0

I want to verify public key of my algorithm using CA certificate. Is there any way to put .cer file of CA in browser certificate repository and verify signature using that certificate in javascript?

Use case: I used one algorithm for doing digital signature. So I generated public key and private key for user. So when user creates any document I am putting signature on that document. And using javascript I am verifying signature using public key of user. Now the problem is anyone can create their own public key and signature for that document. So my question is to verify public key using CA certificate. Is there any way to do it?

jfriend00
  • 683,504
  • 96
  • 985
  • 979
sms_1190
  • 1,267
  • 2
  • 12
  • 24
  • 1
    I think you'll have to describe in more detail what you're trying to do because javascript in a browser is not secure in any way so carrying out security operations in client-side javascript is rarely useful because it can easily be bypassed or messed with. Generally, you need to use the security capabilities built into the browser (like SSL and certificate verification for that) or do your work server-side. – jfriend00 Mar 31 '14 at 21:24
  • Use case : I used one algorithm for doing digital signature. So I generated public key and private key for user. So when user creates any document I am putting signature on that document. And using javascript I am verifying signature using public key of user. Now the problem is anyone can create their own public key and signature for that document. So my question is to verify public key using CA certificate. Is there any way to do it? Thank you – sms_1190 Mar 31 '14 at 22:16
  • Are you putting the signature on the document in the client or on the server? – jfriend00 Mar 31 '14 at 22:33
  • putting signature on server side and sending to client in json format with document content. – sms_1190 Apr 01 '14 at 02:47
  • And, then you want to verify the signature on the client and do what with that knowledge? – jfriend00 Apr 01 '14 at 02:49
  • yes I want to verify on the client side. – sms_1190 Apr 01 '14 at 14:36

1 Answers1

1

For reasons of security, javascript cannot download and install a certificate into the browsers trusted certificate store. Think about it in terms of visiting dodgy sites.....

Anthony Palmer
  • 944
  • 10
  • 15