_410-cdn-plugin.js

Summary

Plug-In to request certificate for CardContact Developer Network


Class Summary
CDNRequester CDN certificate requester

/**
 *  ---------
 * |.##> <##.|  Open Smart Card Development Platform (www.openscdp.org)
 * |#       #|
 * |#       #|  Copyright (c) 1999-2006 CardContact Software & System Consulting
 * |'##> <##'|  Andreas Schwier, 32429 Minden, Germany (www.cardcontact.de)
 *  ---------
 *
 *  This file is part of OpenSCDP.
 *
 *  OpenSCDP is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License version 2 as
 *  published by the Free Software Foundation.
 *
 *  OpenSCDP is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with OpenSCDP; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 *
 * @fileoverview Plug-In to request certificate for CardContact Developer Network
 */


/**
 * Create a plug-in instance
 * 
 * @constructor
 * @class CDN certificate requester
 * @param {KeyManager] km the associated key manager
 */
function CDNRequester(km) {
	this.km = km;
}

// All plug-ins must export a symbol "Plugin" 
exports.Plugin = CDNRequester;

CDNRequester.REQUEST_CDN_CERTIFICATE = "Request CDN Certificate";



/**
 * Add an entry to the context menu associated with the device entry in the outline
 * 
 * @param {String[]} contextMenu the list of entries in the context menu
 * @param {Boolean} isInitialized the device is initialized
 * @param {Number} authenticationState the status returned in the last authentication query (SW1/SW2)
 */
CDNRequester.prototype.addDeviceContextMenu = function(contextMenu, isInitialized, authenticationState) {
	if (isInitialized && (authenticationState == 0x9000)) {
		contextMenu.push(CDNRequester.REQUEST_CDN_CERTIFICATE);
	}
}



/**
 * Add an entry to the context menu associated with a key in the outline
 * 
 * @param {String[]} contextMenu the list of entries in the context menu
 * @param {Number} authenticationState the status returned in the last authentication query (SW1/SW2)
 * @param {Outline} keynode the node created for this key before it is added to the outline
 */
/*
PluginExample.prototype.addKeyContextMenu = function(contextMenu, authenticationState, keynode) {
	contextMenu.push(PluginExample.PLUGIN_ACTION);
}
*/



/**
 * Handle action triggered from the outline context menu
 * 
 * @param {Outline} source the source outline node of this action
 * @param {String} action the action selected from the context menu
 * @type Boolean
 * @return true if the action was handled
 */
CDNRequester.prototype.actionListener = function(source, action) {
	if (!action.equals(CDNRequester.REQUEST_CDN_CERTIFICATE)) {
		return false;
	}
	
	var url = Dialog.prompt("Please enter URL of Online CA", KeyManager.DEVNETCA_URL);
	if (!url) {
		return;
	}

	var label = url.match(/\w+:\/\/([\w.]+)/)[1];
	print("Using label \"" + label + "\" for key");

	if (this.km.ks.hasKey(label)) {
		Dialog.prompt("Please remove existing key first");
		return;
	}

	var commonName = "Joe Doe";
	commonName = Dialog.prompt("Please enter name or pseudonym for entry into the common name field of the certificate", commonName);

	if (!commonName) {
		return;
	}
	var eMailAddress = " joe.doe@openscdp.org";

	do	{
		var eMailAddress = Dialog.prompt("Please enter a valid e-mail address for entry into the subjectAlternativeName field of the certificate", eMailAddress);
		if (!eMailAddress) {
			return;
		}
	} while (eMailAddress.match(/[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+/)[0] != eMailAddress);

	if (eMailAddress.length > 0) {
		print("The CA will send an activation code to " + eMailAddress);
	}

	print("Generating a 2048 bit RSA key pair can take up to 60 seconds. Please wait...");
	var req = this.km.ks.generateRSAKeyPair(label, 2048);

	var devAutCert = this.km.sc.readBinary(SmartCardHSM.C_DevAut);

	var activationCode;

	do	{
		var cacon = new CAConnection(url);
		var certs = cacon.requestCertificate(req.getBytes(), devAutCert, commonName, eMailAddress, activationCode);
		cacon.close();

		if (certs == null) {
			var rc = cacon.getLastReturnCode();
			if (rc == "activation_code_wrong") {
				assert(Dialog.prompt("Wrong activation code - Press OK to retry"));
			}
			if ((rc == "activation_code_required") || (rc == "activation_code_wrong")) {
				activationCode = Dialog.prompt("Please check your e-mail and enter activation code", "");
				assert(activationCode != null);
			} else {
				print("Online CA returned " + cacon.getLastReturnCode());
				break;
			}
		} else {
			var cert = new X509(certs[0]);
			print(cert);
			print("Received certificate from CA, now storing it on the device...");
			this.km.ks.storeEndEntityCertificate(label, cert);
		}
	} while (!certs);

	this.km.createOutline();
	
	return true;
}

	

CDNRequester.prototype.toString = function() {
	return "CDN Certificate Requester";
}


Documentation generated by JSDoc on Sat Feb 24 15:17:19 2024