浏览器证书是否可用于在 Firefox 上使用 Web 扩展对有效负载进行签名

发布于 2025-01-13 06:28:50 字数 1951 浏览 2 评论 0原文

我一直在追求一种可以使用数字证书对 xml 有效负载进行数字签名的实现。我之前已经在此处

我决定尝试使用网络扩展来执行我的这个目标。我开始了我的 POC

   {
"manifest_version": 2,
"name": "Test extension",
"version": "1.0",
"description": "Test extension.",
"icons": {
    "48": "icons/border-48.png"
},
"background": {
    "scripts": ["background.js"]
},
"permissions": [
    "webRequest",
    "webRequestBlocking",
    "<all_urls>"
]
}

，以下是我在网上找到的背景.js，

                var log = console.log.bind(console)

            log(`\n\nTLS browser extension loaded`)

            // https://developer.chrome.com/extensions/match_patterns
            var ALL_SITES = { urls: ['<all_urls>'] }

            // Mozilla doesn't use tlsInfo in extraInfoSpec 
            var extraInfoSpec = ['blocking']; 

            // https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/webRequest/onHeadersReceived
            browser.webRequest.onHeadersReceived.addListener(async function(details){
                log(`\n\nGot a request for ${details.url} with ID ${details.requestId}`)

                // Yeah this is a String, even though the content is a Number
                var requestId = details.requestId

                var securityInfo = await browser.webRequest.getSecurityInfo(requestId, {
                    certificateChain: true,
                    rawDER: false
                });

                log(`securityInfo: ${JSON.stringify(securityInfo, null, 2)}`)

            }, ALL_SITES, extraInfoSpec) 

            log('Added listener')

将其添加为自定义扩展后，我在 Firefox 控制台上得到以下输出。然而，它只是告知我正在访问的网站的证书详细信息。有了这个基础，我需要一个起点的帮助，我可以在自己的浏览器上使用证书并按照我的要求签署文档。任何输入都会有很大帮助。谢谢！

原文

I have been pursuing an implementation where an xml payload can be digitally signed using the digital certificate. I have elaborated my question previously here

I decided to try using webextensions to perform this target of mine. I started off my POC with

   {
"manifest_version": 2,
"name": "Test extension",
"version": "1.0",
"description": "Test extension.",
"icons": {
    "48": "icons/border-48.png"
},
"background": {
    "scripts": ["background.js"]
},
"permissions": [
    "webRequest",
    "webRequestBlocking",
    "<all_urls>"
]
}

And the following background.js from a lead I got online

                var log = console.log.bind(console)

            log(`\n\nTLS browser extension loaded`)

            // https://developer.chrome.com/extensions/match_patterns
            var ALL_SITES = { urls: ['<all_urls>'] }

            // Mozilla doesn't use tlsInfo in extraInfoSpec 
            var extraInfoSpec = ['blocking']; 

            // https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/webRequest/onHeadersReceived
            browser.webRequest.onHeadersReceived.addListener(async function(details){
                log(`\n\nGot a request for ${details.url} with ID ${details.requestId}`)

                // Yeah this is a String, even though the content is a Number
                var requestId = details.requestId

                var securityInfo = await browser.webRequest.getSecurityInfo(requestId, {
                    certificateChain: true,
                    rawDER: false
                });

                log(`securityInfo: ${JSON.stringify(securityInfo, null, 2)}`)

            }, ALL_SITES, extraInfoSpec) 

            log('Added listener')

I am getting the below output on Firefox console after adding this as a custom extension. However it is just informing the certificate details of the sites I am visiting. With this foundation I needed help with a starting point where I can use the certificate on my own browser and sign a document as I am pursuing. Any inputs will be of great help. Thanks!

分享到QQ

分享到微博