Sample code for 30+ languages & platforms
C#

PKCS11 Get Token Info

See more PKCS11 Examples

Example showing how to discover the readers (slots) and smart cards and tokens available through a vendor's PKCS11 Cryptoki module, and get token information for each.

Chilkat C# Downloads

C#
bool success = false;

//  This example requires the Chilkat API to have been previously unlocked.
//  See Global Unlock Sample for sample code.

//  Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems.

Chilkat.Pkcs11 pkcs11 = new Chilkat.Pkcs11();

//  Specify the vendor's Cryptoki module DLL / shared lib.
//  The following PKCS11 driver DLL is for the WatchData ProxKey USB token. 
//  You would use your smartcard/token vendor's PKCS11 driver DLL.
pkcs11.SharedLibPath = "SignatureP11.dll";

success = pkcs11.Initialize();
if (success == false) {
    Debug.WriteLine(pkcs11.LastErrorText);
    return;
}

//  Call Discover to discover what's available.
//  Indicate that we only want to return slots (readers) where tokens (or smart cards) are present.
bool onlyTokensPresent = true;
Chilkat.JsonObject json = new Chilkat.JsonObject();
success = pkcs11.Discover(onlyTokensPresent,json);
if (success == false) {
    Debug.WriteLine(pkcs11.LastErrorText);
    return;
}

json.EmitCompact = false;
Debug.WriteLine(json.Emit());

//  Sample JSON output.
//  Code for parsing this JSON is shown below..

//  {
//    "cryptokiVersion": {
//      "major": 2,
//      "minor": 10
//    },
//    "manufacturerID": "WatchData",
//    "libraryDescription": "PKCS#11 cryptoki module",
//    "libraryVersion": {
//      "major": 3,
//      "minor": 10
//    },
//    "slot": [
//      {
//        "id": 16385,
//        "slotDescription": "Watchdata IC CARD Reader/Writer",
//        "manufacturerID": "Watchdata",
//        "tokenPresent": true,
//        "removableDevice": true,
//        "hardwareSlot": true,
//        "hardwareVersion": {
//          "major": 1,
//          "minor": 0
//        },
//        "firmwareVersion": {
//          "major": 1,
//          "minor": 0
//        },
//        "token": {
//          "label": "WD PROXKey",
//          "manufacturerID": "Watchdata Corp.",
//          "model": "TimeCos/PK",
//          "serialNumber": "WD05376504",
//          "flags": [
//            "CKF_RNG",
//            "CKF_LOGIN_REQUIRED",
//            "CKF_USER_PIN_INITIALIZED",
//            "CKF_DUAL_CRYPTO_OPERATIONS",
//            "CKF_TOKEN_INITIALIZED"
//          ],
//          "maxSessionCount": 0,
//          "sessionCount": 0,
//          "maxRwSessionCount": 0,
//          "rwSessionCount": 0,
//          "maxPinLen": 32,
//          "minPinLen": 6,
//          "totalPublicMemory": 61440,
//          "freePublicMemory": 70144,
//          "totalPrivateMemory": 61440,
//          "freePrivateMemory": 70144,
//          "hardwareVersion": {
//            "major": 2,
//            "minor": 1
//          },
//          "firmwareVersion": {
//            "major": 0,
//            "minor": 0
//          },
//          "utcTime": "2024011509254600",
//          "mechanism": [
//            "CKM_RSA_PKCS_KEY_PAIR_GEN",
//            "CKM_EC_KEY_PAIR_GEN",
//            "CKM_DES_KEY_GEN",
//            "80000001",
//            "8000000B",
//            "CKM_AES_KEY_GEN",
//            "CKM_DES2_KEY_GEN",
//            "CKM_DES3_KEY_GEN",
//            "CKM_RSA_PKCS",
//            "CKM_RSA_X_509",
//            "CKM_ECDSA",
//            "CKM_ECDSA_SHA1",
//            "CKM_MD2_RSA_PKCS",
//            "CKM_MD5_RSA_PKCS",
//            "CKM_SHA1_RSA_PKCS",
//            "CKM_SHA256_RSA_PKCS",
//            "CKM_DES_ECB",
//            "CKM_DES_CBC",
//            "CKM_DES_CBC_PAD",
//            "80000002",
//            "CKM_CPK_ECDSA",
//            "CKM_CPK_ECDSA_SHA1",
//            "8000000C",
//            "8000000D",
//            "8000000E",
//            "CKM_AES_ECB",
//            "CKM_AES_CBC",
//            "CKM_AES_CBC_PAD",
//            "CKM_DES3_ECB",
//            "CKM_DES3_CBC",
//            "CKM_DES3_CBC_PAD",
//            "CKM_SHA_1",
//            "CKM_SHA_1_HMAC",
//            "CKM_SHA_1_HMAC_GENERAL",
//            "CKM_SHA256",
//            "CKM_SHA256_HMAC",
//            "CKM_SHA256_HMAC_GENERAL",
//            "CKM_MD2",
//            "CKM_MD2_HMAC",
//            "CKM_MD2_HMAC_GENERAL",
//            "CKM_MD5",
//            "CKM_MD5_HMAC",
//            "CKM_MD5_HMAC_GENERAL",
//            "CKM_SSL3_PRE_MASTER_KEY_GEN",
//            "CKM_SSL3_MASTER_KEY_DERIVE",
//            "CKM_SSL3_KEY_AND_MAC_DERIVE",
//            "CKM_SSL3_MD5_MAC",
//            "CKM_SSL3_SHA1_MAC"
//          ],
//          "rsa": {
//            "minKeySize": 1024,
//            "maxKeySize": 4096
//          }
//        }
//      }
//    ]
//  }

//  Use this online tool to generate parsing code from sample JSON: 
//  Generate Parsing Code from JSON

int id;
string slotDescription;
bool tokenPresent;
bool removableDevice;
bool hardwareSlot;
int hardwareVersionMajor;
int hardwareVersionMinor;
int firmwareVersionMajor;
int firmwareVersionMinor;
string tokenLabel;
string tokenManufacturerID;
string tokenModel;
string tokenSerialNumber;
int tokenMaxSessionCount;
int tokenSessionCount;
int tokenMaxRwSessionCount;
int tokenRwSessionCount;
int tokenMaxPinLen;
int tokenMinPinLen;
int tokenTotalPublicMemory;
int tokenFreePublicMemory;
int tokenTotalPrivateMemory;
int tokenFreePrivateMemory;
int tokenHardwareVersionMajor;
int tokenHardwareVersionMinor;
int tokenFirmwareVersionMajor;
int tokenFirmwareVersionMinor;
string tokenUtcTime;
int tokenRsaMinKeySize;
int tokenRsaMaxKeySize;
int j;
int count_j;
string strVal;
string tokenFlag;

//  Use this online tool to generate parsing code from sample JSON: 
//  Generate Parsing Code from JSON

int cryptokiVersionMajor = json.IntOf("cryptokiVersion.major");
int cryptokiVersionMinor = json.IntOf("cryptokiVersion.minor");
string manufacturerID = json.StringOf("manufacturerID");
string libraryDescription = json.StringOf("libraryDescription");
int libraryVersionMajor = json.IntOf("libraryVersion.major");
int libraryVersionMinor = json.IntOf("libraryVersion.minor");
int i = 0;
int count_i = json.SizeOfArray("slot");
while (i < count_i) {
    json.I = i;
    id = json.IntOf("slot[i].id");
    slotDescription = json.StringOf("slot[i].slotDescription");
    manufacturerID = json.StringOf("slot[i].manufacturerID");
    tokenPresent = json.BoolOf("slot[i].tokenPresent");
    removableDevice = json.BoolOf("slot[i].removableDevice");
    hardwareSlot = json.BoolOf("slot[i].hardwareSlot");
    hardwareVersionMajor = json.IntOf("slot[i].hardwareVersion.major");
    hardwareVersionMinor = json.IntOf("slot[i].hardwareVersion.minor");
    firmwareVersionMajor = json.IntOf("slot[i].firmwareVersion.major");
    firmwareVersionMinor = json.IntOf("slot[i].firmwareVersion.minor");
    tokenLabel = json.StringOf("slot[i].token.label");
    tokenManufacturerID = json.StringOf("slot[i].token.manufacturerID");
    tokenModel = json.StringOf("slot[i].token.model");
    tokenSerialNumber = json.StringOf("slot[i].token.serialNumber");
    tokenMaxSessionCount = json.IntOf("slot[i].token.maxSessionCount");
    tokenSessionCount = json.IntOf("slot[i].token.sessionCount");
    tokenMaxRwSessionCount = json.IntOf("slot[i].token.maxRwSessionCount");
    tokenRwSessionCount = json.IntOf("slot[i].token.rwSessionCount");
    tokenMaxPinLen = json.IntOf("slot[i].token.maxPinLen");
    tokenMinPinLen = json.IntOf("slot[i].token.minPinLen");
    tokenTotalPublicMemory = json.IntOf("slot[i].token.totalPublicMemory");
    tokenFreePublicMemory = json.IntOf("slot[i].token.freePublicMemory");
    tokenTotalPrivateMemory = json.IntOf("slot[i].token.totalPrivateMemory");
    tokenFreePrivateMemory = json.IntOf("slot[i].token.freePrivateMemory");
    tokenHardwareVersionMajor = json.IntOf("slot[i].token.hardwareVersion.major");
    tokenHardwareVersionMinor = json.IntOf("slot[i].token.hardwareVersion.minor");
    tokenFirmwareVersionMajor = json.IntOf("slot[i].token.firmwareVersion.major");
    tokenFirmwareVersionMinor = json.IntOf("slot[i].token.firmwareVersion.minor");
    tokenUtcTime = json.StringOf("slot[i].token.utcTime");
    tokenRsaMinKeySize = json.IntOf("slot[i].token.rsa.minKeySize");
    tokenRsaMaxKeySize = json.IntOf("slot[i].token.rsa.maxKeySize");

