Digital Signature via pem key(pendrive sign key)

akashswamyakashswamy
edited December 2022 in Web Development

By Default, Some software has this functionality in them like adobe reader and more.

But when it comes to integrating into the coding part will get problematic to work on.

we had some special way to work in it, As shown below.

1: First install a software named Signer.Digital.Browser.Extension.Setup (link :https://apps.webgrid.in/ncc/common_assets/downloading_softwares/Signer.Digital.Browser.Extension.Setup.msi )

2: After installing this software add an extension to chrome named Signer.Digital Digital Signature, PKI ( link: https://chrome.google.com/webstore/detail/signerdigital-digital-sig/glghokcicpikglmflbbelbgeafpijkkf)

after this, we have to add some javascript code to get the signature and validate it from the existing key in DB




function validate() { 
    var send=0; 
    // "9c4535346d7cdde618abe6a7c72caaa64cab2013"
    console.log(my_tt)
    SignerDigital.signAuthToken(data_string , "sha256", certThumbPrint =my_tt, showExpired = false).then(
    function (signDataResp) {
    $("#opt_sign").val(signDataResp);
    console.log("success");
    console.log(signDataResp);
     send=1;
      $("#opt_text").val(data_string);
            actions_to_make('approve');
    },
    function (errmsg) { 
    console.log("fail");
    console.log(errmsg);
    $("#opt_sign").val('');
            $("#opt_text").val('');
            alert('Unable to Find Your Signature Key');
    }
    ); 
}


How this code works like

it gets identifies keys connected to the device and then automatically tries to get login with the respective signature key login.

after that in the backend, we have to verify that the signature matches or not .

One more important thing is when we are saving the signature key into the database we have to extract the signature's public key for that we just have to export the signature from the respective key's application and then pass that into a command ...

Because we are not using CMD here we have to do it from code only like the below function:

We need both a thumbprint and a public key so we have two functions:


To get thumb:

    function get_thumb_print($file) 
       { //pass exported file as input, It an helper function.
          $a=shell_exec("openssl x509 -inform der -in ".$file['file']['tmp_name']." -noout -fingerprint");
         return strtolower(str_replace(":","",explode("=",$a)[1])); 
      }

to get the public key:

function get_signature($file)
{
   $a=shell_exec("openssl x509 -inform der -in ".$file['file']['tmp_name']." -noout -pubkey ");
   return $a; 
}

by this function, we get keys out...

then work on it... All the best.

Tagged:
Sign In or Register to comment.