I would like to know JavaScript code for user authentication from browser with digital signature on client’s USB Token or Smart Card. But I don’t understand how to digitally sign login request, say authtoken, or UserID and Passwrd from browser using USB Token. I need a popup on browser to select certificate form USB Token. My user have USB tokens of various makes and respective driver installed on their PC.
I need a solution where user don't have to select tokken driver.
Methods like java applets, Active X, etc are being phased out from the new Modern Browser offerings. Recently much is being talked about WebCrypto API but as of now, WebCrypto API does not provide access to (Windows) or any other Key stores or local crypto USB/Smartcard device.
For Authentication from Browser using Digital Signature, one such free Chrome extension available is Signer.Digital chrome extension. Local system (host running behind the chrome browser on windows) setup may be downloaded from https://signer.digital/downloads/Signer.Digital.Chrome.Host.Setup.zip Installing this host and restarting Chrome will automatically add Signer.Digital Chrome Extension
The actual working of this extension is illustrated here
Testing Steps:
Install Device Drivers for your USB Token or Smart Card - This should make your Certificate in Windows Certificate Store
Install setup indicated above.
Restart Chrome Browser.
Open this link
Put UserID & Password and click Register button – this will ask to select Digital Signature and register it on server (For this session only – not permanent).
Then again put same UserID and Password and select same Certificate and click Login. Selecting different certificate will not allow login.
Javascript to call method from extension:
To Register Certificate on Server:
To authenticate or Login using Digital Signature:
To sign PDF:
If Failed: returns error msg starting with "SDHost Error:"
User Authentication from Browser