Signing plugin initialization is not installed. Installing the CryptoPro CSP plugin in the Mozilla Firefox browser. th way. Enable application plugins
Posted on 02/03/2016 in
Zagalnye Vidomosti
The plugin's software interface transmits the call for asynchronous operations implemented under promise objects. You can read the report on Vicoristan in the implementation of the plugin specification. It is necessary to install two types of resolvers on promises:
- onFulfilled– ask if the promise can be successfully completed;
- onRejected– ask if the promise can be “completed with mercy.”
Initialization of the plugin
To work with the plugin, you need to use the PKCS#11 initialization function of the plugin.initPKCS11 component. This function, as parameters, receives the names of modules (as an array). The selection of transfer modules can be reviewed. If modules are not specified, the plugin will initiate all modules.
If you need to indicate which crypto providers will use the capi module when using the capi module, use the following record format:
Capi:(prov1),(mode):(prov2),(mode)
Whose records:
- prov1, prov2 – name of the crypto provider. At this time, the following values are emphasized:
- Crypto-Pro GOST R 34.10-2001 Cryptographic Service Provider;
- Crypto-Pro GOST R 34.10-2012 Cryptographic Service Provider;
- Crypto-Pro GOST R 34.10-2012 Strong Cryptographic Service Provider;
- Signal-COM CPGOST Cryptographic Provider;
- Signal-COM GOST R 34.10-2012 (256) Cryptographic Provider;
- Signal-COM GOST R 34.10-2012 (512) Cryptographic Provider;
- Infotecs Cryptographic Service Provider.
- mode – mode of displaying the PIN code entry window. You can take the following values:
- 0 – mode for transfers, transfers by the crypto provider;
- 1 – display of the crypto provider’s native window.
Note: while working with Crypto-Pro on Linux, the native window of the crypto provider is not available. - 2 – display of a window in the plugin interface.
Note: when Signal-COM is installed, the display window in the plugin interface is not available.
To retrieve keys from the Windows system folder, follow your provider name
Example of initiating all modules:
Plugin.initPKCS11(["ISBC ESMART", "Aladdin R.D. Unified JaCarta", "Rutoken", "SafeNet", "capi:Crypto-Pro GOST R 34.10-2001 Cryptographic Service Provider,0:Crypto-Pro GOST R 3421 Cryptographic Service Provider,0:Crypto-Pro GOST R 34.10-2012 Strong Cryptographic Service Provider,0:Signal-COM CPGOST Cryptographic Provider,0:Signal-COM GOST R 34.10-2012 (256) Cryptographic Provider,0 R 34.10-2012 (512) Cryptographic Provider,0:Infotecs Cryptographic Service Provider,0:
Example of initiating a module to retrieve keys from the Windows system folder:
Plugin.initPKCS11(["capi:
Upon successful initialization, the function rotates the object (hereinafter using the additional promise mechanism) to the modules and getCertsForSign functions.
Review of the flow of modules and their appearance
To view the transfer of modules and theirs, you will need to click on the modules function.
I'll ask an example:
Pkcs11.modules.then(onFulfilled, onRejected);
Example of different functions (printed for ease of reading):
[ ( "enable": true, "name": "Aladdin R.D. Unified JaCarta" ), ( "enable": true, "name": "Rutoken ECP" ), ( "enable": false, "error": "100 :failed to load p11 module", "name": "ISBC ESMART" ] ]
Review of the list of certificates
To view the list of identified certificates, you need to call the getCertsForSign function. It is necessary to specify a parameter for the call function in order to use the parallel mode of testing initialized PKCS#11 modules:
- true– parallel development to modules (recommendation mode);
- false- Sequential scaling up to modules.
Review of data about a specific certificate
To view information about a specific certificate, you need to click on full_info, which displays information about the certificate in the json object view. It includes the following parameters:
- sn – serial number certificate;
- subject– data about the subject who received this electronic signature certificate. It appears in json format in the format: values, and the parameter is the name of the authentic object identifier (OID). All standard object identifiers are given standard designations, for example, CN (Common Name).
- issuer– information about the issue of the electronic signature key certificate. It appears in json format in the format: values, and the parameter is the name of the authentic object identifier (OID). All standard object identifiers are given standard meanings;
- not_before– hour of the certificate (data type – row in ASN1_TIME format);
- not_after– hour of completion of the certificate (data type – row in ASN1_TIME format);
- key_usage– information about the key recognition that appears in the array.
