1 /* 2 * This is security cordova_plugin (TV specific API). 3 * Apache License (2004). See http://www.apache.org/licenses/LICENSE-2.0 4 * 5 * Copyright (c) 2014, LG Electronics, Inc. 6 */ 7 8 /** 9 * This represents the security API itself, and provides a global namespace for operating security service. 10 * @class 11 */ 12 cordova.define('cordova/plugin/security', function (require, exports, module) { 13 14 function log(msg) { 15 // //console.log 16 } 17 18 var service; 19 if (window.PalmSystem) { 20 log("Window.PalmSystem Available"); 21 service = require('cordova/plugin/webos/service'); 22 } else { 23 service = { 24 Request : function(uri, params) { 25 log(uri + " invoked. But I am a dummy because PalmSystem is not available"); 26 27 if (typeof params.onFailure === 'function') { 28 params.onFailure({ 29 returnValue:false, 30 errorText:"PalmSystem Not Available. Cordova is not installed?" 31 }); 32 } 33 }}; 34 } 35 36 function checkErrorCodeNText(result, errorCode, errorText) { 37 38 if (result.errorCode === undefined || result.errorCode === null ) { 39 result.errorCode = errorCode; 40 } 41 if (result.errorText ===undefined || result.errorText === null) { 42 result.errorText = errorText; 43 } 44 } 45 46 /** 47 * security interface 48 */ 49 var Security = function () { 50 }; 51 52 53 /** 54 * Registers a server certificate to validate the keys from the SCAP server as part of a PKI (Public Key Infrastructure). 55 * Handling (Register/Unregister) server certificates must be done very carefully under the control of installer because it is done in insecure environment. 56 * If a server certificate is registered, monitor will validate the public key from the SCAP server when monitor requests resources to the SCAP server in SCAP browser 57 * The server certificate to register can be a self-signed certificate or a CA (Certificate Authority) certificate. 58 * Only 1 server certificate is permitted in monitor. Therefore to register a server certificate when another server certificate was registered, revoke(unregister) the registered server certificate first, and register the new server certificate. Or the registration for the new server certificate will be failed. 59 * After registration, reboot must be needed. 60 * @class Security 61 * @param {Function} successCallback success callback function. 62 * @param {Function} errorCallback failure callback function. 63 * @param {Object} options 64 * <div align=left> 65 * <table class="hcap_spec" width=400> 66 * <thead><tr><th>Property</th><th>Type</th><th>Description</th><th>Required</th></tr></thead> 67 * <tbody> 68 * <tr><th>userName</th><th>String</th><th>username for this server certificate as 4 to 10-character string chosen from the set [a-zA-Z0-9].</th><th>required</th></tr> 69 * <tr><th>password</th><th>String</th><th>password as 4 to 10-character string chosen from the set [a-zA-Z0-9] to get whether this certificate is registered or not, or revoke this certificate in the future.</th><th>required</th></tr> 70 * <tr><th>certificate</th><th>String</th><th>certificate string of the full contents in the server certificate file (public root CA of the server certificate file) in the form of PEM (rootCA.crt in above example).</th><th>required</th></tr> 71 * </tbody> 72 * </table> 73 * </div> 74 * @return <p>If the method is successfully executed, call the success callback function without a parameter.</br> 75 * If an error occurs, failure callback function is called with failure callback object as a parameter.