Read certificates on Smartcard

Question

I want to use .NET Api to get list of certificates on SmartCard. I known that the certificates on Smartcard are loaded in to Personal store. However, I want to write a program that runs before users login (I added button on Windows login screen to open my program). Because user is not logged in, certificates on Smartcard are not loaded in to Personal store. That's why I cannot use the solution in this question How to read credentials from a SmartCard in c#. I need to write code to get all certificates from SmartCard without getting them from Personal store.

Can anyone help me on this?

Thanks a lot! Hai.

score 1 · Answer 1 · answered Sep 08 '14 at 08:20

1

After a lot of research, I found a solution here.

answered Sep 08 '14 at 08:20

hai tran ba

69
2
6

Thank you!! This was exactly what I was looking for! – Omar Darwish Nov 23 '15 at 19:08

Eugene Mayevski 'Callback · Answer 2 · 2014-10-25T13:29:30.057

0

First, you can run the service under credentials of some user (you usually specify the credentials in service parameters in MMC on each system where the service is run), and then mapping of the certificates from the smartcard to Windows certificate storage depends on the drivers. I.e. you need to verify whether this scenario works with your smartcard reader.

Next, if your smartcard reader supports PKCS#11 interface (i.e. the vendor has provided PKCS#11 driver DLLs), then you can access smartcard contents via PKCS#11 API.

PKCS11 API is a set of unmanaged DLL functions which can be used from C# via P/Invoke or via some third-party library.

edited Oct 25 '14 at 13:29

answered Aug 26 '14 at 10:38

Eugene Mayevski 'Callback

45,135
8
71
121

Hi Eugene, thanks for your response. I tried to use SecureBlackbox. Below is my code: TElPKCS11CertStorage certStorage = new TElPKCS11CertStorage(); certStorage.DLLName = "???"; certStorage.Open(); I have a Gemalto .NET IDPrime smart card. I don't know what the DLLName is. Could you help me on this? Does your company provide technical support? Thanks. – hai tran ba Aug 27 '14 at 05:52
@haitranba You must know the DLL name of get it from the vendor of the card reader and/or card. That's how PKCS#11 works. Yes, support is provided as described on https://www.eldos.com/support/ – Eugene Mayevski 'Callback Aug 27 '14 at 07:02
Not sure it will be helpful but you can insert smartcard in reader and open command prompt and run following command: `certutil -scinfo` – Jitendra Banshpal Jan 10 '19 at 16:35

Read certificates on Smartcard

2 Answers2