Review of data about the electronic signature key
To view information about a specific key of an electronic signature certificate, you need to call the token_info method. The method rotates a json object with the following data:
- label– the name of the key container for the electronic signature;
- manufacturerID– publisher identifier for the electronic signature;
- model– model for the purpose of electronic signature;
- serialNumber- Serial number for the individual electronic signature.
Signing operation using the selected certificate
Simple subscription mode
To sign a row using the selected certificate, you must call the cms_sign_on_it function, which accepts the following input parameters:
- signature row;
- signature type - whether the signature is accepted (it is necessary to pass the value true) or accepted (false).
Example of a click function that can click on a certificate object: cms_sign_on_it("1234", 3, true).then(function(cms)(console.log(cms)));
Extensions subscription mode
Extension mode allows:
- sign the tributes of a great engagement, for example files;
- Sign a number of files without re-entering the PIN code.
To sign data for an additional selected certificate, it is necessary to first initialize the signer object using the additional start_signing function on the certificate object. Function parameters:
- signature type - whether the signature is accepted (it is necessary to pass the value true) or accepted (false);
- The number of tests for entering a PIN code (for example, the value “1” means that the user only needs one test, after which the function rotates the reset).
The following methods will be available on the signer object:
- add_data_in_hex(hexDataString) - accepts data from a hex row as input;
- add_data_in_base64(base64DataString) - accepts data from the base64 row as input;
- add_data_in_string(stringData) - accepts data as input in the form of utf-8 row;
- free() - rotates the values true/false, which allows you to verify that the certificate is ready before signing. It is necessary to use the following option if the iteration signature is applied to different certificates. In other words, if there is a sequential signing on a number of certificates, before signing it is necessary to call this method and then turn it to true ;
- finish() - finalizes the signature and converts it to CAdES-BES/PKCS#7 format.
Row signature
The example of the command allows you to sign the row:
Signer.add_data_in_string("1234").then(function(res)( return signer.finish();)).then(function(cms)(console.log(cms))));
This command has "1234" - a sequence that must be signed.
Installation of multiple signatures
After finalizing the signature, the signer object is rotated to weekend camp. As part of the session, you can sign up again to sign other data, for example, a new file. You will not be asked for your PIN code again.
To sign a different certificate, you must clean up the signer object. In most browsers, this object is cleared automatically when it loses its scope. However, Internet Explorer Possible situations, if purification of the signer is not possible, must be carried out before washing. For uniqueness, it is recommended to clear signer.free() . This operation can be carried out in all browsers to unify the code. Example of signing a certificate with clearing the signer object:
Function sign(cert, info) ( function successCms(signature) ( alert(signature); ) cert.start_signing(false, 3) .then(function(signer) ( signer.add_data_in_base64("MTIzNDU2") .then(function() ( var data = signer.finish(); var free = signer.free(); return data; ), e) .then(successCms, e), e);
Subscription to the file of the great obscurity
Function readFileByChunk(file, cbToRead, cbToFinish) ( var fileSize = file.size; var chunkSize = 1024 * 1024; // bytes var offset = 0; var chunkReaderBlock = null; var self = this; var var if (evt.target. error == null) ( cbToRead(evt.target.result, offset, fileSize); offset += evt.target.result.byteLength; ) else ( console.error("Read error: " + evt .target.error); showError("File read: " + evt.target.error); return; if (offset >= fileSize) , file); ) chunkReaderBlock = function(_offset, _chunkSize, _file) ( var r = new FileReader(); if (_file.slice) ( var blob = _file.slice(_offset, _chunkSize + _offset); ) else if (_ .webkitSlice) ( var blob = _file.webkitSlice(_offset, _chunkSize + _offset); else if (_file.mozSlice) ( var blob = _file.mozSlice(_offset, _chunkSize + _offset); ) r.onload readAsArrayBuffer(blo b) // start reading the first block chunkReaderBlock(offset, chunkSize, file); )
If you remember that the fragments of the subscription are compiled locally, then in order to further transfer the selected corrugated file and signature to the server, it is necessary to implement the same logic on the web page.
Plugin installation rules CryptoPro CSP V Mozilla Firefox They vary depending on the browser version - 52 or higher or older.