</p> 76 * @example 77 * // Javascript code 78 * function registerServerCertificate () { 79 * var options = { 80 * userName : "testserver", 81 * password : "passCode1", 82 * certificate : "\ 83 *-----BEGIN CERTIFICATE-----\n\ 84 *MIIDhDCCAmwCCQDY8/8psTWE+DANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMC\n\ 85 *S1IxDjAMBgNVBAgMBVNlb3VsMQ4wDAYDVQQHDAVTZW91bDEMMAoGA1UECgwDTEdF\n\ 86 *MQwwCgYDVQQLDANXTVQxFjAUBgNVBAMMDTEwLjE3Ny4yMjUuNTgxIDAeBgkqhkiG\n\ 87 *9w0BCQEWEWRvb21zZGF5QGtsZHAub3JnMB4XDTE2MDkyMzEwMzY0MloXDTI2MDky\n\ 88 *MTEwMzY0MlowgYMxCzAJBgNVBAYTAktSMQ4wDAYDVQQIDAVTZW91bDEOMAwGA1UE\n\ 89 *BwwFU2VvdWwxDDAKBgNVBAoMA0xHRTEMMAoGA1UECwwDV01UMRYwFAYDVQQDDA0x\n\ 90 *MC4xNzcuMjI1LjU4MSAwHgYJKoZIhvcNAQkBFhFkb29tc2RheUBrbGRwLm9yZzCC\n\ 91 *ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANGU2B1m93M1Wtm1Bvz7BF7S\n\ 92 *ATx7IWB5bE9fteMJmhvb5yYIcwKbBtPBdIyywPe9ROSHiYHubW3GCbw/h/CjC7F6\n\ 93 *gvKGK+Hg6lF2fXVDbR4+qDPoiVY+dv/ZWbaQ2KDjMHSqfHqlZWIqm4Znp4mx3dL1\n\ 94 *DAt2I/S5jcKkO9Xf4g5RCW5dEMTpv0aNgm1nd6YMOGmO0F0r/HwlLNr4cdJwRBWv\n\ 95 *Ce99EZ3H5SY+Iat96sXDQPxfmBtN1H71Hi1+kZ0ugDhLVTEQxq68cXH0QSnWttXx\n\ 96 *p4P1DBWYJswQrjiWP9SXLCTPBawNRnSkSGpqoconhy8xDnp1jvEEd/zpWAh036MC\n\ 97 *AwEAATANBgkqhkiG9w0BAQsFAAOCAQEAKzlLlueFKWfo9IGUdQ/RLjBXD+gBtwF9\n\ 98 *T8qkIA0h8eawK3l4pBjXgyvIybhhnF3q+aBDD6nh0anhnzmlrzyWqWefsVQqDKEG\n\ 99 *iqb01qo8qOAn84pAliOnsNQEx+D1Rb2+ceRUhEYLxZBDbL9iL8MuNPAW7coFw3nm\n\ 100 *eTGV1Nx3OUfK9/EcGbEzNkFP8ZMkckbiDrF5rGHClqL+9FeQ03XMIPGqil2Te6Xq\n\ 101 *vKG3nsUYZymir2Dgl7Z6Vkeo+F8Y6CPD+iIxkgfX+QKRYS/dYoN00o7fsHNJN7WM\n\ 102 *CXqAtsTiHRfF17xHVjXH3HLqR5sIpQqay2RZE2PDQpc7Gaq+L9U81A==\n\ 103 *-----END CERTIFICATE-----\n" 104 * }; 105 * 106 * function successCb() { 107 * // Do something 108 * } 109 * 110 * function failureCb(cbObject) { 111 * var errorCode = cbObject.errorCode; 112 * var errorText = cbObject.errorText; 113 * console.log ("Error Code [" + errorCode + "]: " + errorText); 114 * } 115 * 116 * var security = new Security(); 117 * security.registerServerCertificate(successCb, failureCb, options); 118 * } 119 * @since 1.4.1 120 */ 121 Security.prototype.registerServerCertificate = function (successCallback, errorCallback, options) { 122 log("registerServerCertificate: " + JSON.stringify(options)); 123 124 if (options.userName === undefined || typeof options.userName !== 'string' || options.userName.length < 4 || options.userName.length > 10 || 125 options.password === undefined || typeof options.password !== 'string' || options.password.length < 4 || options.password.length > 10 || 126 options.certificate === undefined || typeof options.certificate !== 'string') { 127 128 if (typeof errorCallback === 'function') { 129 var result = {}; 130 checkErrorCodeNText(result, "SRSC", "Security.registerServerCertificate returns failure. invalid parameters or out of range."); 131 errorCallback(result); 132 } 133 134 return; 135 } 136 137 service.Request("luna://com.webos.service.commercial.signage.storageservice/security/", { 138 method: "registerServerCertificate", 139 parameters: { 140 userName : options.userName, 141 password : options.password, 142 certificate : options.certificate 143 }, 144 onSuccess: function(result) { 145 log("registerServerCertificate: On Success"); 146 147 if (result.returnValue === true) { 148 if (typeof successCallback === 'function') { 149 successCallback(); 150 } 151 } 152 }, 153 onFailure: function(result) { 154 log("registerServerCertificate: On Failure"); 155 delete result.returnValue; 156 if (typeof errorCallback === 'function') { 157 checkErrorCodeNText(result, "SRSC", "Security.registerServerCertificate returns failure."); 158 errorCallback(result); 159 } 160 } 161 }); 162 163 log("Security.registerServerCertificate Done"); 164 }; 165 166 /** 167 * Unregisters a server certificate and deactivate the TLS authentication and the host verification. 168 * After unregistration, reboot must be needed. 169 * @class Security 170 * @param {Function} successCallback success callback function. 171 * @param {Function} errorCallback failure callback function. 172 * @param {Object} options 173 * <div align=left> 174 * <table class="hcap_spec" width=400> 175 * <thead><tr><th>Property</th><th>Type</th><th>Description</th><th>Required</th></tr></thead> 176 * <tbody> 177 * <tr><th>userName</th><th>String</th><th>username for the server certificate to unregister.</th><th>required</th></tr> 178 * <tr><th>password</th><th>String</th><th>password to be used for the registration of the server certificate before</th><th>required</th></tr> 179 * </tbody> 180 * </table> 181 * </div> 182 * @return <p>If the method is successfully executed, call the success callback function without a parameter.</br> 183 * If an error occurs, failure callback function is called with failure callback object as a parameter.</p> 184 * @example 185 * // Javascript code 186 * function unregisterServerCertificate () { 187 * var options = { 188 * userName : "testserver", 189 * password : "passCode1" 190 * }; 191 * 192 * function successCb() { 193 * // Do something 194 * } 195 * 196 * function failureCb(cbObject) { 197 * var errorCode = cbObject.errorCode; 198 * var errorText = cbObject.errorText; 199 * console.log ("Error Code [" + errorCode + "]: " + errorText); 200 * } 201 * 202 * var security = new Security(); 203 * security.unregisterServerCertificate(successCb, failureCb, options); 204 * } 205 * @since 1.4.1 206 */ 207 Security.prototype.unregisterServerCertificate = function (successCallback, errorCallback, options) { 208 log("unregisterServerCertificate: " + JSON.stringify(options)); 209 210 if (options.userName === undefined || typeof options.userName !== 'string' || options.userName.length < 4 || options.userName.length > 10 || 211 options.password === undefined || typeof options.password !== 'string' || options.password.length < 4 || options.password.length > 10) { 212 213 if (typeof errorCallback === 'function') { 214 var result = {}; 215 checkErrorCodeNText(result, "SUSC", "Security.unregisterServerCertificate returns failure. invalid parameters or out of range."); 216 errorCallback(result); 217 } 218 219 return; 220 } 221 222 service.Request("luna://com.webos.service.commercial.signage.storageservice/security/", { 223 method: "unregisterServerCertificate", 224 parameters: { 225 userName : options.userName, 226 password : options.password 227 }, 228 onSuccess: function(result) { 229 log("unregisterServerCertificate: On Success"); 230 231 if (result.returnValue === true) { 232 if (typeof successCallback === 'function') { 233 successCallback(); 234 } 235 } 236 }, 237 onFailure: function(result) { 238 log("unregisterServerCertificate: On Failure"); 239 delete result.returnValue; 240 if (typeof errorCallback === 'function') { 241 checkErrorCodeNText(result, "SUSC", "Security.unregisterServerCertificate returns failure."); 242 errorCallback(result); 243 } 244 } 245 }); 246 247 log("Security.unregisterServerCertificate Done"); 248 }; 249 250 251 /** 252 * Returns whether a server certificate was registered or not. 253 * @class Security 254 * @param {Function} successCallback success callback function. 