Fingerprint enrollment and verification via browser - javascript

I have a digialPersona fingerprint reader and I'm working on a web application which is to have fingerprint enrollment and verification functionalities.
Is it possible to do this via the browser? Is yes, how?
If no, what are the best practices?

-The print reader (Hardware) will have some api reference library for interfacing. You may write Custom ActiveX control in Winforms / C# or C++ (depending the SDK library ref) & load it via Javascript.
-One more option is to use Full trust WPF browser application (XBAP)
NB: Beware of client side privileges settings in these scenarios

Related

How to import personal certificate in windows os certificate store from Chrome/Mozilla by client side

I have generated key pair and created self signed certificate using JavaScript library WebCrypto API and 3rd party web service using a CSR request. Now i want to store the certificate with the private key in windows personal certificate store of the client pc. I have found here that by JavaScript it is not possible. Using java it is easily possible. But as jApplet is being discouraged now, so is there any other way from client side. By creating chrome/mozilla extensions, will it be possible either ?
Note that, i understand if i export the certificate as file along with the private key, i can import it manually in windows certificate store as personal certificate. But i want to automate the process like - the user just fill-up the form from browser and by server communication, the certificate will be created and will be store in windows store of client along with the private key.
I do not think you have too many options
You can not access from javascript to keystore used by browser due to security restrictions
You can not create a chrome extension to access to keystore used by browser because chrome API does not publish it (I am not sure with firefox)
You can not use an applet because Java is not supported by Chrome and Edge. Firefox will drop support to NPAPI plugins in March 2017 (java uses npapi), and next Java versions do not include the browser plugin
Alternatives:
Generate a .p12 file with the private key and certificate (in client side), download and open it. The operative system will launch the import certificate tool
Use WebCryptographyApi, if you only need the certificate to perform cryptographic operations on the browser (digital signature, encryption,...). You could generate the .p12 later
First of all, javascript runs on the browser inside a sandbox. So it has very limited access to the computer, it can calculate/generate stuff but can't do changes to the computer.
Creating an extension to add a certificate is a bit useless, because to do so, the only way that I can think of is to execute a program that could be excecuted by the user in the first place. More info about running programs from extension here.
So give the user an auto certificate installer program (create one), to run it. Example c code for Certificate Store Operations here.
We've got the same problem but only in chrome. We managed to do that in Firefox (<keygen> object in javascript) and IExpolorer (ActiveXObject). Considering Java Applet I suggest creating local microserver with REST API and communicate with it over SSL

Alternative for java applet which needs to communicate with browser via javascript

In our web application, we using a Java applet to invoke MS.Word application by jacob jar e.g. Word to open, edit, and when it saves automatically it uploaded to the server.
Google Chrome will no longer support NPAPI, so soon we can not run our applet in Chrome anymore.
So, any suggestions for an alternative for the Java applet. We want to make the same experience for the user, just like before.
We have the same problem. With Webstart is not longer possible to do that communication. We are going to use Websockets between webstart application and browser. Our first attempt is to start a websockets server in the webstart and make browser connect to localhosts. If this is not possible for security limitations in the browsers then we are going to do it through the webserver, browser and webstart application connecting to the webserver and exchanging messages.
I can see 2 distinct possibilities.
Create a standalone application that "wraps" your web application using a technology such as electron. You can then do your browser to desktop integration as you like. This will require an install on the client.
Launch a webstart application (or it could really be any installation that happens on the client). It will need to start a webserver, or connect to a webserver and communicate via http.
I'm saddened by the loss of the Applet. It is a technology not easily replaced. And another methods seem somewhat like 'workarounds'. There is no easy, cross-browser way to break out of the browser sandbox and access the system.
For myself, the loss of the Applet has simply meant that automating some of these processes has become too difficult and it is just better to find an alternative way of achieving a similar end result.
A small note: If you are starting a local webserver, be mindful of security. It can be accessed by other processes on the system. Wouldn't it be fun to open word on anyone's system by sending a request to a port!

How to access windows certificate store in javascript?

I want to access the windows certificate store through javascript... I want to develop a web application and wants to validate the login user against the certificate by reading it.
As far as I know it is not possible from a web application without using native bridge (fir instance through some java applet or activeX component).
There is currently a W3C working draft for a Web Cryptography API. Some browser vendors are currently working on this API (Mozilla or Microsoft) but it is far from being production ready.

How can I access to USB stick from website?

I'm planning to make a login system by USB, so if you put in a USB-drive and open a specific webpage, the website asks the USB-drive for the code (e.g. by a JavaScript file, a redirect or something like that).
The problem is, because of sandboxing, you can't load or redirect to local files. I don't know a solution for this problem. Can you guys help me? I don't need specific code, just an example or something in that way.
Maybe you can read up on USB-HID. Wikipedia:
The USB human interface device class (USB HID class) is a part of the USB specification for computer peripherals: it specifies a device class (a type of computer hardware) for human interface devices such as keyboards, mice, game controllers and alphanumeric display devices.
Here are some references:
USB HID (Human Interface Device)
node-hid - Access USB HID devices from node.js
DepthJS: 'Allows any web page to interact with the Microsoft Kinect using Javascript'.
A related Stackoverflow question:
Write data to USB HID using Javascript, HTML5, or any cross platform language (supports Android)
One other possibility is to check out the Chrome HID (Human Interface Device) APIs:
Interacting with USB HID devices from web apps – via Chrome Apps, see below
Relevant Chrome API docs
Please note that for the time being, you cannot interact directly with the USB device (i.e. you cannot access any WebAPI offering that kind of fine-grained control).
Building a Chrome App (different from a Chrome Extension) may help; This article may point you in the right direction, since it also provides sample code.
The only way I can think of is putting a html file on the usb stick that essentially generates some sort of login token and gives you a link or a form to a login processor. You can then access the webpage by opening the local file first which will redirect you to the actual webpage.
This local script may include a javascript from the server to get some challenge-response-data which it hashes somehow (perhaps in combination with a password) and puts it into the form data.
Web PKI authentication from Modern Browsers may be achieved by using Browser Extension. One such extension is Signer.Digital browser extension. Use below Javascript promises from the APIs provided by Signer.Digital extension.
SignerDigital.getSelectedCertificate() to register user's certificate
SignerDigital.signHash(hash) to sign token at browser and verify at server
For all Javascript APIs refer to SO Answer https://stackoverflow.com/a/63173083/9659885
Disclaimer : I work for a company supporting the application below
Hello, you may try to use Nexu open-source application for communication with smartcards or USB tokens. It also support PKCS 12 keystores.
For example, the application is connected to the DSS webpage on the website of European Commission : see the link.

Modbus TCP to JavaScript Conversion

I'm wondering if the Modbus TCP protocol already being exported or converted to a JavaScript or a Plugging of some kind so a webpage can be created inside an HTML editor like Dreamweaver that can access this script and use it for controlling machine's PLC Inputs and Outputs and to manipulate and receive Temperature and Pressure data from analog sensors.
Does anyone knows if perhaps a type of gateway has already being written in Java that will interact between the Modbus-TCP protocol inside the PLC and an HTML page?
I'm a PLC programmer and a Dreamweaver user who is interested in developing a webpage for an Android tablet or a smart phones and be able to locally, via Wi-Fi, view and control our machines.
I know I can always use a dedicated TouchScreen but I'm looking to gain more control for the page HMI design.
Thanks for your help
Telemetrika
jsModbus is a Javascript client library for Modbus TCP

Categories