Mozilla Firefox versions lower than 52
To sign documents in Mozilla Firefox:
- Viktnіt automatic updates. To do this, go to “Menu” ⇒ “Customization” ⇒ “Additions” ⇒ “Update” (Mal. 1).
- Install version 51.0.1 from the official Mozilla Firefox website.
To install the CryptoPro Browser plug-in, you need to sign in:
- Download the installation program from the official website of the Crypto-Pro company www.cryptopro.ru/products/cades/plugin and run the compiled file.
2. At the CryptoPro Browser plug-in installation window, click the “So” button (Small 2-a).
Rice. 2-a. Installing CryptoPro Browser plug-in 3. Check for completion of the installation (Mal. 2-b).
Rice. 2-b. Installing CryptoPro Browser plug-in 4. Click the “Ok” button and restart the web browser (Small 2).
Rice. 2-in. Installing CryptoPro Browser plug-in Important
After installing CryptoProBrowser plug- inyou need to check whether your browser has installed add-ons for working with electronic signature CryptoPro EDS Browser plug-in for browsers.
5. Open the browser, press the “Browser Menu” button, select the “Add-ons” section (Small 3).
Rice. 3. Browser menu 6. Go to the “Plugins” tab. Opposite the plug-in “CryptoPro CAdES NPAPI Browser Plug-in” from the menu that appears, select the option “Turn on first” (Small 4).
Rice. 4. Management of additional features 7. Restart the browser.
Mozilla Firefox version 52 and higher
To install the CryptoPro Browser plug-in, go to:
- Go to www.cryptopro.ru/products/cades/plugin, then select “browser extension” (Mal. 5).
Rice. 5. CryptoPro website
2. Press “Allow” (Mal. 6).
Rice. 6. Allowed the request
3. Press “Add” (Mal. 7).
On some sites you can get information on the right with certificates and electronic keys, and from the beginning it is necessary to virishuvat different problems So that everything is requested. This article has information about cleaning the CAdES plugin if there are requests and the objects are not created.
Major problem with the plugin
As it comes from the place of mercy, the CAdES plugin itself is an attraction, then. It is in the system that it now respects your robot. The problem occurs in older versions of Firefox up to version 51 (the new plugins simply don’t work). This article is like a butt taken electronically trading maidanchik, and there are three ways you can solve the problem.
Method 1: Enable the plugin for the streaming site
The upgrade of the plugin for streaming sites is justified by security standards if the browser is used for special purposes and for their own protection different sides. And also if you need to log in to the office with electronic keys more than once.
Method 2: Disable the plugin for all sites
The food safety is even more turbulent, because... The computer is enabled for working on several sites, you can install the CAdES plugin for all sites. This should be done immediately after visiting the page. You can help this problem if you can’t find the dark gray square to enable the plugin.
Method 3: Using another browser
For any undisclosed reasons, the CAdES plugin can still be used. Another way to get the bug is to use another browser. Most browsers are based on the Chromium engine, they are similar, let’s look at the example Google Chrome.
Visnovok
Apparently, there are a number of ways to resolve the problem incorrect work plugin. Depending on your surroundings, you can choose for yourself the one that suits you best.
) in the "Products" section -> "CryptoPro EDS Browser plug-in"
When you run the downloaded file, the system will ask you to assign rights to the system administrator. Installation without administrator rights is impossible.
After installation, you must restart your browser! Sometimes (if you use Chrome), you may need to restart the system, because... By closing all windows, Chrome will never again remove the browser from RAM.
Additional setup for FireFox version 52.0 and newer ones
Don't forget to install the plugin
To use the FireFox plugin starting with version 52, you must install the latest version of the plugin (not lower than 2.0.12888) and a special extension for FireFox.
To install the extension, go to the instructions in your FireFox. After the transition, you will be prompted to install the extension for FireFox - you must confirm the installation by clicking Install.
Once installed, the launch is allowed only after confirmation by the customer. Allowing the launch of superbuds is possible only for a streaming site or again for all sites
Option 1: setting up permission to vikoristannya nadbudovy tilki for the streaming site (https://www.site)
If there is a pardon: Attraction plugin, but objects are not created add value to the address row - a nadbudov icon will appear:
Click on this icon - you will be prompted to launch nabudova and remember to launch nabudova for your site the next time.
