Digital signature with Javascript

javascript internet-explorer applet digital-signature microsoft-edge
12,665

Solution 1

So the answer was to use JSRSASIGN (http://kjur.github.io/jsrsasign/) in the examples posted in github it uses PEM files, I build an example to use CER+ KEY + PASSWORD >> https://github.com/alfredomova/firmaJs-with-jsrsasign-example,

for that specific example i used sparkMD5(https://github.com/satazor/SparkMD5) to calculate the file's hash.

Solution 2

Modern browsers no more supports ActiveX, applets. WebCrypto API generates and uses keys dynamically but does not have capability to access Certificates from Certificate Store.

The accepted answer provided by Alfredo M, who has also asked question, points to JavaScript to handle cryptography in browser which does not talk about accessing local Certificate Store. Recently Certificates are not being generated/issued as pfx (or PEM) files but on Cryptographic device like USB Token or smart card.

Thus we need to use Browser Extensions for modern browsers where application running behind the Browser can access Certificate Store and sign the hash. One such browser extension is provided free by my Company. You just need couple of lines of JavaScript code to call methods provided by any Browser Extension to achieve Digital Signing from modern Browser. If you just want to sign files or eReturns, you don't need any server side component. If you want to sign pdf, you may need pdf component on server side.

Share:
12,665
Alfredo M
Author by

Alfredo M

SCJP SCWCD OCA MCTS ISC melomano  fan Soy una criatura nocturna de clima frio nacido en época de lluvia y q ama en secreto a la luna Minecraft junkie

Updated on June 17, 2022

Comments

  • Alfredo M
    Alfredo M almost 2 years

    So I'm stuck with this problem:

    IE Edge no longer allow applets, activeX, etc. ,

    and I have this applet that is used for digital signature,

    the idea is to extract the private key from the KEY file in the client side, in that way the private key never leaves the client's computer, that is a requirement for security, it can't be avoid :(

    I'm looking for APIs or frameworks, but I can't found a way to solve this,

    with jsrsasign the examples uses a PEM file but my users have .CER + .KEY + password, in java I can do it, but I need to do it in javascript or in something on the client side.

    and, reading the Web Cryptography API and some examples I found, they generate NEW private and public keys to sign BUT they never READ an existing CERTIFICATE

    does anybody have this problem or know a framework I could use? please heeeelp!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Network Error 12152: WebSockets in Edge and IE 11
includes() not working in all browsers
IE 11 can't find Java Plugin to run Applet
How can I embed a Java applet dynamically with Javascript?
My jQuery is not working with IE11
Placeholder and IE != BFFs (Placeholder and IE9 not working)
Fixing the Browser Mode in IE Programmatically
Javascript: Onclick event not working in IE
Ext Js IE error only
How to access USB device in chrome?