Introduction
First at all, I want to mention that this is my first article, so I will ask everybody to be patient and forgiving :) This article describes how to get information about digital certificates stored on your local machine; to be more specific, it looks into your System provider. It also shows how to search a certificate by name, and retrieve the certificate hash. For more info about .NET cryptography, read this article.
Background
There has been a lot of articles published about cryptography classes in .NET, so I will not go into details on that, but instead I suggest you to read article that I mentioned above. In this article, I will show you how to access your digital certificate information and use it; particularly, I will give you an example of how to retrieve information from the "CurrentUser" and "LocalMachine" Store Locations. If you need to search for a certificate by name or if you are planning to get the certificate hash, this article is for you. Recently, I had to write some code that had to find a certificate based on the name of the certificate or the certificate key. After that, I had to encrypt some data using that certificate's private key. While it sounds easy, when you try to code this, you will notice that you can't really see the hash value because it's encoded. Therefore, I had to get the certificate and then convert that to a string first.
Code
In the heart of this project, I have a function getCertFromStore that will retrieve all certificates from the store based on the requested certificate info. It has an optional parameter Name that will search for certificates with that name.
Public Function getCertFromStore(ByVal pCert_info As X509_Certificate_info, _
ByRef psError_Msg As String, _
Optional ByVal Name As String = "") _
As X509CertificateCollection
Dim certLocation As X509CertificateStore.StoreLocation
If pCert_info.Certficate_Location = "LocalMachine" Then
certLocation = X509CertificateStore.StoreLocation.LocalMachine
ElseIf pCert_info.Certficate_Location = "CurrentUser" Then
certLocation = X509CertificateStore.StoreLocation.CurrentUser
Else
psError_Msg = "Error Setting Location"
Return Nothing
End If
Dim certProvider As X509CertificateStore.StoreProvider
If pCert_info.Provider = "System" Then
certProvider = X509CertificateStore.StoreProvider.System
Else
psError_Msg = "Retrieving certificate data: " & _
"StoreProvider is not SYSTEM Store "
Return Nothing
End If
Dim certStore As X509CertificateStore
If pCert_info.Store_Name.ToUpper = "MY" Then
certStore = New X509CertificateStore(certProvider, _
certLocation, pCert_info.Store_Name)
ElseIf pCert_info.Store_Name.ToUpper = "ROOT" Then
certStore = _
X509CertificateStore.LocalMachineStore(
X509CertificateStore.RootStore.ToString())
Else
psError_Msg = "Unknown Store"
Return Nothing
End If
Try
Dim boolOpen As Boolean = certStore.OpenRead()
Catch ex As Exception
psError_Msg = "Can not open certificate store for Provider:" & _
certProvider & " Location:" & _
certLocation & " Store Name:" & _
pCert_info.Store_Name
Return Nothing
End Try
Dim cersCollection As X509CertificateCollection
If Name <> "" Then
cersCollection = certStore.FindCertificateBySubjectString(Name)
Else
cersCollection = certStore.Certificates
End If
Return cersCollection
End Function
After getting all the certificates from the store, we can get all the information about individual certificates, as needed.
txtName.Text= certMy.GetName
txtHash.Text = System.Convert.ToBase64String(certMy.GetKeyIdentifier)
I also do a check to make sure I have the private key if I need to use the RSACryptoServiceProvider.
Try
rsaCSP = CType(certMy.Key, RSACryptoServiceProvider)
MsgBox("You have access to private keys on this certificate", _
MsgBoxStyle.Information)
Catch ex As Exception
MsgBox("Error Getting RSACryptoServiceProvider" & _
ex.Message, MsgBoxStyle.Critical)
End Try
Conclusion
Even though this code is not really complicated, it becomes handy when you need to use certificate hashes since you will not be able to use that from the Certificate console. Please note that certMy has a lot of properties that you can use.
About me
Check my freelancing site for more info.
