how to access to internal certificate keys in web crypto api
1,994 views
Skip to first unread message
rickye...@gmail.com
Jul 22, 2014, 8:22:34 AM7/22/14
to chromium...@chromium.org
Hi all,
I have read that chrome beta has enabled web crypto api (http://blog.chromium.org/2014/07/chrome-37-beta-directwrite-on-windows.html) and I wanted to play with it for a while. But what I don't understand is how I can access the certificate keys (the keys associated to a user certificate). In all the examples I found the keys are created and not recovered from the certificates... Please someone can answer the following questions:
* Is possible what I'm trying to do? Maybe with importKey or using this other API webcrypto key discovery (http://www.w3.org/TR/webcrypto-key-discovery/).
* Is there a bug associated for the second API (webcrypto key discovery)? Is it planned to be implemented?
Sorry but information about this subject is very hard to find...
Thanks in advance!
PhistucK
Jul 22, 2014, 8:31:31 AM7/22/14
to rickye...@gmail.com, Chromium-discuss
I believe WebCrypto Key Discovery is a different specification and is not implemented in Chrome.
I never heard about certificate querying API. It would probably be some kind of a security issue (you could copy it, or know the sites to which it belongs which is a privacy issue).
I think WebCrypto is designed mainly for creating and verifying the keys using known security algorithms.
☆PhistucK
--
--
Chromium Discussion mailing list: chromium...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discu...@chromium.org.
rickye...@gmail.com
Jul 22, 2014, 8:45:41 AM7/22/14
to chromium...@chromium.org, rickye...@gmail.com
Hi PhistucK,
I don't know but if you have something called web crypto api I understand that it is an API to do cryptographic operations and, obviously, if I have some certs imported in the browser the keys associated to those certs are a good candidates to sing or encrypt things. There are a lot of user cases: signing or encrypting web mails, documents,... I don't understand this API if you cannot access the keys associated with your certificates, the API does not cover an important use case.
Thanks again!
rickye...@gmail.com
Jul 22, 2014, 2:43:50 PM7/22/14
to chromium...@chromium.org, rickye...@gmail.com
Finally I found this video, which I think answers my question:
It's a real pity that a standard leaves things half done.
Thanks anyway!
Wahaj K
Feb 3, 2015, 9:31:32 AM2/3/15
to chromium...@chromium.org, rickye...@gmail.com
Has any one know whether Web Crypto Key Discovery in the road map for Chrome? Makes me baffled that why such a standard is only kept lying.
Thanks!
Reply all
Reply to author
Forward
0 new messages