To allow your website using a hardware digital signature
Blitz Smart Card Plugin
Do your users have to sign web forms or uploaded documents using their hardware tokens (smartcard or USB devices)? Blitz Smart Card Plugin allows a web page to obtain device properties and to make digital signature. If your website require the ability to strong authenticate users using their hardware keys, our solution allows the browser to retrieve data about the certificate and lets user sign the authentication challenge.
Benefits of Blitz Smart Card Plugin
How it works
Accessing smartcards or USB tokens from website is a tricky puzzle
First of all, you need some special middleware that allow user’s browser to communicate with hardware devices (smart cards and tokens) connected to the PC or call installed crypto providers. Blitz Smart Card Plugin just represents this middleware. This is a browser plug-in that allows web pages to use hardware digital signature devices.
When developing your own plug-in, you need to consider the specifics of different browsers. Apple Safari and Microsoft Internet Explorer are currently communicate with plugin through NPAPI or ActiveX. Google Chrome, Mozilla Firefox, Edge use another technology – Native Messaging. To use Native Messaging, you also need to develop a browser extension and register it in the browser extension store.
Users of your websites can use digital signature devices from various vendors and can use different crypto providers. When developing the plug-in, you need to program and test the plug-in with each of the required signature hardware in each supported operating system.
Also, you need to take care of creating a browser plug-in installer for each operating system. Installers must be signed by the manufacturer’s signature, the certificate of which can be verified in the corresponding operating system; otherwise, when installing the plug-in, users will receive warnings from the operating system about the installation of dangerous malicious programs.
Blitz Smart Card Plugin simplifies the task of using a digital signature on a website
- Plug-in initialization – check whether user need to install/update the plug-in or to install the browser extension;
- Getting a list of cryptographic modules available on the PC;
- Getting a list of key containers available on the PC and their certificates;
- Signing data using the specified key container.
The data for signing is specified in the format utf-8, hex or base64.
The signature is generated in the format PKCS#7 or CAdES-BES. Both attached and detached signatures are supported.