Open martinpaljak opened 7 years ago
Is there any guess when will it be implemented? Until then I use a closed source crappy alternative from https://portal.signwise.org/BE/en/p/about/web-browser-module
I see that in the APIv1 wiki the parameter filter
of the getCertificate()
method has changed from
TBD - filter for the certificate selection
to
AUTH
filter certificates with non-repudiation key usage
Can this be used to ask for auth cert/PIN1? Please add more information about this parameter, ie example how to use it, will it require new browser plugin or will be upgrading just the hwcrypto.js be enough etc.
It is not released, but requires updated plugins (chrome-token-signing 1.0.6 and browser-token-signing 3.13.0) also upgrading hwcrypto.js. Yes this can used to ask for auth cert.
I'm very interested in this functionality. Could you possible provide some code examples or some guidance on how to ask for PIN1 and get basic information from the certificate? Thank you in advance!
For verified information, you shall have to verify and parse the certificate in your backend. For a secure user verification, the actual functionality to do it in a secure way is not yet fully implemented.
I am working on an implementation here: https://test2.zigis.id.lv/ Go to "Iestatījumi" and "Autorizēties" (I am from Latvia) If the authentication is successful, You will be able to access and save settings. I am making digital signature system built on PHP and javascript
Thanks @martinpaljak , is there any example of how to verify the signature from the demo code? I mean, in openssl. I am trying to sign something, then send the certificate to the other end alongside a signature, but I get always a false indication.
Interesting, thanks @expiorer . I happen to live in Latvia, I am an e-Resident and I am developing a social network for e-Residents (that's why I want to have e-Card authentication). Do you live in Riga? Maybe we can meet!
Technical description in https://github.com/open-eid/hwcrypto.js/wiki/Authentication