1 /**
  2  *  ---------
  3  * |.##> <##.|  Open Smart Card Development Platform (www.openscdp.org)
  4  * |#       #|  
  5  * |#       #|  Copyright (c) 1999-2010 CardContact Software & System Consulting
  6  * |'##> <##'|  Andreas Schwier, 32429 Minden, Germany (www.cardcontact.de)
  7  *  --------- 
  8  *
  9  *  This file is part of OpenSCDP.
 10  *
 11  *  OpenSCDP is free software; you can redistribute it and/or modify
 12  *  it under the terms of the GNU General Public License version 2 as
 13  *  published by the Free Software Foundation.
 14  *
 15  *  OpenSCDP is distributed in the hope that it will be useful,
 16  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 17  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 18  *  GNU General Public License for more details.
 19  *
 20  *  You should have received a copy of the GNU General Public License
 21  *  along with OpenSCDP; if not, write to the Free Software
 22  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 23  *
 24  * @fileoverview Connector implementing a web service interface to a DVCA as defined in TR-03129
 25  */
 26 
 27 
 28 load("cvc.js");
 29 
 30 
 31 /**
 32  * Creates a web service connector to access services of a DVCA as defined in TR-03129
 33  *
 34  * @class Class implementing a DVCA web service connector
 35  * @constructor
 36  * @param {String} url the web service endpoint
 37  */
 38 function DVCAConnection(url) {
 39 	this.url = url;
 40 	this.soapcon = new SOAPConnection(SOAPConnection.SOAP11);
 41 	this.verbose = true;
 42 	this.lastError = null;
 43 }
 44 
 45 
 46 
 47 /**
 48  * Get the last error return code
 49  *
 50  * @returns the last error return code received or null if none defined
 51  * @type String
 52  */
 53 DVCAConnection.prototype.getLastError = function() {
 54 	return this.lastError;
 55 }
 56 
 57 
 58 
 59 /**
 60  * Close the connector and release allocated resources
 61  */
 62 DVCAConnection.prototype.close = function() {
 63 	this.soapcon.close();
 64 }
 65 
 66 
 67 
 68 /**
 69  * Obtain a list of certificates from the DVCA
 70  *
 71  * @returns a lists of card verifiable certificates from the DVCA or null in case of error
 72  * @type CVC[]
 73  */
 74 DVCAConnection.prototype.getCACertificates = function() {
 75 	
 76 	this.lastError = null;
 77 
 78 	var ns = new Namespace("uri:EAC-PKI-DV-Protocol/1.0");
 79 	var ns1 = new Namespace("uri:eacBT/1.0");
 80 
 81 	var request =
 82 		<ns:GetCACertificates xmlns:ns={ns} xmlns:ns1={ns1}>
 83 			<callbackIndicator>callback_not_possible</callbackIndicator>
 84 			<messageID>
 85 			</messageID>
 86 			<responseURL>
 87 			</responseURL>
 88 		</ns:GetCACertificates>;
 89 
 90 	if (this.verbose) {
 91 		GPSystem.trace(request.toXMLString());
 92 	}
 93 
 94 	try	 {
 95 		var response = this.soapcon.call(this.url, request);
 96 		if (this.verbose) {
 97 			GPSystem.trace(response.toXMLString());
 98 		}
 99 	}
100 	catch(e) {
101 		GPSystem.trace("SOAP call to " + this.url + " failed : " + e);
102 		throw new GPError("DVCAConnection", GPError.DEVICE_ERROR, 0, "getCACertificates failed with : " + e);
103 	}
104 	
105 	var certlist = [];
106 
107 	if (response.Result.ns1::returnCode.toString() == "ok_cert_available") {
108 		GPSystem.trace("Received certificates from DVCA:");
109 		for each (var c in response.Result.ns1::certificateSeq.ns1::certificate) {
110 			var cvc = new CVC(new ByteString(c, BASE64));
111 			certlist.push(cvc);
112 			GPSystem.trace(cvc);
113 		}
114 	} else {
