search

hwcrypto / hwcrypto.js

Browser JavaScript library for working with hardware tokens
https://hwcrypto.github.io
MIT License
157 stars 47 forks source link

I like to make local development (chrome-token) #20

Open kshji opened 8 years ago

kshji commented 8 years ago

But "Origin doesn't contain https". How I can use file origin to develop. Something addon to extension js ? I'm only interested to read personal data from cert (card).

kshji commented 8 years ago

I found solution for cert parsing. https://github.com/GlobalSign/PKI.js + https://github.com/GlobalSign/ASN1.js Then I can parse Certificate PEM using OID values. I added only OID "2.5.4.5": "SERIALNUMBER" to the PKI example and result is nice. We only need to read person data (cert) from card.

But local file problem still alive ...

tiblu commented 8 years ago

You need to set up your local development environment to use HTTPS. The setup depends on the server (Apache, Nginx...) you use.

martinpaljak commented 7 years ago

I think the best is to remove any dummy checks from the JavaScript library and properly implement in the webextension code, including proper handling of localhost/127.0.0.1.

Please note that the support for secure origin filtering happens in chrome-token-signing, it can not be fixed by only the javascript code. Leaving open unril removal of the dummy checks in hwcrypto.js