255 * @param {Function} errorCallback failure callback function. 256 * @param {Object} options 257 * <div align=left> 258 * <table class="hcap_spec" width=400> 259 * <thead><tr><th>Property</th><th>Type</th><th>Description</th><th>Required</th></tr></thead> 260 * <tbody> 261 * <tr><th>userName</th><th>String</th><th>username for the server certificate.</th><th>required</th></tr> 262 * <tr><th>password</th><th>String</th><th>password to be used for the registration of the server certificate before</th><th>required</th></tr> 263 * </tbody> 264 * </table> 265 * </div> 266 * @return {Object} 267 * <div align=left> 268 * <table class="hcap_spec" width=400> 269 * <thead><tr><th>Property</th><th>Type</th><th>Description</th></tr></thead> 270 * <tbody> 271 * <tr><th>userName</th><th>String</th><th>username for the server certificate</th></tr> 272 * <tr><th>exist</th><th>Boolean</th><th>whether a server certificate was registered or not</th></tr> 273 * </tbody> 274 * </table> 275 * </div> 276 * @example 277 * // Javascript code 278 * function existServerCertificate () { 279 * var options = { 280 * userName : "testserver", 281 * password : "passCode1" 282 * }; 283 * 284 * function successCb(cbObject) { 285 * console.log("cbObject : " + JSON.stringify(cbObject)); 286 * } 287 * 288 * function failureCb(cbObject) { 289 * var errorCode = cbObject.errorCode; 290 * var errorText = cbObject.errorText; 291 * console.log ("Error Code [" + errorCode + "]: " + errorText); 292 * } 293 * 294 * var security = new Security(); 295 * security.existServerCertificate(successCb, failureCb, options); 296 * } 297 * @since 1.4.1 298 */ 299 Security.prototype.existServerCertificate = function (successCallback, errorCallback, options) { 300 log("existServerCertificate: " + JSON.stringify(options)); 301 302 if (options.userName === undefined || typeof options.userName !== 'string' || options.userName.length < 4 || options.userName.length > 10 || 303 options.password === undefined || typeof options.password !== 'string' || options.password.length < 4 || options.password.length > 10) { 304 305 if (typeof errorCallback === 'function') { 306 var result = {}; 307 checkErrorCodeNText(result, "SESC", "Security.existServerCertificate returns failure. invalid parameters or out of range."); 308 errorCallback(result); 309 } 310 311 return; 312 } 313 314 service.Request("luna://com.webos.service.commercial.signage.storageservice/security/", { 315 method: "existServerCertificate", 316 parameters: { 317 userName : options.userName, 318 password : options.password 319 }, 320 onSuccess: function(result) { 321 log("existServerCertificate: On Success"); 322 323 if (result.returnValue === true) { 324 if (typeof successCallback === 'function') { 325 var cbObj = {}; 326 cbObj.userName = result.userName; 327 cbObj.exist = result.exist; 328 successCallback(cbObj); 329 } 330 } 331 }, 332 onFailure: function(result) { 333 log("existServerCertificate: On Failure"); 334 delete result.returnValue; 335 if (typeof errorCallback === 'function') { 336 checkErrorCodeNText(result, "SESC", "Security.existServerCertificate returns failure."); 337 errorCallback(result); 338 } 339 } 340 }); 341 342 log("Security.existServerCertificate Done"); 343 }; 344 345 module.exports = Security; 346 }); 347 348 Security = cordova.require('cordova/plugin/security'); 349 350