1 /** 2 * --------- 3 * |.##> <##.| Open Smart Card Development Platform (www.openscdp.org) 4 * |# #| 5 * |# #| Copyright (c) 1999-2010 CardContact Software & System Consulting 6 * |'##> <##'| Andreas Schwier, 32429 Minden, Germany (www.cardcontact.de) 7 * --------- 8 * 9 * This file is part of OpenSCDP. 10 * 11 * OpenSCDP is free software; you can redistribute it and/or modify 12 * it under the terms of the GNU General Public License version 2 as 13 * published by the Free Software Foundation. 14 * 15 * OpenSCDP is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 * GNU General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License 21 * along with OpenSCDP; if not, write to the Free Software 22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 23 * 24 * @fileoverview Connector implementing a web service interface to a CVCA as defined in TR-03129 25 */ 26 27 28 load("cvc.js"); 29 30 31 /** 32 * Creates a web service connector to access services of a CVCA as defined in TR-03129 33 * 34 * @class Class implementing a CVCA web service connector 35 * @constructor 36 * @param {String} url the web service endpoint 37 */ 38 function CVCAConnection(url) { 39 this.url = url; 40 this.soapcon = new SOAPConnection(SOAPConnection.SOAP11); 41 this.verbose = true; 42 this.lastError = null; 43 } 44 45 46 47 /** 48 * Get the last error return code 49 * 50 * @returns the last error return code received or null if none defined 51 * @type String 52 */ 53 CVCAConnection.prototype.getLastError = function() { 54 return this.lastError; 55 } 56 57 58 59 /** 60 * Close the connector and release allocated resources 61 */ 62 CVCAConnection.prototype.close = function() { 63 this.soapcon.close(); 64 } 65 66 67 68 /** 69 * Obtain a list of certificates from the CVCA 70 * 71 * @returns a lists of card verifiable certificates from the CVCA or null in case of error 72 * @type CVC[] 73 */ 74 CVCAConnection.prototype.getCACertificates = function() { 75 76 this.lastError = null; 77 78 var ns = new Namespace("uri:EAC-PKI-CVCA-Protocol/1.0"); 79 var ns1 = new Namespace("uri:eacBT/1.0"); 80 81 var request = 82 <ns:GetCACertificates xmlns:ns={ns} xmlns:ns1={ns1}> 83 <callbackIndicator>callback_not_possible</callbackIndicator> 84 <messageID> 85 </messageID> 86 <responseURL> 87 </responseURL> 88 </ns:GetCACertificates>; 89 90 if (this.verbose) { 91 GPSystem.trace(request.toXMLString()); 92 } 93 94 try { 95 var response = this.soapcon.call(this.url, request); 96 if (this.verbose) { 97 GPSystem.trace(response.toXMLString()); 98 } 99 } 100 catch(e) { 101 GPSystem.trace("SOAP call to " + this.url + " failed : " + e); 102 throw new GPError("CVCAConnection", GPError.DEVICE_ERROR, 0, "getCACertificates failed with : " + e); 103 } 104 105 var certlist = []; 106 107 if (response.Result.ns1::returnCode.toString() == "ok_cert_available") { 108 GPSystem.trace("Received certificates from CVCA:"); 109 for each (var c in response.Result.ns1::certificateSeq.ns1::certificate) { 110 var cvc = new CVC(new ByteString(c, BASE64)); 111 certlist.push(cvc); 112 GPSystem.trace(cvc); 113 } 114 } else { 115 this.lastError = response.Result.ns1::returnCode.toString(); 116 return null; 117 } 118 119 return certlist; 120 } 121 122 123 124 /** 125 * Request a certificate from the parent CA using a web service 126 * 127 * @param {ServiceRequest} serviceRequest the underlying request 128 * @returns the new certificates 129 * @type CVC[] 130 */ 131 CVCAConnection.prototype.requestCertificate = function(certreq) { 132 133 var soapConnection = new SOAPConnection(); 134 135 var ns = new Namespace("uri:EAC-PKI-CVCA-Protocol/1.0"); 136 var ns1 = new Namespace("uri:eacBT/1.0"); 137 138 var request = 139 <ns:RequestCertificate xmlns:ns={ns} xmlns:ns1={ns1}> 140 <callbackIndicator>callback_not_possible</callbackIndicator> 141 <messageID> 142 </messageID> 143 <responseURL> 144 </responseURL> 145 <certReq>{certreq.getBytes().toString(BASE64)}</certReq> 146 </ns:RequestCertificate> 147 148 if (this.verbose) { 149 GPSystem.trace(request.toXMLString()); 150 } 151 152 try { 153 var response = this.soapcon.call(this.url, request); 154 if (this.verbose) { 155 GPSystem.trace(response.toXMLString()); 156 } 157 } 158 catch(e) { 159 GPSystem.trace("SOAP call to " + this.url + " failed : " + e); 160 throw new GPError("CVCAConnection", GPError.DEVICE_ERROR, 0, "RequestCertificate failed with : " + e); 161 } 162 163 var certlist = []; 164 165 if (response.Result.ns1::returnCode.substr(0, 3) == "ok_") { 166 GPSystem.trace("Received certificates from CVCA:"); 167 for each (var c in response.Result.ns1::certificateSeq.ns1::certificate) { 168 var cvc = new CVC(new ByteString(c, BASE64)); 169 certlist.push(cvc); 170 GPSystem.trace(cvc); 171 } 172 } else { 173 this.lastError = response.Result.ns1::returnCode.toString(); 174 return null; 175 } 176 177 return certlist; 178 } 179 180 181 182 CVCAConnection.test = function() { 183 var c = new CVCAConnection("http://localhost:8080/se/cvca