esteid.js ·
Provides a high level API that transaltes to low level APDU interface of EstEID cards, in JavaScript.
For NodeJS and Web.
BIBO transmit explained
Requires the availability of a reliable Promise based BIBO (Bytes-go-In, Bytes-come-Out) transmit function. That is, a function that takes an APDU and returns a Promise that would resolve to the response from the card, that with a mix of PC/SC and JavaScript would look something like:
{ return }
Two implementations are provided:
- Local PC/SC interface, provided by node-pcsclite (in
card.js
) - Remote interface for web apps, via web-eid.js (TBD, reference)
Development
git clone https://github.com/martinpaljak/esteid.jscd esteid.jsnpm installnode test.js
API and usage
First
npm install --save-dev esteid
then
const esteid =
esteid.connect(transmit)
Creates an instance of EstEID, bound to the transmit channel. Takes the BIBO-Promise-function as the parameter.
var EstEID = esteid
EstEID.getPersonalData(fields)
Returns a Promise that resolves to the personal data file contents. Takes a field name (string) or a list of field names as a parameter. By default reads all fields.
EstEID
Would show
"SURNAME": "PALJAK" "GIVEN_NAMES1": "MARTIN" "GIVEN_NAMES2": "" "SEX": "M" "CITIZENSHIP": "EST" "DATE_OF_BIRTH": "16.07.1982" "PERSONAL_ID": "38207162722" "DOCUMENT_NR": "AA044XXXX" "EXPIRY_DATE": "23.11.2017" "PLACE_OF_BIRTH": "EESTI / EST" "ISSUING_DATE": "08.05.2013" "PERMIT_TYPE": "" "REMARK1": "" "REMARK2": "" "REMARK3": "" "REMARK4": ""
EstEID.verify(pin, valuepromise)
Returns a Promise that resolves if PIN verification succeeds. Use EstEID.PIN1
, EstEID.PIN2
and EstEID.PUK
to indicate PIN type. valuepromise
must resolve to the PIN value, as an ASCII string.
var pin = PromiseEstEID
There is a handy PIN wrapper for CLI application in cli.js
const cli = EstEID
EstEID.getCertificate(type)
Returns a Promise that resolves to the certificate as a Buffer. Use EstEID.AUTH
and EstEID.SIGN
to indicate certificate type.
EstEID
EstEID.authenticate(challenge, pinpromise)
Returns a Promise that resolves to the result of RSA signature operation with the authentication key, as a Buffer. PIN promise, if provided, is resolved only if the card is in unauthenticated state.
EstEID
EstEID.sign(dtbs, pinpromise)
Returns a Promise that resolves to the result of RSA signature operation with the signing key, as a Buffer. PIN promise is required and is always resolved.
EstEID
EstEID.decrypt(cryptogram, pinpromise)
Returns a Promise that resolves to the result of RSA decryption operation with the authentication key, as a Buffer. PIN promise, if provided, is resolved only if the card is in unauthenticated state.
EstEID
EstEID.getPINCounters(pin)
Returns a Promise that resolves to the remaining PIN tries for all PIN-s or the PIN specified. By default all remaining retries are returned in an array ([PIN1, PIN2, PUK]
). If a single pin is given as a parameter, a single counter is returned.
EstEID
EstEID.getKeyCounters(key)
Returns a Promise that resolves to the key usage counters. By default both counters returned in an array ([AUTH, SIGN]
). If a single key is given as a parameter, a single counter is returned.
EstEID