Digital signature from electronic smartcard in Chrome

Question

For an electronic prescription system, that runs on the browser and that requieres personal signature by the professional, we are using a Java applet to sign the XML request, that then is sended to a WS, using a smartcard.

But since version 42, Chrome is disabling by default NPAPI support, and in future versions next to September 2015 it will be completely disabled and then applets won't be usable at all.

At Chrome NPAPI deprecation page points to WebCrypto and TLS as alternatives. But it seems that WebCrypto has leaved out of scope the support of smartcards , and it seems that TLS is only about cryptographic protocols and it doesn't provides a way to use an electronic cards.

Has someone used a completely browser native solution to sign documents and have a good control of the process. At least it will be nedeed:

• No confirmations and no visualitzation of the XML request that is signed by the user. Because what is signed is an internal technical request that has no value to the user, and the application runs in a controlled and trusted system in internal LAN.

Answer 1

We faced the same problem, came up with a solution (native messaging, yes)

https://github.com/open-eid/chrome-token-signing