Rather, a short summary of how certificates and digital signature work. At the end of the reply I left references, after all it is a complex subject and the details would not fit here.
In general, we are talking about public key cryptography, in which there is a pair of keys: one public and one private (see the links at the end for more details).
The certificate only contains the public key. The private key (which is used to sign digitally) is separate of the certificate, are two different "things" (although related, since the public key of the certificate is used to verify the signature made with its respective private key).
In the case of A3, both the certificate and your private key are stored on some physical media (a card, token, whatever), and access to the private key is password protected (the PIN you type when you will use it).
In the case of A1, the only difference is that it is not stored in a media, but in a file. The most common formats are the Keystore (JKS) and PKCS12 (pfx files, most common in Windows).
Both work similarly: they have several different entries, identified by some name (called "alias"). And in each alias, you can have a certificate, or the certificate + private key. This file is usually password protected (it can be configurable depending on the way you create these files) - the class java.security.KeyStore
, for example, allows creating and manipulating both types (JKS and pfx).
Now to the questions:
You can import A1 certificates from all users and store them directly on the server?
Yes, as long as you also store your private keys (as they are used to sign digitally). You can store everything in a single store, and use different aliases for each customer, or use a separate store for each. Where the files are will depend on your solution (they can be blobs in the database, files in some server folder, etc).
Since kesytore is recommended to have a password, the user will need to type it to access their respective private key when signing the document.
Users will only need to enter their PIN to sign the documents?
If the only use they make of the private key is at the time of signing, then yes, only at this time will it be necessary to enter the PIN.
If the private key is not used for anything else (for example, to authenticate on the site using the certificate), then the signature would be the only time the password is required.
Only it has a detail: as the certificate+private key are on the server, your system will have to make the user enter the password (through some interface, via form, etc), because all access to kesytore and signature will be done on the server, since that’s where the private keys are.
It’s a different situation than when the certificate is installed on the client’s machine, because in this case, the broswer/OS does the "field medium" and automatically asks for the password.
Also, at the time of signing the system will display all +200 certificates stored so that the user chooses yours and put the PIN?
If the certificate is on the server, then you can control what the user can see. Your application could only upload that user’s certificates, since it probably shouldn’t even see the others (it’s how I imagine your system to be).
References:
Thank you. Your reply was very helpful.
– William Tenorio