Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is there a HTML5 keygen example?

Tags:

html

I am having difficulty understanding how to use <keygen>.

I could not find the demo for it, which is used for authentication. When I add the <keygen> tag to the form, it sends the public key.

What should be done after getting the public key?

Can someone please give me sample application which uses <keygen> and does the authentication?

like image 531
swingmicro Avatar asked Jul 29 '12 17:07

swingmicro

People also ask

How can we define a keygen in HTML5?

The <keygen> tag in HTML is used to specify a key-pair generator field in a form. The purpose of <keygen> element is to provide a secure way to authenticate users. When a from is submitted then two keys are generated, private key and public key. The private key stored locally, and the public key is sent to the server.

Could you generate a public key in HTML?

You can easily generate a public key using the <keygen> tag in HTML. The <keygen> element generates an encryption key for passing encrypted data to a server. The purpose of the <keygen> element is to provide a secure way to authenticate users.

Where are the keys stored which has been generated using keygen element?

The <keygen> form field creates a Public Key / Private Key pair. Private Key is encrypted (based on the choice) and stored in the Local Key Database.

1 Answers

My explanations come from this PHP/Apache example. It's a simplified explanation, look at the original example for full details.

The client generate a public key for the server and keep a private key.

<form>
   <keygen name="pubkey" challenge="randomchars">
   <input type="submit" name="createcert" value="Generate">
</form>

The public key is extracted by the server:

$key = $_REQUEST['pubkey'];

The server build a client certificate:

$command = "/usr/bin/openssl ca -config ".$opensslconf." -days ".$days." -notext -batch -spkac ".$certfolder.$uniq.".spkac -out ".$certfolder.$uniq." -passin pass:'".$capw."' 2>&1";
$output = shell_exec($command);

and send it back to the client.

You can then configure Apache to allow access to authentified clients:

SSLEngine on
SSLCipherSuite HIGH:MEDIUM
SSLCertificateFile /etc/CA/certs-pub/domain.der
SSLCertificateKeyFile /etc/CA/certs-priv/domain.pem
SSLCACertificateFile /etc/CA/certs-pub/ca.pem
SSLCARevocationFile /etc/CA/crl/cacrl.pem
<Location /secure_area/>
  SSLVerifyClient require
  SSLVerifyDepth 1
</Location>
like image 132
Ortomala Lokni Avatar answered Oct 05 '22 07:10

Ortomala Lokni
Sign in to Comment

Related questions

Translate Javascript keyCode into charCode for non-U.S. keyboard layout (i.e. azerty)
Formatting events according to start time
CSS padding added to height/width for <input type='submit'>
Html/Css - How to get an image to stretch 100% width of a container then display another image over it?
Heroku kind of hosting for simple HTML/JS applications
Markdown scoping with <section> and <div> blocks?
HTML5 video and partial range HTTP requests
Plugin editor HTML TinyMCE vs CKEditor [closed]
"overflow-y: scroll;" is hiding overflowing elements on the horizontal line
Meteor – How to use template helpers inside <head> element?
Why aren't browsers strict about HTML? [closed]
Is there a way to use the "n" value in :nth-child(n)?
Replacing col with d-flex in Bootstrap 4
HTML Comments Markup
Is web development possible using Google Sites?
User authentication in offline web apps
How to target a braille / screen-reader via CSS
What browsers download hidden images
highlight text box border color for few seconds?
HTML Form Button value is not posted in Safari and Chrome

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!