SignBridge

Tracking since Apr 4, 2026.

Changelog

• Apr 17, 2026
  description

  SignBridge is a browser extension that implements the Generic Web HSM Signing Protocol, enabling web applications to securely sign PDF documents using hardware security modules (HSM), smartcards, and USB tokens via the PKCS#11 standard.
  
  https://github.com/ASE-Bucure-ti/SignBridge
  
  How it works:
  SignBridge acts as a bridge between web applications and a lightweight native host application installed on your computer. When a web app requests a document signature, the extension relays the request to the native host, which interfaces with your PKCS#11-compatible hardware (e.g., SafeNet eToken, Gemalto, YubiKey, or any PKCS#11 device) to perform the cryptographic signing operation locally. Private keys never leave your hardware device.
  
  Key features:
  • Standards-based — implements the open Generic Web HSM Signing Protocol v1.0 developed internally
  • Works with any PKCS#11-compatible hardware token, smartcard, or HSM
  • Supports single and batch PDF signing workflows
  • Visible and invisible digital signatures with customizable appearance
  • PAdES B-B and B-T signature profiles with optional timestamping
  • All cryptographic operations happen locally — private keys never leave the hardware device
  • No user data is collected, transmitted, or stored by the extension
  
  Requirements:
  • The SignBridge native host application must be installed on your computer
  • A PKCS#11-compatible hardware device (smartcard, USB token, or HSM) with its vendor drivers installed
  
  For developers:
  SignBridge is designed for seamless integration. Web applications communicate with the extension via standard DOM events (postMessage). A lightweight JavaScript SDK is available for easy integration into any web application. Visit the project documentation for the protocol specification and integration guide.
  
  Privacy:
  This extension does not collect, store, or transmit any personal data. It only relays signing requests between the web page and the locally installed native host application. All cryptographic operations are performed entirely on your local machine.

  SignBridge is a browser extension that implements the Generic Web HSM Signing Protocol, enabling web applications to securely sign PDF documents using hardware security modules (HSM), smartcards, and USB tokens via the PKCS#11 standard.
  
  Here you can download the native host:
  https://github.com/ASE-Bucure-ti/SignBridge
  
  Here you can test different web flows scenarios:
  https://signbridge.ase.ro
  
  How it works:
  SignBridge acts as a bridge between web applications and a lightweight native host application installed on your computer. When a web app requests a document signature, the extension relays the request to the native host, which interfaces with your PKCS#11-compatible hardware (e.g., SafeNet eToken, Gemalto, YubiKey, or any PKCS#11 device) to perform the cryptographic signing operation locally. Private keys never leave your hardware device.
  
  Key features:
  • Standards-based — implements the open Generic Web HSM Signing Protocol v1.0 developed internally
  • Works with any PKCS#11-compatible hardware token, smartcard, or HSM
  • Supports single and batch PDF signing workflows
  • Visible and invisible digital signatures with customizable appearance
  • PAdES B-B and B-T signature profiles with optional timestamping
  • All cryptographic operations happen locally — private keys never leave the hardware device
  • No user data is collected, transmitted, or stored by the extension
  
  Requirements:
  • The SignBridge native host application must be installed on your computer
  • A PKCS#11-compatible hardware device (smartcard, USB token, or HSM) with its vendor drivers installed
  
  For developers:
  SignBridge is designed for seamless integration. Web applications communicate with the extension via standard DOM events (postMessage). A lightweight JavaScript SDK is available for easy integration into any web application. Visit the project documentation for the protocol specification and integration guide.
  
  Privacy:
  This extension does not collect, store, or transmit any personal data. It only relays signing requests between the web page and the locally installed native host application. All cryptographic operations are performed entirely on your local machine.

Permissions & access

Permissions

nativeMessagingstorage

Host access

http://*/*, https://*/*

Screenshots

Similar extensions

Alternatives to SignBridge, ranked by description similarity.

Aucta Signing Extension

Aucta signing extension offers digital document signing from a web browser using local digital certificates

199

★ 5.0

QuantumAuth Bridge

Connects web apps to the local QuantumAuth client.

2

Web Signer for UTSP

© Thales Group 2026

644

Gemalto Web Signer for NatWest

© Thales Group 2026

—

APB.DocumentSigner

This plugin can signing XML and PDF documents different users digital certificates. Also it can verifying signed documents.

4.0K

★ 2.0

MBS Signing Extension

A web browser extension for digitally signing documents

12

CTJ - Web3 Auth Bridge

Authentication bridge connecting your wallet to Crypto Trading Journal (requires MetaMask or similar)

7

Gemalto Web Signer for Lloyds Banking Group

© Thales Group 2026

—