Reputation: 257
Use of keygen tag in html5
As part of my application i want a secret key that should be known to the user and server before my actual process starts. I explored about <keygen> tag in html5.
It is said that <keygen> element is a key-pair generator. When a form is submitted, two keys are generated, one private and one public (the private key is stored on the client, and the public key is sent to the server).
Do we need to write any code to store the private key or will it automatically gets stored?
If the public key is sent to the server, will it be in key format or in string format (if we receive the key in key format in jsp or servlet the processing will be easier).
Upvotes: 2
Views: 896
Answers (2)
Reputation: 91
Actually, the private key should never leave the computer hence there is no API to get it. AFAIK the only way to get the private key is to make up a certificate with the public key, import it to the browser and export the certificate along with the private key.
Upvotes: 0
Reputation: 64923
The key is sent to the server as a POST/GET parameter, it is up to the server what to do with the key. Like any other POST/GET parameter, the key is sent as a string, so unless your web framework knows how to decode the POST/GET parameters into objects, the key will be in string format.
Upvotes: 2
Related Questions
- Keygen tag in HTML5
- Key Security - How to ensure that keys are secure?
- Java Applet Security Issues
- Is there a HTML5 keygen example?
- java keystore at client site
- Private key of keygen tag
- How to use KEYGEN html 5 tag in a JSF app?
- encrypt html files using java swing
- Using <keygen> to get an RSA key for use with javascript?
- when we use name="Keys" in input html tag?