堆栈内存溢出
  简体   繁体   English

在客户端使用私钥签名数据(javascript)

[英]Sign data using private key on client-side (javascript)

 原文  2011-03-21 17:49:37       javascript/ cryptography/ openssl/ digital-signature/ private-key

问题描述

I know, it looks strange, but I need to sign some data on client-side using javascript only, no ajax backdoor to server-side openssl available. 我知道,它看起来很奇怪,但我需要在客户端使用javascript签署一些数据,没有ajax后门服务器端openssl可用。 Could someone suggest some client-side solution to sign data using private key? 有人可以建议一些客户端解决方案使用私钥签署数据吗? Is it possible? 可能吗?

Thanks. 谢谢。

4 个解决方案

解决方案1
 5 已采纳  2011-03-23 07:17:32

Found great signing tool . 找到了很棒的签名工具 It implements RSA-SHA1 (works perfectly) and RSA-SHA256 (works strange), and allow both to generate signature using private key and to verify signature using certificate. 它实现了RSA-SHA1(完美运行)和RSA-SHA256(工作奇怪),并允许两者使用私钥生成签名并使用证书验证签名。

解决方案2
 3  2011-03-21 18:00:15

I've gone down the same road as you, you're probably better off implementing something like oAuth. 我和你一样走在同一条路上,你可能会更好地实现像oAuth这样的东西。

The problem with what you're proposing is that there's absolutely no reliable way of storing the private key on the client machine, nor of now securely getting the public key back to the server other than HTTPS (and if you're using HTTPS, what's the point of this?) 您提出的问题是,绝对没有可靠的方法在客户端计算机上存储私钥,现在也没有安全地将公钥恢复到除HTTPS之外的服务器(如果您使用的是HTTPS,那么什么是这一点?)

If you really want to continue, there are some implementations out there: http://shop-js.sourceforge.net/crypto2.htm 如果你真的想继续,那里有一些实现: http//shop-js.sourceforge.net/crypto2.htm

And you probably want something horribly annoying like PersistJS (http://pablotron.org/?cid=1557) to try and save the private key as long as possible. 而且你可能想要像PersistJS(http://pablotron.org/?cid=1557)那样令人烦恼的东西尽可能地尝试保存私钥。

解决方案3
 1  2015-06-03 15:09:10

The W3C Web Cryptography API may be able to help. W3C Web Cryptography API可能会有所帮助。 Can I use indicates modern browsers now support it. 我可以使用表明现代浏览器现在支持它。

For additional digital signature support, look at GlobalSign/PKI.js 有关其他数字签名支持,请查看GlobalSign / PKI.js

PKIjs is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). PKIjs是一个纯JavaScript库,它实现了PKI应用程序中使用的格式(签名,加密,证书请求,OCSP和TSP请求/响应)。 It is built on WebCrypto (Web Cryptography API) and requires no plug-ins. 它建立在WebCrypto(Web Cryptography API)之上,不需要任何插件。 http://pkijs.org http://pkijs.org

解决方案4
 0  2018-05-10 17:26:26

Web Crypto appears to be the answer. Web Crypto似乎就是答案。 Here is a tutorial (not mine). 这是一个教程 (不是我的)。 As for the comment, if you are using https, why do you need signing - these are needed for two different purposes. 至于评论,如果您使用https,为什么需要签名 - 这些需要用于两个不同的目的。 In infosec lingo, the former gives confidentiality and the latter non-repudiation . 在信息安全术语中,前者给予机密性 ,后者给予不可否认性

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 私钥的客户端存储 - client-side storage of private key 客户端JavaScript中的Steam API密钥 - Steam API Key in Client-Side JavaScript 使用 JavaScript 删除网站上的所有客户端存储数据 - Remove all client-side stored data on website using JavaScript 将车把数据发送到客户端 javascript - Send handlebars data to client-side javascript 如何仅使用客户端JavaScript正确签署对Amazon的ItemLookup的GET请求? - How to properly sign a GET request to Amazon's ItemLookup using client-side JavaScript only? 使用javascript,客户端打开文件 - Open a file using javascript, client-side 从客户端JavaScript使用Git - Using Git from client-side javascript 使用JavaScript在客户端访问MongoDB - Acessing MongoDB on the Client-Side using JavaScript 是否可以在客户端对数据进行签名/加密以确保它不被用户操纵? - Is it possible to sign/encrypt data on the client-side to ensure it was not manipulated by the user? 如何使用 JavaScript 正确编码服务器端和客户端之间的交换数据? - How to correctly code an interchange data between server-side and client-side using JavaScript?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM