Use timestamp servers when signing files (close #10)

3 years ago · 01531ba7b9
parent c5688d4a0f
commit 01531ba7b9
3 changed files with 81 additions and 29 deletions
--- a/src/index.html
+++ b/src/index.html
@ -198,6 +198,7 @@ file, You can obtain one at http://mozilla.org/MPL/2.0/.
 <script src="node_modules/jspdf/dist/jspdf.umd.min.js"></script>
 <script src="node_modules/signature_pad/dist/signature_pad.umd.min.js"></script>
 <script src="js/kbpgp-2.1.15.js"></script>
+<script src="js/opentimestamps.min.js"></script>
 <script src="js/svg-to-image.js"></script>
 <script src="js/data.js"></script>
 <script src="js/util.js"></script>
--- a/src/js/opentimestamps.min.js
+++ b/src/js/opentimestamps.min.js
--- a/src/js/pdf.js
+++ b/src/js/pdf.js
@ -68,18 +68,21 @@ function analyzeSignedPDF() {

        var pdfhash = calculateSHA256HashOfString(pdfdata);

-        verifyMessage(sigdata, function (msg, fprint) {
-            parseAndDisplaySignature(msg, pdfhash, true, fprint);
-        }, function (err) {
-            var base64 = sigdata.split("\n\n", 2)[1].split("\n-----END PGP MESSAGE-----")[0];
-            base64 = base64.substring(0, base64.lastIndexOf("\n")).replaceAll("\n", "");
-            try {
-                var msg = atob(base64).split("START", 2)[1].split("END", 2)[0];
-                parseAndDisplaySignature(msg, pdfhash, false, null);
-            } catch (ex) {
-                console.error(ex);
-                alert("Error: could not parse signature data.");
-            }
+        loadKeyFromLocalStorage(function () {
+            verifyMessage(sigdata, function (msg, fprint) {
+                parseAndDisplaySignature(msg, pdfhash, true, fprint);
+            }, function (err) {
+                console.error(err);
+                var base64 = sigdata.split("\n\n", 2)[1].split("\n-----END PGP MESSAGE-----")[0];
+                base64 = base64.substring(0, base64.lastIndexOf("\n")).replaceAll("\n", "");
+                try {
+                    var msg = window.atob(base64).split("START", 2)[1].split("END", 2)[0];
+                    parseAndDisplaySignature(msg, pdfhash, false, null);
+                } catch (ex) {
+                    console.error(ex);
+                    alert("Error: could not parse signature data.");
+                }
+            });
        });

        pdfjsLib.getDocument(pdf).promise.then(function (pdfDoc_) {
@ -112,7 +115,7 @@ function parseAndDisplaySignature(msg, pdfhash, verified, fingerprint) {
                $("#verifyModalStatusMessage").html("<i class=\"fas fa-question-circle\"></i> File contents match signature; however, \
 could not verify signature authenticity. It's possible the file was changed then re-signed by an unknown person. If you have the \
 public key file for the notary that signed the file, <span class=\"btn btn-outline-secondary btn-sm\"onclick=\"openPublicKeyFile()\">click here</span> to use it, \
-then try running the analyze tool again.");
+then run the analyze tool again to prove if it was changed since notarization.");
                $("#verifyModalStatusMessage").removeClass();
                $("#verifyModalStatusMessage").addClass(["alert", "alert-warning"]);
            }
@ -138,6 +141,33 @@ then try running the analyze tool again.");
    if (typeof msgparts["STATE"] == "string") {
        $("#verifyModalDetailedInfoList").append('<li class="list-group-item"><i class="fas fa-map-marked-alt fa-fw"></i> State: ' + sanitizeHTMLString(msgparts["STATE"]).toUpperCase() + '</li>');
    }
+    if (typeof msgparts["OTS"] == "string") {
+        var bytearray = [];
+        var bytestrarray = msgparts["OTS"].match(/.{1,3}/g);
+        for (var i = 0; i < bytestrarray.length; i++) {
+            bytearray.push(bytestrarray[i] * 1);
+        }
+        const detached = OpenTimestamps.DetachedTimestampFile.fromHash(new OpenTimestamps.Ops.OpSHA256(), Uint8Array.from(Buffer.from(pdfhash, 'hex')));
+        const detachedOts = OpenTimestamps.DetachedTimestampFile.deserialize(bytearray);
+        let options = {};
+        OpenTimestamps.verify(detachedOts, detached, options).then(verifyResult => {
+            console.log(verifyResult);
+            if (typeof verifyResult != "undefined") {
+                if (typeof verifyResult.bitcoin != undefined) {
+                    $("#verifyModalDetailedInfoList").append('<li class="list-group-item"><i class="fas fa-clock fa-fw"></i> Signing time independently verified on the Bitcoin blockchain. Signed at ' + formatTimestamp("F j, Y g:i a", verifyResult.bitcoin.timestamp) + '</li>');
+                }
+                if (typeof verifyResult.litecoin != undefined) {
+                    $("#verifyModalDetailedInfoList").append('<li class="list-group-item"><i class="fas fa-clock fa-fw"></i> Signing time independently verified on the Litecoin blockchain. Signed at ' + formatTimestamp("F j, Y g:i a", verifyResult.bitcoin.timestamp) + '</li>');
+                }
+            }
+        });
+    }
+
+    $("#verifyModalDetailedInfoList").append('<li class="list-group-item"><i class="far fa-file fa-fw"></i> Actual file hash: ' + pdfhash + '</li>');
+
+    if (typeof msgparts["HASH"] == "string") {
+        $("#verifyModalDetailedInfoList").append('<li class="list-group-item"><i class="far fa-file fa-fw"></i> Signed file hash: ' + sanitizeHTMLString(msgparts["HASH"]) + '</li>');
+    }

