I'm building a Webapp(likely to be react) with backend of Substrate(Blockchain framework in Rust). And I want to allow users to sign and verify their account with Smartcard.
Pkcs15-tool worked perfectly with the type of Smartcard im planning to use and I heard pkcs11 is the api meant for software development instead of pkcs15-tool.(correct me if I'm wrong)
How can I implement Smartcard authentication with React web application? Is pkcs11 the right way to go? Im really a beginner in Smart Card.
Yes, often PKCS#11 can be the answer. PKCS#11 is platform independent, standardized middleware to talk to cryptographic tokens. Cryptographic tokens are tokens that hold key (and other) objects, where the key objects can be used but not extracted. Smart cards are one form of cryptographic token, a HSM is another.
A key used for authenticating can obviously stored and used for signature generation through PKCS#11. Similarly the certificates that are commonly build around the public key can be retrieved using PKCS#11. There are of course other standards such as OpenPGP and PGP compatible cards that could be used. Proprietary protocols are an option as well, but you'd have to think up a pretty complex one to use multiple authentication devices. That said, a higher level authentication protocol might just what you need.
Unfortunately I don't know how to implement this using React without researching it myself, and asking us to help you design / implement a system for a particular runtime is much to broad for StackOverflow anyway.
