I have a web server that allows access only using X509 authentication. Works like a charm. Now I want to extend the use of the X509 certificates (which are stored in the user's browser keystore) to
I found this example doing RSA Signature which is pretty close.... only it does take the key from a HTML textarea. I want to read it from the key store. Now crypto is quite in flux:
I'm looking for some working examples for signature and encryption (I have some in Java, but not browser based JavaScript).
Help is very much appreciated
By the moment the W3C's WebCrypto standard is specifying a javascript object crypto
inside window
to perform encryption, digital-signatures, generate keys and so on with javascript. However a standard way to access the local keystore to perform operations like signatures with client keys it's not defined. So nowadays there isn't a common way to do so in javascript, each browsers has it's own way; In IE you can do it with ActiveXObject("CAPICOM.Store");
, with firefox using window.crypto.signText("textToSign", "ask");
(seems that now its deprecated, take a look here, actual api seems that doesn't support it: more info here), for chrome I'm not sure however using NativeSDK Client could be a possible way.
Other possibility is also using java applets with all problems this technology has these days.
There is also a project on github which encapsulates in javascript the behavior to sign (only with IE and firefox) using a common object which has the both implementations, I try it months before and work correctly with IE/Firefox, now with firefox doesn't work because the api options are deprecated, if you're curious take a look at: Glamdring/js-signer
You can also check my question where I asked similar question: js signature on chrome with OS keystore
Hope this helps,