EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Reading TElX509Certificate.SerialNumber?

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#37034
Posted: 06/21/2016 02:43:31
by Kadir Akdeniz (Basic support level)
Joined: 06/21/2016
Posts: 9

Hello,

TL;DR: Does this hold the serial number of the certificate or the subject of the certificate? I'm trying to get the serial number(identity no) of subject. And I cannot read the value inside this. I tried:

Code
System.Encoding.UTF8.GetString(serialNumber);


Also

Code
Convert.toBase64String(serialNumber);


We are currently developing an application to sign files with SecureBlackBox. We are using pkcs11 tokens to sign the files with the private keys in them.

Our issue is that we will have multiple tokens inserted into the computer and when someone enters their legal "personal identification number", we need to look up in the tokens, retrieve their certificates after opening session and find the correct certificate and thus the index. The certificates are provided legally from a trusted authority to the "personal identification number" of the token owners.

TElX509Certificate.SubjectName gives the subject name, country, location, organisation but not the serial number of the subject.

How can I retrieve this information?

PS: I can see this identity number in another application. It seems to be in subject information part of the certificate.
#37036
Posted: 06/21/2016 04:21:18
by Ken Ivanov (EldoS Corp.)

Hi Kadir,

Thank you for getting in touch with us.

The serial number can actually be stored in a few different locations inside the certificate, each of which should be accessed differently. Could you please share a screen capture of the other application that displays it so we have an idea where to look for it?

May I please also ask you to attach your license ticket that you received with SecureBlackbox registration letter to your eldos.com account. This is an important prerequisite of getting technical support on this web site.

Ken
#37037
Posted: 06/21/2016 04:54:58
by Kadir Akdeniz (Basic support level)
Joined: 06/21/2016
Posts: 9

Hi there,

Thanks for responding quickly. I attached the screenshot of the 3rd party.

I do not have access to license information at the moment, developing with trial license key.


#37044
Posted: 06/21/2016 11:24:51
by Ken Ivanov (EldoS Corp.)

Thanks Kadir,

The screen shot shows that the serial number in question is included in the Subject field set. It has no relation to the 'primary' serial number accessible via the TElX509Certificate.SerialNumber property, and should be processed in a different way.

To obtain the serial number, please iterate over OIDs exposed via the certificate's SubjectRDN property, looking for OID of SB_CERT_OID_SERIAL_NUMBER. The corresponding Value is the one you are looking for:

Code
string snstr = "";
for (int i = 0; i < cert.SubjectRDN.Count; i++)
{
    if (SBUtils.Unit.CompareContent(cert.SubjectRDN.get_OIDs(i), SBConstants.Unit.SB_CERT_OID_SERIAL_NUMBER))
    {
        byte[] sn = cert.SubjectRDN.get_Values(i);
        snstr = Encoding.UTF8.GetString(sn);
        break;
    }
}


Ken
#37053
Posted: 06/22/2016 02:54:33
by Kadir Akdeniz (Basic support level)
Joined: 06/21/2016
Posts: 9

That's exactly what I was looking for, it works great. Thanks a lot Ken :)

Quote
Ken Ivanov wrote:
Thanks Kadir,

The screen shot shows that the serial number in question is included in the Subject field set. It has no relation to the 'primary' serial number accessible via the TElX509Certificate.SerialNumber property, and should be processed in a different way.

To obtain the serial number, please iterate over OIDs exposed via the certificate's SubjectRDN property, looking for OID of SB_CERT_OID_SERIAL_NUMBER. The corresponding Value is the one you are looking for:

Code
string snstr = "";
for (int i = 0; i < cert.SubjectRDN.Count; i++)
{
    if (SBUtils.Unit.CompareContent(cert.SubjectRDN.get_OIDs(i), SBConstants.Unit.SB_CERT_OID_SERIAL_NUMBER))
    {
        byte[] sn = cert.SubjectRDN.get_Values(i);
        snstr = Encoding.UTF8.GetString(sn);
        break;
    }
}


Ken
Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.

Reply

Statistics

Topic viewed 683 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!