public key infrastructure – Web Browser Certificate Enrollment (CSR Generation) and Certificate Download to Smartcard or USB Token

Browser Extension may be used to Enroll Certificate (Generate CSR) and Download Certificate in Windows Certificate Store or Smartcard or USB Token from modern browsers. Browser extension provides JavaScript API which in turn talks to host application running on local machine to do the required operations in smartcard and returns response to JavaScript (or says users web page).

CSR generated using Browser Javascript API genCSR may be posted to CA Server for certificate generation or to your server if you want self signed certificate. Certificate and Trust Certificate chain received back from the server may be passed to ImportCer to import in the certificate store, smartcard or usb token.

API Available in Signer.Digital Browser Extension are:

  1. Detect connected smartcard: (Autodetect connected Smartcard or USB Token)

SignerDigital.getPCSCReaders(onlyConnected = true) //List PCSC Readers, set paramater to false if you want to list all available readers

Example:

try 
{
    var SmartcardReaders = await SignerDigital.getPCSCReaders();
    var SCReaders = JSON.parse(SmartcardReaders);
    console.log(SmartcardReaders);
    console.log(SCReaders.length);
    if (SCReaders.length > 0)
    {
        $("#selSmartcard").empty();     //selSmartcard is HTML dropdown selector
        for (var i = 0; i < SCReaders.length; i++) {
            //ReaderNames are cryptic, convert to user friendly smartcard name
            var SCName = SignerDigital.getSCNameByReaderName(SCReaders(i)); 
            $("#selSmartcard").append(new Option(SCName));
        }
        
        //If Windows, add "Windows Certificate Store"
        if (SignerDigital.OSName == "Windows")
            $("#selSmartcard").append(new Option("Windows Certificate Store"));

        $('#selSmartcard option:eq(1)')
    }
}
catch (ErrorMsg) {
    alert(ErrorMsg);
}
  1. Generate CSR: (for Certificate Enrollment in Cert Store, Smartcard or USB Token)

SignerDigital.genCSR(PKCS11Lib, certSubject, certIssuer, keyBits = 2048, hasgAlgorithm = "SHA256", forceUserPinChangeIfDefault = false)

To enforce password policy, viz. force user to change default password set by Smartcard manufacturer, set forceUserPinChangeIfDefault to true

  1. Import / Download Certificate (Import User Certificate and Trust Certificate Chain to Cert Store, Smartcard or USB Token)

SignerDigital.importCer(PKCS11Lib, b64Payload, certIssuer)

Json Model for b64Payload param above is: (Base64 of Json of below model)

public class ImportCertReq
{
    public string UserCertB64 ;     //May be null to just import Trust Chain
    public List<string> TrustChainB64;  //May be null to just import USer Certificate
}

Json Model for success Response from importCer promise is:

public class ImportCertResp
{
    public bool IsSuccessUserCertImport;
    public string UserCertImportOutcome; 
    public int TrustChainImportCount; 
    public string TrustChainImportOutcome; 
}

Generate CSR and Import Certificate api uses PKCS#11 library of smartcard or usb token for combability across OS. Thus, requires smartcard drivers to be installed on user’s windows pc before using these JavaScript API. For using Windows Certificate Store, pass PKCS11Lib as “Microsoft Enhanced RSA and AES Cryptographic Provider”.

Other useful properties and methods in Signer.Digital Extension

  1. SignerDigital.OSName

  2. SignerDigital.OSSupported

  3. SignerDigital.getPkcsLibByProvider(ProviderName)

  4. SignerDigital.getSCNameByReaderName(ReaderName) //ReaderName obtained using promise getPCSCReaders() as listed in point 1 above.

  5. SignerDigital.getPkcsLibBySCName(SCName)

You may refer to SO Answer for other Certificate, Signing and Encryption/Decryption JavaScript APIs. These API uses Windows CSP and on Linux uses PKCS#11.

Above API may be tested live Here

Signer.Digital Browser Extension Generate CSR and Certificate Download Workflow:
Signer.Digital Browser Extension Generate CSR and Certificate Download Workflow

Where To Download Google Chrome Developer Edition Browser Old Versions Archive?

Where To Download Google Chrome Developer Edition Browser Old Versions Archive? – Super User

network – Local Ports On Browser Connections

When “netstat -ano” displays the results, why do connections from my browser to websites use a bunch of strange local ports to connect to remote 80/443? Maybe this is normal. Sorry for asking such a newb question lol.