Option 2: adjusting the permission of vikoristannya nabudova for all sites
Open the installation page FireFox add-ons
In the list of add-ons, find CryptoPro CAdES NPAPI Browser Plug-in and change its startup mode to “Enable first”
Additional adjustments for Opera
Open the page with the search option to install:
Enter the search term "CryptoPro" - the extension "CryptoPro Extension for CAdES Browser Plug-in" is found. Click "Add to Opera" to install.
Additional adjustments for Yandex browser
For the Yandex browser, you need to log out a procedure similar to the logout with Opera.
Additional parameters for Google Chrome: separate building installed add-on
If the add-on is successfully installed, when you launch Chrome you will see a confirmation message asking you to launch the add-on
Whose dialogue needs to be allowed to expand
The programmed initialization of data is important, so we set the first steps for the program - attributes, necessary files and data, connecting to the database, etc.
WordPress has a fixed initialization procedure. When implementing the life cycle of the page, the WordPress platform launches many activities that we have previously discussed. The system has a set of initialization hooks that are used to initialize programs before installing their basic functionality.
For developers and designers, in order to create clear programs, it is important to understand how to set up hooks, as well as parts of the meal vikoristana initialization hooks.
This article will reveal the importance of initialization hooks in WordPress, and also show how to use them in various situations.
Introducing initialization hooks
WordPress offers a wide range of hooks that can be used in developing plugins and themes.
In a typical page setup, all hooks are put in order. All hooks are terminated after basic supplement WordPress complete its expansion.
Thus, initialization hooks are mainly used in order to, as you might guess, initialize the process of their work in plugins and themes. Let's take a look at the available WordPress init hooks in order of their appearance:
- Init runs after WordPress finishes its work, and before any headers are transferred. This hook is modified by plugins to initiate the process.
- widgets_init is used for registering widgets with programs in the sidebar. The register_widget function is wrapped within this hook.
- admin_init is displayed as the first action after the user has denied access to the WordPress admin panel. In general, you need to check the settings in order to initialize settings that are specific to the administrator area.
In addition to these three hooks, WordPress also has another hook called admin_bar_init, which is invoked after the admin bar is initialized. The WordPress Codex does not contain a description of this hook; only a small number of plugins are used.
You can vivify new process Vykonannya hooks dіy u WordPress u kodeksі.
WordPress introduces a skin hook in the same order (as described in the code). It is also important to look at the order in which skin symptoms appear. Let's look at these situations to understand the difference.
Means admin_init in the middle of the init hook
If we need, we can define WordPress hooks within other hooks. In a typical entry, the init hook is placed before the admin_init hook. Let's try to display this by placing admin_init in the middle of the init hook:
Add_action("init", "test_init"); function test_init())( add_action("admin_init", "test_admin_init"); ) function test_admin_init() ( echo "Admin Init Inside Init"; )
After writing this code, we remove the steps using the echo operator.
Meaning init in the middle of the admin_init hook
Let's look at the code and the script, if the earlier hook has the values of the hook that comes later, in order of succession.
Add_action("admin_init", "test_admin_init"); function test_admin_init() ( add_action("init", "test_init"); ) function test_init() ( echo "Init Inside Admin Init"; )
In this case, we do not remove any significance - as we already understood - the fragments of the init hook are connected before admin_init, and not after admin_init.
As you can see, it is important to understand the procedure for installing hooks for creating successful plugins. The order in which they appear is important for all WordPress hooks.
We can follow the init and admin_init hooks
Among all the initialization hooks, it’s important to pay attention to init and admin_init, as these two hooks are often used in many plugins. Solving initialization hooks is much easier with these two hooks.
We are also impressed by the functionality of the init and admin_init hooks.
The init hook is added to each application for both the frontend and backend of a WordPress site.
The admin_init hook is terminated after the admin section has completed the initialization process. Thus, this hook is linked for all queries to any admin page. The culprits are registered in order to serve the interests of the present hook.
Occice Office Tsі Khuki to vicentially vicentized at the skin of the skin, mi guards the rank of think about functioning, and the cichs of Khukiv, and the descendant of the cinema, is more likely to drive the site.
Yak vikorystuvati init hooks
Most often, initialization hooks are used by most other WordPress plugins, and even important ones follow the process of their modification.
WordPress does not require those who are themselves to blame and those who are not to blame to connect; Therefore, growers can indulge in minor indulgences, which, with their own money, lead to a significant decrease in productivity. In this section we will show you how to effectively use the init and admin_init hooks.
Let's take a look at the best practices of vicious initialization hooks:
init hook
- Registering new post types – WordPress developers recommend using the init hook to register new post types.
- Initializing the configuration and setting up the plugin - the parameters for setting up the plugin must be specified for the skin application, and it is also good practice to place them in the middle hook.
- Access to the sent data of the correspondent (Vikorist $_GET and $_POST) – we can go through the transfer of data without vikorystuvannya any actions, in which case it is recommended to use the Vikorist init hook, which guarantees Vikorist for the skin application.
- Adding new rewrite rules - we can set new rewrite rules, vikoryst hook init, but they won’t work after dropping.
- Adding or selecting additional actions – plugins provide a lot of additional actions to expand functionality. The situation may come to an end if we have to add new things or remove old ones. In such situations, it is important to put all the details in the init hook.
- Adding a text domain to a plugin – WordPress supports large numbers of words, so we can add a file to move the rows. This will work with the init hook.
admin_init hook
- Access Control – It is important to review the access rights of users who have accessed the system before allowing customer access to a specific set of features and functionality. admin_init – the first action that will be entered in the admin area, we can use it for access.
- Adding new parameters – we can use this hook to add new pages or parameters from the original WordPress parameters area.
There are many others Possible options The validity of these hooks, however, in some cases there are powerful hooks, so there is no need to use the vikory initialization hooks.
Negative compromises of vikoristan hooks and initialization
The most common situation we encounter is when developers misunderstand the correctness of initialization hooks. Improperly assigning hooks can cause serious productivity problems.
Let's take a look at the important parts of the problem, as well as ways to bypass it:
- Updating rewrite rules is a resource-intensive operation, in which all rewrite rules are updated and reordered to add new or remove old rules. Many vendors are updating the rules for rewriting in the middle of init-actions. This leads to unnecessary waste of skin productivity. It’s our fault to determine the way manual updating rules for rewriting additional buttons or updating the rules of rare actions, such as, for example, saving the adjustment of the plugin.
- Access to the database – for the implementation of various functionality, access to the database is required, but it is important to also avoid unnecessary operations to the database in the middle of initialization hooks, which will result in Wash it down. To achieve this, the ideal solution would be to link database hooks to hooks that provide functionality without any significant productivity losses.
- Various update procedures – plugins must include update procedures to ensure they are up to date with new versions. Request vendors to use initialization hooks to check the plugin version and other parameters before starting the update process. We can encourage users to install the plugin on the screen instead, to automatically check for skin problems.
- The use of initialization hooks replaces hooks for singing functionality - at the cost of the widest reduction that is expected by numerous users. WordPress has a wide range of hooks associated with unique functionality. It's important to use functional hooks to avoid conflicts and produce code that is extensible. Hooks, such as init and admin_init, can be used instead of specific hooks, so many developers will try to get to them, without realizing the destructive effect they have.
Examples of advanced scripting scenarios using the init and admin_init hooks in place of the recommended hooks:
- admin_menu – we can add menu pages for the additional function add_menu_page. To create pages in the admin menu, it is recommended to use the admin_menu hook. However, many developers use the admin_init hook, and most of them end up after the admin_menu hook.
- wp_enqueue_scripts – recommendations for adding styles and scripts can be found in the wp_enqueue_scripts vikory hook. However, many developers use wp_enqueue_script in the middle of the init hook to enqueue scripts and styles.
There are a lot of similar situations when vikory developers use a special init hook instead of a special hook for singing functionality, and such an approach should be avoided if possible.
Visnovok
WordPress initialization hooks play a vital role in the development of plugins and themes. Many developers incorrectly use hacks that interfere with productivity. We discussed this statistic that's right, vikoristannya many hooks, as well as zagalni pomilki These are the conditions and ways to bypass them.
Now we can reduce these same techniques to hooks that are used in plugins. There are a lot of plugin vendors that use various power hooks to make the plugins expandable. For such plugins, we can define plugin-specific initialization hooks to allow developers to “hang” the specified initialization hook on the hook.