webcrypto-api

I have a web server that allows access only using X509 authentication. Works like a charm. Now I want to extend the use of the X509 certificates (which are stored in the user's browser keystore) to Sign data before it is sent to the server (using JavaScript and HTTPPost) Decrypt data read from the server (where it gets encrypted using the user's public key stored there) I found this example doing RSA Signature which is pretty close.... only it does take the key from a HTML textarea. I want to read it from the key store. Now crypto is quite in flux: Mozilla w3C Internet Explorer 11++ Chome and

I'm using the following example for signing + verifying in Node.js: https://github.com/nodejs/node-v0.x-archive/issues/6904 . The verification succeeds in Node.js but fails in WebCrypto. Similarly, a message signed using WebCrypto fails to verify in Node.js. Here's the code I used to verify a signature produced from the Node.js script using WebCrypto - https://jsfiddle.net/aj49e8sj/ . Tested in both Chrome 54.0.2840.27 and Firefox 48.0.2 // From https://github.com/nodejs/node-v0.x-archive/issues/6904 var keys = { priv: '-----BEGIN EC PRIVATE KEY-----\n' + 'MHcCAQEEIF+jnWY1D5kbVYDNvxxo/Y

I would like to ask if is still impossible, using JavaScript, to get key from USB token or from certificate stored in Browser . I was reading many articles which said WebCryptoApi doesn't enable to do that. Is any option to get key from token? Maybe something was changed? It is not possible for now. The WebCryptoApi does not support using keys stored in external keystores like smartcards, Mozilla keystore or Windows KeyStore (used by Chrome and Explorer), and reading the comments of the last conferences, it is not a current priority. There is another Javascript API specification of W3C to be

I'm trying to sign data using the WebCrypto API, but instead of creating a private/public key and exporting it to pkcs#1 or 8, I would really like to use a user's PKCS#12 to sign data. I've read the W3C spec, but cannot make much of it and can't find any good material on how to do this. Right now I want to leave ActiveX and Java Applets aside. Is there a way to tweak the following: var buffer = encode(prompt("Please enter your password")); //TODO: //implement a prompt for a pfx or cert return crypto.subtle.importKey("raw", buffer, "PBKDF2", false, usages); //TODO: //instead of importing it,

With WebCrypto API evolving and being supported by Chrome and Firefox, I would like to use it for digitally signing a PDF document. There is not much of literature around, but I found some examples [1] and a library called PKI.js [2]. In the examples, the signing process is described, but in the end, a signature is returned. I would expect my Base64 PDF file returned again in a signed Base64 string, but sadly, this is not what happens. PKI.js too, to my knowledge, does not provide a way to sign my Base64 PDF. Is there a way to sign a PDF with JavaScript and the WebCrypto API only? The private