Package com.pdftools.crypto.providers

Class Provider

java.lang.Object
com.pdftools.internal.NativeBase
com.pdftools.internal.NativeObject
com.pdftools.crypto.providers.Provider
All Implemented Interfaces:
AutoCloseable
Direct Known Subclasses:
Provider, Session, Session, Session
public abstract class Provider extends NativeObject implements AutoCloseable

Base class for cryptographic providers

The cryptographic provider manages certificates, their private keys and implements cryptographic algorithms.

This SDK supports various different cryptographic providers. The following list shows the signing certificate type that can be used for each provider.

  • Soft Certificate:

    Soft certificates are typically PKCS#12 files that have the extension .pfx or .p12 and contain the signing certificate as well as the private key and trust chain (issuer certificates). Soft certificates can be used with the builtin.Provider, where they can be loaded using builtin.Provider.createSignatureFromCertificate.

  • Hardware Security Module (HSM):

    HSMs always offer very good PKCS#11 support, so the pkcs11.Session is suitable. For more information and installation instructions, consult the separate document "TechNotePKCS11.pdf".

  • USB Token or Smart Card:

    These devices typically offer a PKCS#11 interface, so the recommended provider is the pkcs11.Session. Note that in any case, signing documents is only possible in an interactive user session. So these devices cannot be used in a service or web application environment.

  • Swisscom Signing Service:

    The swisscomsigsrv.Session supports both static and on-demand signing certificates.

  • GlobalSign Digital Signing Service:

    The globalsigndss.Session supports all features of the service.