1 /** 2 * --------- 3 * |.##> <##.| SmartCard-HSM Support Scripts 4 * |# #| 5 * |# #| Copyright (c) 2016 CardContact Systems GmbH 6 * |'##> <##'| 32429 Minden, Germany (www.cardcontact.de) 7 * --------- 8 * 9 * This file is part of OpenSCDP. 10 * 11 * OpenSCDP is free software; you can redistribute it and/or modify 12 * it under the terms of the GNU General Public License version 2 as 13 * published by the Free Software Foundation. 14 * 15 * OpenSCDP is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 * GNU General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License 21 * along with OpenSCDP; if not, write to the Free Software 22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 23 * 24 * @fileoverview Online-CA Connection 25 */ 26 27 28 29 /** 30 * Creates a web service connector to access an online CA 31 * 32 * @class Class implementing a CA web service connector 33 * @constructor 34 * @param {String} url the web service endpoint 35 */ 36 function CAConnection(url) { 37 this.url = url; 38 this.soapcon = new SOAPConnection(); 39 this.verbose = true; 40 this.lastReturnCode = null; 41 } 42 43 exports.CAConnection = CAConnection; 44 45 46 /** 47 * Get the last return code 48 * 49 * @returns the last return code received or null if none defined 50 * @type String 51 */ 52 CAConnection.prototype.getLastReturnCode = function() { 53 return this.lastReturnCode; 54 } 55 56 57 58 /** 59 * Gets the last request 60 * 61 * @returns the last request 62 * @type XML 63 */ 64 CAConnection.prototype.getLastRequest = function() { 65 return this.request; 66 } 67 68 69 70 /** 71 * Gets the last response 72 * 73 * @returns the last response 74 * @type XML 75 */ 76 CAConnection.prototype.getLastResponse = function() { 77 return this.response; 78 } 79 80 81 82 /** 83 * Close the connector and release allocated resources 84 */ 85 CAConnection.prototype.close = function() { 86 this.soapcon.close(); 87 } 88 89 90 91 /** 92 * Request a certificate from the CA using a web service 93 * 94 * @param {ByteString} certreq the certificate request 95 * @param {String} messageID the messageID for asynchronous requests (optional) 96 * @param {String} responseURL the URL to which the asynchronous response is send (optional) 97 * @returns the new certificates 98 * @type ByteString[] 99 */ 100 CAConnection.prototype.requestCertificate = function(certreq, devicecert, commonName, eMailAddress, activationCode) { 101 102 this.lastReturnCode = null; 103 104 var soapConnection = new SOAPConnection(); 105 106 var ns = new Namespace("http://www.openscdp.org/CAService"); 107 108 var request = 109 <ns:RequestCertificate xmlns:ns={ns}> 110 <CertificateSigningRequest>{certreq.toString(BASE64)}</CertificateSigningRequest> 111 <DeviceCertificate>{devicecert.toString(BASE64)}</DeviceCertificate> 112 <CommonName>{commonName}</CommonName> 113 <eMailAddress>{eMailAddress}</eMailAddress> 114 </ns:RequestCertificate> 115 116 if (activationCode) { 117 request.eMailAddress += <ActivationCode>{activationCode}</ActivationCode>; 118 } 119 120 if (this.verbose) { 121 GPSystem.trace(request.toXMLString()); 122 } 123 124 this.request = request; 125 126 try { 127 var response = this.soapcon.call(this.url, request); 128 if (this.verbose) { 129 GPSystem.trace(response.toXMLString()); 130 } 131 } 132 catch(e) { 133 GPSystem.trace("SOAP call to " + this.url + " failed : " + e); 134 throw new GPError("CAConnection", GPError.DEVICE_ERROR, 0, "RequestCertificate failed with : " + e); 135 } 136 137 this.response = response; 138 139 var certlist = []; 140 141 this.lastReturnCode = response.ReturnCode.toString(); 142 143 if (this.lastReturnCode != "ok") { 144 return null; 145 } 146 147 GPSystem.trace("Received certificates:"); 148 for each (var c in response.Certificates.Certificate) { 149 var cert = new ByteString(c, BASE64); 150 certlist.push(cert); 151 GPSystem.trace(cert); 152 } 153 154 return certlist; 155 } 156