How to determine which personal certificate comes from hardware device in C#?

793 views Asked by At

Assuming I have multiple personal certificates for current user. But only one certificate belongs to Aladdin eToken.

I want to determine which certificate belongs to Aladdin eToken.

Should I use X509Store and X509Crtificate for this?

Should I try eToken SDK?

2

There are 2 answers

3
Anthony On

This depends on how Aladdin eToken signs certificates. If it issues an X509 Certificate with the Issuer field set to something identifiable (e.g. Aladdin eToken) then you should be able to find the certificate that way.

// Get the MY store for the current user
X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);

store.Open(OpenFlags.ReadOnly);

X509Certificate2Collection certs = 
    store.Certificates.Find(X509FindType.FindByIssuerName,
                            "Aladdin eToken");

That should get you all certificates which have the string "Aladdin eToken" in the issuer name. If you need to use different criteria to identify the certificate, there are heaps of other valid arguments you can pass the Find method of the Certificates collection to get matches.

For example, if you're looking for a specific certificate, you can FindByThumbprint or FindBySerialNumber.

0
Noman_1 On

This may help you to locate the certificate. It creates a list of locations and stores and gives the count of certificates. Running it with the token in and with the token out may help you to locate where is it:

public static string ListCertificatesCount()
{
    string output = "";
    foreach (StoreName st in (StoreName[])Enum.GetValues(typeof(StoreName)))
    {
        foreach (StoreLocation loc in (StoreLocation[])Enum.GetValues(typeof(StoreLocation)))
        {
            string line = "StoreName " + Enum.GetName(typeof(StoreName), st) + ", StoreLocation " + Enum.GetName(typeof(StoreLocation), loc) + ": Count: ";
            try
            {
                using (X509Store keyStore = new X509Store(st, loc))
                {
                    keyStore.Open(OpenFlags.ReadOnly);
                    line += keyStore.Certificates.Count;
                    keyStore.Close();
                }
            }
            catch (Exception ex)
            {
                line += "Fail: " + ex.Message;
            }
            output += line + Environment.NewLine;
        }
    }
    return output;
}