3

I'd like to sign a hash using certificate on USB token. I've found hwcrypto javascript library, which should be able to do that, along with browser extension or installed application. I've istalled all requirements and then created a page calling javascript library.

SCS.sign(handleResponse,request);

Window opens, but unfortunately, no certificate has been found (even if certificate can be seen in browser settings). What might be the problem?

DropDropped
  • 1,253
  • 1
  • 22
  • 50
  • Are you sure you have (and have access to) the private keys associated with the certificate? Otherwise you can't sign. – hft Nov 21 '17 at 01:19
  • Which browser are you using?, Can u try with Internet Explorer? – Mario Zamora Nov 22 '17 at 17:55
  • What server side do you use? It's better to do it at server side, like PHP has a lot of functions to deal with that. Besides that, you have a interface called PKCS#11 defined to handle these things. Look at this answer too, https://stackoverflow.com/questions/8792899/website-pksc-11-smart-card-authentication-and-ssl-client-certificates – Marco Nov 22 '17 at 18:26
  • Another possibility is JAVA. I know this does not answer the question, but it's just these functions in JS are experimental yet. Look at Java, maybe it can help you: https://docs.oracle.com/javase/7/docs/api/java/security/cert/CertStore.html – Marco Nov 22 '17 at 18:29
  • @MarioZamora it does not matter, if I would be possible to sign it using Internet Explorer, then I'll be using IE. – DropDropped Nov 23 '17 at 22:15

1 Answers1

0

Please refer to web-eid documentation

Search for word "filter" - here it says "Default is sign"

Please make sure your USB Token has sign type certificates and there may be internal check on certificate validity - check you have "not expired" and "sign type" certificate.

Bharat Vasant
  • 850
  • 3
  • 12
  • 46