C# Digital Certificate A3 CPF Token

Question

C# Digital Certificate A3 CPF Token

Asked 8 years ago

Viewed 3,789 times

2

I have to put a digital certificate type CPF A3 token with password, in an Httpwebrequest, so I was trying to use the X509certificate2, as follows:

    private X509Certificate2 GetCert(string CertFile, string CertPass)
    {
        FileStream fs = new FileStream(CertFile, FileMode.Open);
        byte[] buffer = new byte[fs.Length];
        fs.Read(buffer, 0, buffer.Length);
        X509Certificate2 cert = new X509Certificate2(buffer, CertPass);
        fs.Close();
        fs.Dispose();
        return cert;
    }

    //chamo assim
    GetCert("C:\\certificado.cer", password);

But I was informed that this was to read certificates on my computer, so I tried the code below

        X509Store my = new X509Store(StoreName.My, StoreLocation.CurrentUser);
        //my.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
        my.Open(OpenFlags.ReadOnly);


        // Find the certificate we'll use to sign            
        RSACryptoServiceProvider csp = null;
        foreach (X509Certificate2 cert in my.Certificates)
        {
            var x509 = cert;
            byte[] rawData = x509.RawData;
            Console.WriteLine("Content Type: {0}", X509Certificate2.GetCertContentType(rawData));
            Console.WriteLine("Serial Number: {0}", x509.SerialNumber);
            Console.WriteLine("Friendly Name: {0}", x509.FriendlyName);
            //continue

Only that this code is working OK only for CNPJ certificates, when I use CPF it asks me to stick a pen drive with certificate... One more strange thing is: it is reading all the certificates that I once installed on the computer...

I believe that the certificate exported from a Smart Card or a USB stick does not have private key. The right one would read from the same USB.

– Leonel Sanches da Silva

2016/06/30 at 20:16
I’m a little lost between private key and password... I know I need to not only stick the thumb drive, put a password to use it on Chrome for example...

– Andre

2016/06/30 at 20:21
Diego, he gets all the same certificates, we have several of them installed, you can check them through on IE. In the case of the CPF he should ask for the USB drive because there is the certificate, it is not?

– Éderson C. do Nascimento

2016/07/01 at 17:23
In fact, I understood this better, now I’m just having problems in how to put the password in the certificate.... What is the order to do? How do I add the password to the certificate?

– Andre

2016/07/01 at 20:53
I didn’t test the code, but this guy says he was able to add the PIN automatically. https://helpdev.com.br/2017/08/11/comor-addir-pinsenha-automaticamente-no-certificado-a3/

– diegodsp

2020/01/21 at 20:44

1 answer

Browser other questions tagged c# certified

You are not signed in. Login or sign up in order to post.

by Éderson C. do Nascimento • **311** points · Answer 1 · 2016-07-01T02:06:25+00:00

3

A3 certificate offers extra protection as the private key is inaccessible except by the hardware (Smart Card). There is no way to export it. What you export is only the public key. As for the password, it only enables access to the primary key within the Smart Card, because the password you type encrypts/decrypts the primary key as a security increment. Some references:

Very good for understanding the A3 certificate, Thank you. But it doesn’t explain much how to do or what is wrong in my code..

– Andre

2016/07/01 at 11:43
From what I saw in your code you are treating A3 as a file, but it is a card, to open it you have to access the "repository" of certificates, in C# has a class that does this is the "X509store" (https://msdn.microsoft.com/pt-br/library/system.security.cryptography.x509certificates.x509store(v=vs.110).aspx) and also X509certificate2collection (https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509certificate2collection.find(v=vs.110).aspx), I hope you helped out

– Éderson C. do Nascimento

2016/07/01 at 13:24
Okay, I’ll see, it helped yes, thank you

– Andre

2016/07/01 at 13:43
So it works cool here Only only for CNPJ, I changed the code above

– Andre

2016/07/01 at 14:49
@diegocolli vc managed to resolve the issue of the PIN that the A3 token asks for? How to put it via code and inhibit the display of the screen that asks for the PIN?

– JwJosefy

2018/03/14 at 00:04
I fixed it, but I don’t really remember. I think I had some problem in my configuration or classes I was using, because if I remember correctly it was just doing right that didn’t open this window, unfortunately I no longer have access to the code to give more info...

– Andre

2018/03/15 at 10:40

Show 1 more comment