    if (typeof fingerprint == "string") {
        $("#verifyModalDetailedInfoList").append('<li class="list-group-item"><i class="fas fa-fingerprint fa-fw"></i> Signature fingerprint: ' + fingerprint + '</li>');
@ -190,23 +220,42 @@ function getPDFAsByteArray(pdf) {

 function makeAndSaveSignedPDF(pdf, savepath, callback) {
    var pdfbuffer = pdf.output("arraybuffer");
-    var hashstr = calculateSHA256HashOfBuffer(pdfbuffer);
-    var message = "START"
-            + "\nHASH:" + hashstr
-            + "\nDATE:" + time()
-            + "\nNOTARY:" + getStorage("notary_name")
-            + "\nSTATE:" + getStorage("notary_state")
-            + "\nEND\n";
-    signMessage(message, keymgr, function (sig) {
-        writeToFile(savepath, Buffer.from(pdfbuffer));
-        appendToFile(savepath, sig);
-
-        //writeToFile(savepath + ".notsigned.pdf", Buffer.from(pdfbuffer));
-        writeToFile(savepath + ".sig", sig);
-        callback({
-            signature: sig,
-            hash: hashstr
+    const hashstr = calculateSHA256HashOfBuffer(pdfbuffer);
+
+    var detached = OpenTimestamps.DetachedTimestampFile.fromHash(new OpenTimestamps.Ops.OpSHA256(), Uint8Array.from(Buffer.from(hashstr, 'hex')));
+    var otsbytes = "";
+
+    var sign = function () {
+        var message = "START"
+                + "\nHASH:" + hashstr
+                + "\nDATE:" + time()
+                + (otsbytes != "" ? "\nOTS:" + otsbytes : "")
+                + "\nNOTARY:" + getStorage("notary_name")
+                + "\nSTATE:" + getStorage("notary_state")
+                + "\nEND\n";
+        signMessage(message, keymgr, function (sig) {
+            writeToFile(savepath, Buffer.from(pdfbuffer));
+            appendToFile(savepath, sig);
+
+            //writeToFile(savepath + ".notsigned.pdf", Buffer.from(pdfbuffer));
+            writeToFile(savepath + ".sig", sig);
+            callback({
+                signature: sig,
+                hash: hashstr
+            });
        });
+    };
+
+    OpenTimestamps.stamp(detached).then(() => {
+        var bytearray = detached.serializeToBytes();
+        var bytestr = "";
+        for (var i = 0; i < bytearray.length; i++) {
+            bytestr += (bytearray[i] + "").padStart(3, "0");
+        }
+        otsbytes = bytestr;
+        sign();
+    }).catch(() => {
+        sign();
    });
 }