Accessing ePass2003 Auto token through browser
I have got ePass2003 Auto token loaded with self signed certificate. I got lib**.so file to load into firefox and now firefox can list the certificate in token. My requireme
-
Disclosure: I work for CISPL
To access ePass2003 or any Smartcard or Cryptographic USB Token, you need to use Browser Extension. As far as I know, browsers may use the keys from crypto device for TLS handshake. My company provides such extension Signer.Digital Browser Extension. Chrome and Firefox
Windows Host may be downloaded from https://signer.digital/downloads/Signer.Digital.Browser.Extension.Setup.msi
On windows, we don't need PKCS#11 but we use Windows CSP. Thus, USB token driver must be installed on Windows client device for this to work from web browser. lib**.so file is not for Windows but it's for Linux.
Linux host uses this .so file and PKCS#11 to accomplish the task but this is transparent to ePass2003 users and Host application takes care of this.
My requirement is to access the keystore for signing, encryption and decryption i.e public and private key for cryptographic operation on them. May i request guidance on javascript API for doing above cryptographic operation.
I am listing the javascript API (Signer.Digital Version 1.6.3) provides:
- Select Certificate: This will open popup window to select certificate. certThumbPrint paramater may be provided to select certificate silently.
SignerDigital.getSelectedCertificate(certThumbPrint = "")- Sign Hash:
SignerDigital.signHash = function(hash, certAlgorithm, certThumbPrint = "")- Sign Authtoken / Data: calculate hash of data and then sign hash.
SignerDigital.signAuthToken = function(authtoken, certAlgorithm, certThumbPrint = "")certAlgorithm is hasing algorithm to be used. ex: "SHA256" or "SHA-256"- Sign PDF: - Returns PKCS7 signature container
SignerDigital.signPdfHash = function(hash, certThumbPrint, certAlgorithm)- Sign XML:
SignerDigital.signXML = function(xmlDoc, xmlSignParms, certThumbPrint)- RSA Encrypt: (Using private key of user)
SignerDigital.encryptB64Data = function(b64Data, useOAEPPadding, certThumbPrint = "")Example:
var strToEnc = "Clear Text String to Encrypt."; var strB64Data = btoa(strToEnc); console.log("Base64 String of Clear Text String: " + strB64Data); //Do not provide last parm - certThumbPrint to open dialog to select certificate. SignerDigital.encryptB64Data(strB64Data, false, "224D7F695ABF0E22EA8D314497F5B56AEFA96FFE") //false for PKCS1 padding, true for OAEP padding .then( function(EncryptedB64String) { //Success returns xmlSign console.log("Encrypted Base64 String: " + EncryptedB64String); console.log("Encrypted String: " + atob(EncryptedB64String)); }, function(ErrMsg) { console.log(ErrMsg); } )- RSA Decrypt: (Using private key of user)
SignerDigital.decryptB64Data = function(b64Data, useOAEPPadding, certThumbPrint = "")Example:
console.log("Encrypted B64 string from server: " + EncB64String); SignerDigital.decryptB64Data(EncB64String, false, "224D7F695ABF0E22EA8D314497F5B56AEFA96FFE") .then( function(DecryptedB64String) { //Success returns xmlSign console.log("Decrypted Base64 String: " + DecryptedB64String); console.log("Decrypted String: " + atob(DecryptedB64String)); }, function(ErrMsg) { console.log(ErrMsg); } ) }, error: function(msg) { console.debug(msg); }- Sign IT/eTDS Return: (Sign Indian Income Tax/eTDS Return - Same as signHash method, except additional optional param: PAN)
SignerDigital.signITHash = function(hash, PAN, certThumbPrint = "")Pass PAN blank to open Select Certificate Dialog. If PAN is nonempty, and certificate for PAN is present, will silently select certerficate.
- Sign CMS: (Sign Indian GST Return)
SignerDigital.signGstHash = function(hash, certThumbPrint = "")- Sign IceGate Data: (Sign IceGate - Indian Customs Data - Json, text, XML)
SignerDigital.signIceGate = function(b64Data, certThumbPrint = "")Working of PDF Signing and Digital Signature based Authentication may be tested at https://web.signer.digital/
讨论(0)
加载中...
- 热议问题