Skip to content

antelle/pkcs11-smartcard-sign

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package.json
package.json
 
 
test.js
test.js
 
 

Repository files navigation

PKCS #11 Smartcard Sign

This module allows you to sign anything with a private key stored on PKCS #11 smartcard.
For example, you can upload your key to YubiKey and generate signatures.

How it works

It's using pkcs11-tool from OpenSC to process signatures. If it's not installed, you will get an error.

Example

const signer = require('pkcs11-smartcard-sign');

// Basic usage:
//  - SHA-256
//  - Read key with ID 02
//  - Prompt for PIN
signer.sign({
    data: Buffer.from('something')
}).then(signature => {
    console.log(signature.toString('hex'));
}).catch(err => {
    console.error(err);
});

// Advanced options
signer.sign({
    data,
    // predefined PIN
    pin: '0000',
    // ID of the key to use (on the smart card)
    key: '03',
    // algo: sha256 or sha512
    algo: 'sha512',
    // select N-th smart card reader configured by the system
    reader: 2,
    // verify with this public key after sign
    verifyKey: fs.readFileSync('your-public-key.pem'),
    // module to use
    module: '/usr/local/lib/libykcs11.1.dylib'
});

About

Signatures from PKCS #11 smartcard in node.js

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages