Yes, often PKCS#11 can be the answer.
(是的,通常PKCS#11可能是答案。)
PKCS#11 is platform independent, standardized middleware to talk to cryptographic tokens . (PKCS#11是与平台无关的标准化中间件,用于与加密令牌通信 。)
Cryptographic tokens are tokens that hold key (and other) objects, where the key objects can be used but not extracted. (加密令牌是持有密钥(和其他)对象的令牌,其中可以使用但不能提取密钥对象。)
Smart cards are one form of cryptographic token, a HSM is another. (智能卡是加密令牌的一种形式,HSM是另一种形式。)
A key used for authenticating can obviously stored and used for signature generation through PKCS#11.
(用于身份验证的密钥显然可以存储,并通过PKCS#11用于签名生成。)
Similarly the certificates that are commonly build around the public key can be retrieved using PKCS#11. (同样是通常围绕打造公钥证书可以使用PKCS#11进行检索。)
There are of course other standards such as OpenPGP and PGP compatible cards that could be used. (当然,还可以使用其他标准,例如OpenPGP和PGP兼容卡。)
Proprietary protocols are an option as well, but you'd have to think up a pretty complex one to use multiple authentication devices. (专有协议也是一种选择,但是您必须考虑一个相当复杂的协议才能使用多个身份验证设备。)
That said, a higher level authentication protocol might just what you need. (也就是说,更高级别的身份验证协议可能正是您所需要的。)
Unfortunately I don't know how to implement this using React without researching it myself, and asking us to help you design / implement a system for a particular runtime is much to broad for StackOverflow anyway.
(不幸的是,如果不自己研究,我不知道如何使用React来实现这一点,无论如何,要我们为特定的运行时帮助您设计/实现一个系统对于StackOverflow来说都是非常广泛的。)
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