    //  The following token flag strings are possible:

    //  CKF_RNG: has random # generator

    //  CKF_WRITE_PROTECTED: token is write-protected

    //  CKF_LOGIN_REQUIRED:user must login

    //  CKF_USER_PIN_INITIALIZED:normal user's PIN is set

    //  CKF_RESTORE_KEY_NOT_NEEDED: Every time the state of cryptographic operations of a session is
    //     successfully saved, all keys needed to continue those operations are stored in the state

    //  CKF_CLOCK_ON_TOKEN: The token has some sort of clock.  The time on the clock is returned in the slot[i].token.utcTime

    //  CKF_PROTECTED_AUTHENTICATION_PATH: There is some way for the user to login without sending a PIN through the Cryptoki library itself

    //  CKF_DUAL_CRYPTO_OPERATIONS: A single session with the token can perform dual simultaneous cryptographic operations
    //     (digest and encrypt; decrypt and digest; sign and encrypt; and decrypt and sign)

    //  CKF_TOKEN_INITIALIZED: The token has been initialized.

    //  CKF_SECONDARY_AUTHENTICATION: The token supports secondary authentication for private key objects.

    //  CKF_USER_PIN_COUNT_LOW: An incorrect user login PIN has been entered at least once since the last successful authentication.

    //  CKF_USER_PIN_FINAL_TRY: Supplying an incorrect user PIN will it to become locked.

    //  CKF_USER_PIN_LOCKED: The user PIN has been locked. User login to the token is not possible.

    //  CKF_USER_PIN_TO_BE_CHANGED: The user PIN value is the default value set by token initialization or manufacturing,
    //     or the PIN has been expired by the card.

    //  CKF_SO_PIN_COUNT_LOW: An incorrect SO login PIN has been entered at least once since the last successful authentication.

    //  CKF_SO_PIN_FINAL_TRY: Supplying an incorrect SO PIN will it to become locked.

    //  CKF_SO_PIN_LOCKED: The SO PIN has been locked. SO login to the token is not possible.

    //  CKF_SO_PIN_TO_BE_CHANGED: The SO PIN value is the default value set by token initialization or manufacturing,
    //     or the PIN has been expired by the card.

    //  To see if particular flags are present:
    Chilkat.JsonArray aFlags = json.ArrayOf("slot[i].token.flags");
    if (aFlags.FindString("CKF_USER_PIN_LOCKED",true) >= 0) {
        Debug.WriteLine("The token is locked.");
    }

    if (aFlags.FindString("CKF_RNG",true) >= 0) {
        Debug.WriteLine("The token has a random number generator.");
    }

    //  ...

    //  To iterate over all flags..
    j = 0;
    count_j = json.SizeOfArray("slot[i].token.flags");
    while (j < count_j) {
        json.J = j;
        tokenFlag = json.StringOf("slot[i].token.flags[j]");
        j = j + 1;
    }

    j = 0;
    count_j = json.SizeOfArray("slot[i].token.mechanism");
    while (j < count_j) {
        json.J = j;
        strVal = json.StringOf("slot[i].token.mechanism[j]");
        j = j + 1;
    }

    i = i + 1;
}