1 /** 2 * --------- 3 * |.##> <##.| SmartCard-HSM Support Scripts 4 * |# #| 5 * |# #| Copyright (c) 2011-2012 CardContact Software & System Consulting 6 * |'##> <##'| Andreas Schwier, 32429 Minden, Germany (www.cardcontact.de) 7 * --------- 8 * 9 * Consult your license package for usage terms and conditions. 10 * 11 * @fileoverview Simple Physical Access Control Terminal Simulation 12 * 13 * <p>This simulation shows the use of a SmartCard-HSM card for physical access control. The device authentication key and cv certificate 14 * is used to authenticate the card towards the reader and to establish a secure communication channel to read access control data.</p> 15 * <p>If a PIN code is entered at the reader, then the code will be presented to the card using the secure communication channel, 16 * thereby protecting the PIN code against eavesdropping at the air interface. 17 * As the verification response from the card is protected with a message authentication code, the terminal 18 * can proof that the verification was actually performed by the card. 19 * <p>This demo requires at least the 3.7.1574 version of the Smart Card Shell.</p> 20 */ 21 22 load("../lib/smartcardhsm.js"); 23 24 25 function AccessController(crdreader) { 26 this.crdreader = crdreader; 27 this.accessTerminal = new AccessTerminal(); 28 29 // Create a crypto object 30 this.crypto = new Crypto(); 31 } 32 33 34 35 AccessController.prototype.cardInserted = function(readername) { 36 var card = new Card(readername); 37 this.check(card); 38 card.close(); 39 } 40 41 42 43 AccessController.prototype.cardRemoved = function() { 44 this.accessTerminal.red(); 45 } 46 47 48 49 AccessController.prototype.waitForCardInsertion = function() { 50 this.card = null; 51 52 do { 53 try { 54 this.card = new Card(this.crdreader); 55 // card.reset(Card.RESET_COLD); 56 } 57 catch(e) { 58 // print(e); 59 this.card = null; 60 } 61 } while (this.card == null); 62 } 63 64 65 66 AccessController.prototype.waitForCardRemoval = function() { 67 while (true) { 68 try { 69 var card = new Card(this.crdreader); 70 card.close(); 71 } 72 catch(e) { 73 return; 74 } 75 } 76 } 77 78 79 80 AccessController.prototype.checkAccessWithSCHSM = function(card) { 81 var starttime = new Date(); 82 print("Started at " + starttime); 83 84 try { 85 var ac = new SmartCardHSM(card); 86 } 87 catch(e) { 88 print(e); 89 return false; 90 } 91 92 var rsp = ac.readBinary(SmartCardHSM.C_DevAut); 93 var chain = SmartCardHSM.validateCertificateChain(this.crypto, rsp); 94 95 try { 96 ac.openSecureChannel(this.crypto, chain.publicKey); 97 var pin = this.accessTerminal.getPIN(); 98 if (pin.length > 0) { 99 var sw = ac.verifyUserPIN(new ByteString(pin, ASCII)); 100 if (sw != 0x9000) { 101 print("PIN wrong !!!"); 102 return false; 103 } 104 } 105 } 106 catch(e) { 107 return false; 108 } 109 110 var stoptime = new Date(); 111 112 print("Ended at " + stoptime); 113 114 var duration = stoptime.valueOf() - starttime.valueOf(); 115 116 print("Duration " + duration + " ms"); 117 118 print("Card id : " + chain.path); 119 return true; 120 } 121 122 123 124 AccessController.prototype.check = function(card) { 125 126 var grant = this.checkAccessWithSCHSM(card); 127 if (grant) { 128 this.accessTerminal.green(); 129 } else { 130 this.accessTerminal.off(); 131 GPSystem.wait(200); 132 this.accessTerminal.red(); 133 GPSystem.wait(200); 134 this.accessTerminal.off(); 135 GPSystem.wait(200); 136 this.accessTerminal.red(); 137 GPSystem.wait(200); 138 } 139 } 140 141 142 143 AccessController.prototype.loop = function() { 144 this.run = true; 145 while (this.run) { 146 this.accessTerminal.red(); 147 this.waitForCardInsertion(); 148 this.check(this.card); 149 this.card.close(); 150 this.waitForCardRemoval(); 151 } 152 } 153 154 155 156 AccessController.prototype.stop = function() { 157 this.run = false; 158 } 159 160 161 162 AccessController.test = function() { 163 ac = new AccessController(_scsh3.reader); 164 try { 165 Card.setCardEventListener(ac); 166 ac.accessTerminal.red(); 167 } 168 catch(e) { 169 // ac.loop(); 170 } 171 } 172 173 174 AccessController.test();