For example

Proto Local Address Foreign Address State PID

  • TCP x.x.x.x:25708 x.x.x.x:443 ESTABLISHED 1111
  • TCP x.x.x.x:28310 x.x.x.x:443 ESTABLISHED 1111
  • TCP x.x.x.x:28729 x.x.x.x:443 ESTABLISHED 1111
  • TCP x.x.x.x:50021 x.x.x.x:443 ESTABLISHED 1111
  • TCP x.x.x.x.145:50026 x.x.x.x:443 ESTABLISHED 1111

web app – Should my webapp’s tabs use browser tabs or an in-page tab?

web app – Should my webapp’s tabs use browser tabs or an in-page tab? – User Experience Stack Exchange

catalina – Browser web page gets sync’d across different macBooks

I have 2 macBook Pro’s (Catalina and Big Sur) and somehow when I open any web page in Chrome/Brave browser on 1 macBook, it gets synced to the other macBook and a new Chrome icon opens up on the dock. And when I click that, the exact same page what I have opened up in my macBook gets opened on the other macBook.

I checked if the browser has sync enabled but it is not.

Can anyone suggest something I can do to stop the browsers from syncing across the macBooks ?

web browser – A runtime sometimes converts string arguments (or string returns) from WTF-16 to UTF-16 between functions in a call stack. Is this a security concern?

For example, suppose we have this code (in TypeScript syntax):

function one(str: string): string {
  // do something with the string
  return str
}

function two() {
  let s = getSomeString() // returns some unknown string that may contain surrogates
  s = one(s)
  // ...
}

two()

Now suppose that when passing the string s into the one(s) call, the runtime (not the implementation of one or two will sometimes replace part of the string. In particular, this will happen when there are WTF-16 “isolated surrogates”, but the main idea here is that this is not common and most developers will not be aware that this happens… until it happens.

Now, suppose this never happened before, but the runtime recently added this format conversion between function calls (converting function arguments or their return values without the implementation of any function having a choice in the matter).

In such a runtime, could there be a security issue after the runtime has switched from never changing strings to now doing it sometimes? If so, what could happen?


In particular, the runtime I am thinking about is JavaScript interfacing with WebAssembly in the browser in the potential near future if the new “Interface Types” proposal passes a vote for string passing to have WTF-to-UTF sanitization.

What I could imagine, for example, is some third party library updating an implementation of one or more of their functions from JavaScript to WebAssembly, this in turn causing strings being passed from JS to WebAssembly (or vice versa) to be modified from their original form, causing unexpected errors, or in the worst case, a vulnerability.

Is there a potential problem here?

Browser Detection

Admin submitted a new resource:

Browser Detection – A light-weight shim around(Mobile_detect for XenForo

A light-weight shim around Mobile_detect for XenForo 2

Usage (in templates)

The add-on injects the global variable $mobileDetect, check that the variable is set before calling any methods to prevent errors during upgrades or if the add-on is disabled.

Code:
<xf:if is="$mobileDetect && $mobileDetect.isMobile()">
    Is Mobile
<xf:else />
    Not...

Read more

.(tagsToTranslate)null scripts(t)nulled(t)nulled sites(t)nulled forum(t)nulled script(t)nulled scripts(t)nulled script forum(t)best nulled scripts site(t)xenforo nulled(t)xenforo 2 nulled(t)xenforo nulled themes(t)seo xenforo 2(t)xenforo themes(t)seo for xenforo(t)vbulletin nulled(t)vbulletin 5 nulled(t)whmcs nulled(t)hexa whmcs(t)whmcs addons nulled(t)whmcs templates nulled(t)whmcs template nulled(t)whmcs modules nulled(t)whmcs themes nulled(t)cs-cart nulled(t)xfilesharing pro nulled(t)blesta nulled(t)arrowchat nulled(t)multi vendor ecommerce script nulled(t)seo providers(t)adsense alternative

reload page when going back in browser

is there any way to refresh the browser page when backtracking with javascript: window.history.go (-1);?

there is the option to use document.referrer; but I can only go back one page. yes, I must go back 2 or 3 pages I can’t get it to work.

I wanted to know if there is a possibility to use some function so that when you go back the page is refreshed.

Greetings.

google chrome – How to open a PWA on macOS without opening the browser?

I installed the YouTube music PWA via Brave Browser (it should be the same on chrome) on macOS (running Big Sur).

My problem is that when I launch the app it also opens the browser with it, I would like to just open the app.

Is such a thing possible?

DreamProxies - Cheapest USA Elite Private Proxies 100 Cheap USA Private Proxies Buy 200 Cheap USA Private Proxies 400 Best Private Proxies Cheap 1000 USA Private Proxies 2000 USA Private Proxies 5000 Cheap USA Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive.com Proxies-free.com New Proxy Lists Every Day Proxies123.com Best Quality USA Private Proxies