This sample must be used with a SWYS device to operate.
As soon the sample starts, the end-user must enter the PIN on the PAD of SWYS device.
A private key is required on the smartcard to operate the ETC_SignEx function
First initialize the PKCS#11 layer clicking the button
At last, before to close this page, mind to release the PKCS#11 library clicking the button below
Sends proprietary commands to the reader, the smart card, the device ot the middleware.
var etcDeviceIOCTLCallback = {
success: function (status, data) {
'use strict';
alert(" The function succeeded with status (" + status + ") and data (" + JSON.stringify(data) "));
},
error: function (status) {
'use strict';
alert("An error occured with status code " + status);
}
};
theObjectPKCS11.ETC_DeviceIOCTL(etcDeviceIOCTLCallback);
Click the button to invoke the function.
ETC_GetDeviceCertificates is a common C_FindObjects function invocation with a special attribute used to obtain the characteristics of the reader/token.
The Number parameter 'sessionHandle' is the PKCS#11 session handle.
The Number 'certificateCategory' defines the certificate type targeted by the search. As described into the PKCS11 specification for values of the CKA_CERTIFICATE_TYPE attribute, the certificate category can be: 0 = unspecified (default value), 2 = authority (CA certificates).
The callback object called when the operation finished.
The 'success' callback function returns an array of certificate object handles found into the device.
var sessionHandle = 222222,
certificateCategory = 2, // Search for CA certificates
callback = {
success : function (status, data) {
var message = "The function returned the following information (" + JSON.stringify(data) + ")";
alert(message);
},
error : function (errorCode) {
alert("The function failed with code (" + errorCode + ")");
}
};
theObjectPKCS11.ETC_GetDeviceCertificates(sessionHandle, certificateCategory, callback);
Click the button to invoke the function.
Signs data in a single part using CKM_RSA_PKCS as signature mechanism and CKM_SHA256 as hash mechansim.
The success callback returns a byte array 'signatureTerminal' containing the signature provided by the terminal and a byte array 'signatureCard' containing the signature provided by the smart card.
var callback = {
success : function (status, data) {
// The returned 'data' object contains the properties 'signatureDevice' and 'signatureCard
var message = "The function returned the following the signature (" + JSON.stringigy(data.buffer) + ")";
alert(message);
},
error : function (errorCode) {
alert("The function failed with code (" + errorCode + ")");
}
},
sessionHandle = 22222222, // A valid session handle provided by C_OpenSession
keyObjectHandle = 3333333, // A valid private key object handle (as provided by 'C_FindObjects' or 'C_GenerateKeyPair' functions for example)
data = [67,111,111,108,32,116,114,97,110,115,97,99,116,105,111,110,32,116,111,32,99,111,110,102,105,114,109], // Byte array to display on the reader screen and sign
certificateObjectHandle = 77777, // A valid device's certificate object handle (as returned by the 'C_FindObjects' or 'ETC_GetDeviceCertificate' function for example)
hidden = [68, 101, 102, 97, 117, 108, 116, 32, 72, 105, 100, 100, 101, 110, 32, 68, 97, 116, 97],
hash = [48,49,48,13,6,9,96,134,72,1,101,3,4,2,1,5,0,4,32,56,48,192,134,9,194,189,215,54,240,119,18,31,183,75,16,229,220,77,26,14,197,49,205,147,100,253,210,145,117,114,24],
signaturePKI = 1; // set the value to 'true' to generate PKI signature otherwise a OTP signature is computed
theObjectPKCS11.ETC_SignEx(sessionHandle, keyObjectHandle, data, certificateObjectHandle, hidden, hash, signaturePKI, callback);
Click the button to invoke the function.