Provider Class

Base class for cryptographic providers

The cryptographic provider manages certificates, their private keys and implements cryptographic algorithms.

This SDK supports various different cryptographic providers. The following list shows the signing certificate type that can be used for each provider.

• Soft Certificate:

  Soft certificates are typically PKCS#12 files that have the extension .pfx or .p12 and contain the signing certificate as well as the private key and trust chain (issuer certificates). Soft certificates can be used with the Provider, where they can be loaded using CreateSignatureFromCertificate(Stream, String).

• Hardware Security Module (HSM):

  HSMs always offer very good PKCS#11 support, so the Session is suitable. For more information and installation instructions, consult the separate document "TechNotePKCS11.pdf".

• USB Token or Smart Card:

  These devices typically offer a PKCS#11 interface, so the recommended provider is the Session. Note that in any case, signing documents is only possible in an interactive user session. So these devices cannot be used in a service or web application environment.

• Swisscom Signing Service:

  The Session supports both static and on-demand signing certificates.

• GlobalSign Digital Signing Service:

  The Session supports all features of the service.