Provider Class

The built-in cryptographic provider

The built-in cryptographic provider requires no cryptographic hardware or external service (except for the optional TimestampUrl).

Signing certificates with private keys can be loaded using CreateSignatureFromCertificate(Stream, String).

Certificates Directory: Additional certificates, e.g. issuer certificates, can be stored in the certificates directory. These certificates are required when adding validation information to signatures that do not have the full trust chain embedded. The certificates directory may contain certificates in either PEM (.pem, ASCII text) or DER (.cer, binary) form.

Windows:
- %LOCALAPPDATA%\PDF Tools AG\Certificates
- %ProgramData%\PDF Tools AG\Certificates
Linux:
- ~/.pdf-tools/Certificates or $TMP/pdf-tools/Certificates
- /usr/share/pdf-tools/Certificates
macOS:
- ~/.pdf-tools/Certificates or $TMP/pdf-tools/Certificates

Inheritance Hierarchy

SystemObject
  PdfTools.InternalNativeBase
    PdfTools.InternalNativeObject
      PdfTools.Crypto.ProvidersProvider
        PdfTools.Crypto.Providers.BuiltInProvider

Namespace: PdfTools.Crypto.Providers.BuiltIn
Assembly: PdfTools (in PdfTools.dll) Version: 1.0.0

Syntax

Copy

public class Provider : Provider

The Provider type exposes the following members.

Constructors

	Name	Description
	Provider

Top

Properties

	Name	Description
	TimestampUrl	The URL of the trusted time-stamp authority (TSA) from which time-stamps shall be acquired The TSA must support the time-stamp protocol as defined in RFC 3161. The property’s value must be a URL with the following elements: http[s]://[‹user›[:‹password›]@]‹host›[:‹port›][/‹resource›] Where: http/https: Protocol for connection to TSA. ‹user›:‹password› (optional): Credentials for connection to TSA (basic authorization). ‹host›: Hostname of TSA. ‹port›: Port for connection to TSA. ‹resource›: The resource. Applying a time-stamp requires an online connection to a time server; the firewall must be configured accordingly. If a web proxy is used (see Proxy), make sure the following MIME types are supported: application/timestamp-query application/timestamp-reply

Name

Description

TimestampUrl

The URL of the trusted time-stamp authority (TSA) from which time-stamps shall be acquired

The TSA must support the time-stamp protocol as defined in RFC 3161.

The property’s value must be a URL with the following elements:

http[s]://[‹user›[:‹password›]@]‹host›[:‹port›][/‹resource›]

Where:

http/https: Protocol for connection to TSA.
‹user›:‹password› (optional): Credentials for connection to TSA (basic authorization).
‹host›: Hostname of TSA.
‹port›: Port for connection to TSA.
‹resource›: The resource.

Applying a time-stamp requires an online connection to a time server; the firewall must be configured accordingly. If a web proxy is used (see Proxy), make sure the following MIME types are supported:

application/timestamp-query
application/timestamp-reply

Top

Methods

	Name	Description
	CreatePreparedSignature	Create a configuration to prepare a signature for an external signature handler This method is part of a very specialized use case requiring an external signature handler. The process using an external signature handler is: CreatePreparedSignature(Int32, String, String): Create the signature configuration. AddPreparedSignature(Document, SignatureConfiguration, Stream, OutputOptions): Create the document with the prepared signature. GetHash(HashAlgorithm): Calculate the hash from the document and create the signature using an external signature handler. ReadExternalSignature(Byte): Create signature configuration for the external signature. SignPreparedSignature(Document, SignatureConfiguration, Stream): Insert the external signature into the document with the prepared signature.
	CreateSignatureFromCertificate	Create a configuration to sign with a PFX (PKCS#12) soft certificate The file must contain the certificate itself, all certificates of the trust chain, and the private key.
	CreateTimestamp	Create a time-stamp configuration Note that to create time-stamps, the TimestampUrl must be set.
	Dispose	Close the object Release all resources associated with the object. (Inherited from Provider)
	Equals	(Inherited from NativeObject)
	GetHashCode	(Inherited from NativeObject)
	ReadExternalSignature	Read signature created by an external signature handler See CreatePreparedSignature(Int32, String, String) for more information on the signing process using an external signature handler.

Top

Reference

PdfTools.Crypto.Providers.BuiltIn Namespace