Hello Maxwell, AFAIK Bouncy Castle C# works out-of-the-box only with the cryptographic keys that can be exposed into the host memory (A1 in your terminology). However one must not forget that Bouncy Castle C# is a general purpose cryptographic library and if you are willing to do a little extra work on lower level APIs you can use it also with the keys that cannot be exposed in the host memory. Such keys are usually stored in specialized cryptographic hardware i.e. smartcards, HSMs, TPMs (A3 in your terminilogy) and usually can be accessed and used only via a specialized cryptographic API such as MS CryptoAPI (Windows only) and/or PKCS#11 API (multiplatform).
There was a very similar question asked here few days ago and I have posted a link to Pkcs7SignatureGenerator [0] application which I have created as an example application for PKCS#7 signature creation with Pkcs11Interop (which I am author of) and BouncyCastle libraries. In this application Pkcs11Interop library performs signing operation via PKCS#11 API with the private key stored in the hardware device and Bouncy Castle library is responsible for construction of a CMS (PKCS#7) signature structure. Few months ago I was evaluating available options for a closer integration of these two libraries but I have found out that BouncyCastle key material handling APIs do not provide required level of abstraction and therefore such integration would require major rewrite of the library. That would break its backwards compatibility and IMO would not get accepted easily by the upstream developers. So I have decided not to proceed any further. Hope this helps. [0] https://github.com/jariq/Pkcs7SignatureGenerator -- Kind Regards / S pozdravom Jaroslav Imrich http://www.jimrich.sk jaroslav.imr...@gmail.com On Tue, Jan 20, 2015 at 6:05 PM, Maxwell Chaves <mcha...@maxxdata.com.br> wrote: > Hello! > > I wonder if the Bouncy Castle C # makes signing digital certificates used > A3 (certificates located in tokens or smart cards). > > For we have seen only signatures using certificates A1 files. > > > > Best, > > > > *Maxwell Fernandes Chaves* >
