1 /** 2 * --------- 3 * |.##> <##.| Open Smart Card Development Platform (www.openscdp.org) 4 * |# #| 5 * |# #| Copyright (c) 1999-2010 CardContact Software & System Consulting 6 * |'##> <##'| Andreas Schwier, 32429 Minden, Germany (www.cardcontact.de) 7 * --------- 8 * 9 * This file is part of OpenSCDP. 10 * 11 * OpenSCDP is free software; you can redistribute it and/or modify 12 * it under the terms of the GNU General Public License version 2 as 13 * published by the Free Software Foundation. 14 * 15 * OpenSCDP is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 * GNU General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License 21 * along with OpenSCDP; if not, write to the Free Software 22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 23 * 24 * @fileoverview Connector implementing a web service interface to a DVCA as defined in TR-03129 25 */ 26 27 28 load("cvc.js"); 29 30 31 /** 32 * Creates a web service connector to access services of a DVCA as defined in TR-03129 33 * 34 * @class Class implementing a DVCA web service connector 35 * @constructor 36 * @param {String} url the web service endpoint 37 */ 38 function DVCAConnection(url) { 39 this.url = url; 40 this.soapcon = new SOAPConnection(SOAPConnection.SOAP11); 41 this.verbose = true; 42 this.lastError = null; 43 } 44 45 46 47 /** 48 * Get the last error return code 49 * 50 * @returns the last error return code received or null if none defined 51 * @type String 52 */ 53 DVCAConnection.prototype.getLastError = function() { 54 return this.lastError; 55 } 56 57 58 59 /** 60 * Close the connector and release allocated resources 61 */ 62 DVCAConnection.prototype.close = function() { 63 this.soapcon.close(); 64 } 65 66 67 68 /** 69 * Obtain a list of certificates from the DVCA 70 * 71 * @returns a lists of card verifiable certificates from the DVCA or null in case of error 72 * @type CVC[] 73 */ 74 DVCAConnection.prototype.getCACertificates = function() { 75 76 this.lastError = null; 77 78 var ns = new Namespace("uri:EAC-PKI-DV-Protocol/1.0"); 79 var ns1 = new Namespace("uri:eacBT/1.0"); 80 81 var request = 82 <ns:GetCACertificates xmlns:ns={ns} xmlns:ns1={ns1}> 83 <callbackIndicator>callback_not_possible</callbackIndicator> 84 <messageID> 85 </messageID> 86 <responseURL> 87 </responseURL> 88 </ns:GetCACertificates>; 89 90 if (this.verbose) { 91 GPSystem.trace(request.toXMLString()); 92 } 93 94 try { 95 var response = this.soapcon.call(this.url, request); 96 if (this.verbose) { 97 GPSystem.trace(response.toXMLString()); 98 } 99 } 100 catch(e) { 101 GPSystem.trace("SOAP call to " + this.url + " failed : " + e); 102 throw new GPError("DVCAConnection", GPError.DEVICE_ERROR, 0, "getCACertificates failed with : " + e); 103 } 104 105 var certlist = []; 106 107 if (response.Result.ns1::returnCode.toString() == "ok_cert_available") { 108 GPSystem.trace("Received certificates from DVCA:"); 109 for each (var c in response.Result.ns1::certificateSeq.ns1::certificate) { 110 var cvc = new CVC(new ByteString(c, BASE64)); 111 certlist.push(cvc); 112 GPSystem.trace(cvc); 113 } 114 } else { 115 this.lastError = response.Result.ns1::returnCode.toString(); 116 return null; 117 } 118 119 return certlist; 120 } 121 122 123 124 /** 125 * Request a certificate from the parent CA using a web service 126 * 127 * @param {CVC} certreq the certificate request 128 * @returns the new certificates 129 * @type CVC[] 130 */ 131 DVCAConnection.prototype.requestCertificate = function(certreq) { 132 133 var soapConnection = new SOAPConnection(); 134 135 var ns = new Namespace("uri:EAC-PKI-DV-Protocol/1.0"); 136 var ns1 = new Namespace("uri:eacBT/1.0"); 137 138 var request = 139 <ns:RequestCertificate xmlns:ns={ns} xmlns:ns1={ns1}> 140 <callbackIndicator>callback_not_possible</callbackIndicator> 141 <messageID> 142 </messageID> 143 <responseURL> 144 </responseURL> 145 <certReq>{certreq.getBytes().toString(BASE64)}</certReq> 146 </ns:RequestCertificate> 147 148 if (this.verbose) { 149 GPSystem.trace(request.toXMLString()); 150 } 151 152 try { 153 var response = this.soapcon.call(this.url, request); 154 if (this.verbose) { 155 GPSystem.trace(response.toXMLString()); 156 } 157 } 158 catch(e) { 159 GPSystem.trace("SOAP call to " + this.url + " failed : " + e); 160 throw new GPError("DVCAConnection", GPError.DEVICE_ERROR, 0, "RequestCertificate failed with : " + e); 161 } 162 163 var certlist = []; 164 165 if (response.Result.ns1::returnCode.substr(0, 3) == "ok_") { 166 GPSystem.trace("Received certificates from DVCA:"); 167 for each (var c in response.Result.ns1::certificateSeq.ns1::certificate) { 168 var cvc = new CVC(new ByteString(c, BASE64)); 169 certlist.push(cvc); 170 GPSystem.trace(cvc); 171 } 172 } else { 173 this.lastError = response.Result.ns1::returnCode.toString(); 174 return null; 175 } 176 177 return certlist; 178 } 179 180 181 182 /** 183 * Send a certificate to the DVCA 184 * 185 * @param {CVC[]} cert the list of certificates to post 186 */ 187 DVCAConnection.prototype.sendCertificates = function(certificates, messageID, statusInfo) { 188 189 var soapConnection = new SOAPConnection(); 190 191 var ns = new Namespace("uri:EAC-PKI-DV-Protocol/1.0"); 192 var ns1 = new Namespace("uri:eacBT/1.0"); 193 194 var request = 195 <ns:SendCertificates xmlns:ns={ns} xmlns:ns1={ns1}> 196 <messageID>{messageID}</messageID> 197 <statusInfo>{statusInfo}</statusInfo> 198 <certificateSeq> 199 </certificateSeq> 200 </ns:SendCertificates>; 201 202 var list = request.certificateSeq; 203 204 for (var i = 0; i < certificates.length; i++) { 205 var cvc = certificates[i]; 206 list.certificate += <ns1:certificate xmlns:ns1={ns1}>{cvc.getBytes().toString(BASE64)}</ns1:certificate> 207 } 208 209 if (this.verbose) { 210 GPSystem.trace(request.toXMLString()); 211 } 212 213 try { 214 var response = this.soapcon.call(this.url, request); 215 if (this.verbose) { 216 GPSystem.trace(response.toXMLString()); 217 } 218 } 219 catch(e) { 220 GPSystem.trace("SOAP call to " + this.url + " failed : " + e); 221 throw new GPError("DVCAConnection", GPError.DEVICE_ERROR, 0, "SendCertificates failed with : " + e); 222 } 223 224 if (response.Result.ns1::returnCode.substr(0, 3) != "ok_") { 225 this.lastError = response.Result.ns1::returnCode.toString(); 226 } 227 } 228 229 230 231 DVCAConnection.test = function() { 232 var c = new DVCAConnection("http://localhost:8080/se/dvca"); 233 c.verbose = true; 234 var certlist = c.getCACertificates(); 235 } 236