
}