Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Signing with eID cards (private key is not directly accessible) #85

Open
diidiiman opened this issue Jun 14, 2019 · 6 comments
Open

Signing with eID cards (private key is not directly accessible) #85

diidiiman opened this issue Jun 14, 2019 · 6 comments

Comments

@diidiiman
Copy link

Hello!

Trying to wrap my head around the functionality of this package.
The scenario I am currently faced with is that the information which must be signed has to be provided to external service which holds the private keys.

Is there a possibility right now to have the canonicalizated information for signing to be returned, sign it somewhere else, and afterwards take the received signature and finalize the XML assembly?

I would highly appreciate any pointers!

@rmhrisk
Copy link
Contributor

rmhrisk commented Jun 14, 2019

Check out FortifyApp.com this provides a smart card and local certificate and key access via a polyfill for “web crypto” which XADESjs is based.

Also check out Hancock.ink as it used these as part of its signing solution.

@eliasfank
Copy link

@rmhrisk I downloaded the fortifyapp for windows (version 1.0.20). It seems to be outdated and newer tokens aren't present. A new release from the fortifyapp will be published?

@rmhrisk
Copy link
Contributor

rmhrisk commented Aug 20, 2019

It’s last release is about a month old.

It supports many tokens.

If your token is not supported file a bug with the ATR and the path to the PKCS11 library for it in the appropriate repository.

@anmaitrannguyen
Copy link

Is it possible to use the Chrome Token Signing (https://github.com/open-eid/chrome-token-signing/) together with this library? So it possible for user to sign XML document in Browser?

@rmhrisk
Copy link
Contributor

rmhrisk commented Oct 24, 2019

In theory if you wrapped their proprietary interfaces with a webcrypto polyfill you could.

Also look at fortifyapp.com many use this library with that.

@DigitalLeaves
Copy link

Hi @diidiiman I am facing the same scenario. I am successfully getting signatures from eID cards through hwcrypto, but I need to be able to turn them into XADES-T signatures. Any idea on how to do that?

I think I will post a new issue about this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants