1 /**
  2  *  ---------
  3  * |.##> <##.|  SmartCard-HSM Support Scripts
  4  * |#       #|  
  5  * |#       #|  Copyright (c) 2011-2012 CardContact Software & System Consulting
  6  * |'##> <##'|  Andreas Schwier, 32429 Minden, Germany (www.cardcontact.de)
  7  *  --------- 
  8  *
  9  * Consult your license package for usage terms and conditions.
 10  * 
 11  * @fileoverview Simple Physical Access Control Terminal Simulation
 12  *
 13  * <p>This simulation shows the use of a SmartCard-HSM card for physical access control. The device authentication key and cv certificate
 14  *    is used to authenticate the card towards the reader and to establish a secure communication channel to read access control data.</p>
 15  * <p>If a PIN code is entered at the reader, then the code will be presented to the card using the secure communication channel, 
 16  *    thereby protecting the PIN code against eavesdropping at the air interface.
 17  *    As the verification response from the card is protected with a message authentication code, the terminal
 18  *    can proof that the verification was actually performed by the card.
 19  * <p>This demo requires at least the 3.7.1574 version of the Smart Card Shell.</p>
 20  */
 21  
 22 load("../lib/smartcardhsm.js");
 23 
 24  
 25 function AccessController(crdreader) {
 26 	this.crdreader = crdreader;
 27 	this.accessTerminal = new AccessTerminal();
 28 
 29 	// Create a crypto object
 30 	this.crypto = new Crypto();
 31 }
 32 
 33 
 34 
 35 AccessController.prototype.cardInserted = function(readername) {
 36 	var card = new Card(readername);
 37 	this.check(card);
 38 	card.close();
 39 }
 40 
 41 
 42 
 43 AccessController.prototype.cardRemoved = function() {
 44 	this.accessTerminal.red();
 45 }
 46 
 47 
 48 
 49 AccessController.prototype.waitForCardInsertion = function() {
 50 	this.card = null;
 51 
 52 	do	{
 53 		try	{
 54 			this.card = new Card(this.crdreader);
 55 //			card.reset(Card.RESET_COLD);
 56 		}
 57 		catch(e) {
 58 //			print(e);
 59 			this.card = null;
 60 		}
 61 	} while (this.card == null);
 62 }
 63 
 64 
 65 
 66 AccessController.prototype.waitForCardRemoval = function() {
 67 	while (true) {
 68 		try	{
 69 			var card = new Card(this.crdreader);
 70 			card.close();
 71 		}
 72 		catch(e) {
 73 			return;
 74 		}
 75 	}
 76 }
 77 
 78 
 79 
 80 AccessController.prototype.checkAccessWithSCHSM = function(card) {
 81 	var starttime = new Date();
 82 	print("Started at " + starttime);
 83 
 84 	try	{
 85 		var ac = new SmartCardHSM(card);
 86 	}
 87 	catch(e) {
 88 		print(e);
 89 		return false;
 90 	}
 91 	
 92 	var rsp = ac.readBinary(SmartCardHSM.C_DevAut);
 93 	var chain = SmartCardHSM.validateCertificateChain(this.crypto, rsp);
 94 
 95 	try	{
 96 		ac.openSecureChannel(this.crypto, chain.publicKey);
 97 		var pin = this.accessTerminal.getPIN();
 98 		if (pin.length > 0) {
 99 			var sw = ac.verifyUserPIN(new ByteString(pin, ASCII));
100 			if (sw != 0x9000) {
101 				print("PIN wrong !!!");
102 				return false;
103 			}
104 		}
105 	}
106 	catch(e) {
107 		return false;
108 	}
109 
110 	var stoptime = new Date();
111 
112 	print("Ended at " + stoptime);
113 
114 	var duration = stoptime.valueOf() - starttime.valueOf();
115 
116 	print("Duration " + duration + " ms");
117 	
118 	print("Card id : " + chain.path);
119 	return true;
120 }
121 
122 
123 
124 AccessController.prototype.check = function(card) {
125 
126 	var grant = this.checkAccessWithSCHSM(card);
127 	if (grant) {
128 		this.accessTerminal.green();
129 	} else {
130 		this.accessTerminal.off();
131 		GPSystem.wait(200);
132 		this.accessTerminal.red();
133 		GPSystem.wait(200);
134 		this.accessTerminal.off();
135 		GPSystem.wait(200);
136 		this.accessTerminal.red();
137 		GPSystem.wait(200);
138 	}
139 }
140 
141 
142 
143 AccessController.prototype.loop = function() {
144 	this.run = true;
145 	while (this.run) {
146 		this.accessTerminal.red();
147 		this.waitForCardInsertion();
148 		this.check(this.card);
149 		this.card.close();
150 		this.waitForCardRemoval();
151 	}
152 }
153 
154 
155 
156 AccessController.prototype.stop = function() {
157 	this.run = false;
158 }
159 
160 
161 
162 AccessController.test = function() {
163 	ac = new AccessController(_scsh3.reader);
164 	try	{
165 		Card.setCardEventListener(ac);
166 		ac.accessTerminal.red();
167 	}
168 	catch(e) {
169 //		ac.loop();
170 	}
171 }
172 
173 
174 AccessController.test();