115 		this.lastError = response.Result.ns1::returnCode.toString();
116 		return null;
117 	}
118 
119 	return certlist;
120 }
121 
122 
123 
124 /**
125  * Request a certificate from the parent CA using a web service
126  *
127  * @param {CVC} certreq the certificate request
128  * @returns the new certificates
129  * @type CVC[]
130  */
131 DVCAConnection.prototype.requestCertificate = function(certreq) {
132 
133 	var soapConnection = new SOAPConnection();
134 
135 	var ns = new Namespace("uri:EAC-PKI-DV-Protocol/1.0");
136 	var ns1 = new Namespace("uri:eacBT/1.0");
137 
138 	var request =
139 		<ns:RequestCertificate xmlns:ns={ns} xmlns:ns1={ns1}>
140 			<callbackIndicator>callback_not_possible</callbackIndicator>
141 			<messageID>
142 			</messageID>
143 			<responseURL>
144 			</responseURL>
145 			<certReq>{certreq.getBytes().toString(BASE64)}</certReq>
146 		</ns:RequestCertificate>
147 
148 	if (this.verbose) {
149 		GPSystem.trace(request.toXMLString());
150 	}
151 
152 	try	{
153 		var response = this.soapcon.call(this.url, request);
154 		if (this.verbose) {
155 			GPSystem.trace(response.toXMLString());
156 		}
157 	}
158 	catch(e) {
159 		GPSystem.trace("SOAP call to " + this.url + " failed : " + e);
160 		throw new GPError("DVCAConnection", GPError.DEVICE_ERROR, 0, "RequestCertificate failed with : " + e);
161 	}
162 	
163 	var certlist = [];
164 
165 	if (response.Result.ns1::returnCode.substr(0, 3) == "ok_") {
166 		GPSystem.trace("Received certificates from DVCA:");
167 		for each (var c in response.Result.ns1::certificateSeq.ns1::certificate) {
168 			var cvc = new CVC(new ByteString(c, BASE64));
169 			certlist.push(cvc);
170 			GPSystem.trace(cvc);
171 		}
172 	} else {
173 		this.lastError = response.Result.ns1::returnCode.toString();
174 		return null;
175 	}
176 
177 	return certlist;
178 }
179 
180 
181 
182 /**
183  * Send a certificate to the DVCA
184  *
185  * @param {CVC[]} cert the list of certificates to post
186  */
187 DVCAConnection.prototype.sendCertificates = function(certificates, messageID, statusInfo) {
188 
189 	var soapConnection = new SOAPConnection();
190 
191 	var ns = new Namespace("uri:EAC-PKI-DV-Protocol/1.0");
192 	var ns1 = new Namespace("uri:eacBT/1.0");
193 
194 	var request =
195 		<ns:SendCertificates xmlns:ns={ns} xmlns:ns1={ns1}>
196 			<messageID>{messageID}</messageID>
197 			<statusInfo>{statusInfo}</statusInfo>
198 			<certificateSeq>
199 			</certificateSeq>
200 		</ns:SendCertificates>;
201 
202 	var list = request.certificateSeq;
203 
204 	for (var i = 0; i < certificates.length; i++) {
205 		var cvc = certificates[i];
206 		list.certificate += <ns1:certificate xmlns:ns1={ns1}>{cvc.getBytes().toString(BASE64)}</ns1:certificate>
207 	}
208 
209 	if (this.verbose) {
210 		GPSystem.trace(request.toXMLString());
211 	}
212 
213 	try	{
214 		var response = this.soapcon.call(this.url, request);
215 		if (this.verbose) {
216 			GPSystem.trace(response.toXMLString());
217 		}
218 	}
219 	catch(e) {
220 		GPSystem.trace("SOAP call to " + this.url + " failed : " + e);
221 		throw new GPError("DVCAConnection", GPError.DEVICE_ERROR, 0, "SendCertificates failed with : " + e);
222 	}
223 
224 	if (response.Result.ns1::returnCode.substr(0, 3) != "ok_") {
225 		this.lastError = response.Result.ns1::returnCode.toString();
226 	}
227 }
228 
229 
230 
231 DVCAConnection.test = function() {
232 	var c = new DVCAConnection("http://localhost:8080/se/dvca");
233 	c.verbose = true;
234 	var certlist = c.getCACertificates();
235 }
236