How to Read a PIV FIPS 201 CHUID?
Download smart card API and sample code for .NET, C#, VB.NET

We get these questions quite often:

- How can I get a project up and running that just needs to read the expiration date or FASCN off a NIST PIV card using Visual Studio .NET-based managed code?

- How to write software to read DoD Common Access Card (CAC), NIST PIV and TSA TWIC cards?

- How do I verify a PIN to access PIN-protected PIV containers such es the PIV printed information?

- How can I implement support for Secure PIN Entry (SPE) readers such as the OMNIKEY 3621 or OMNIKEY 3821?

- How to read an X509 certificate from a PIV card and use it in my PKI application?

Of course you could start reading through NIST specifications and figure out more about the PIV card edge. Then you look into PC/SC part 10 specs describing secure PIN entry reader access. By the time you are done a week of development time can easily be gone.

Thanks to CardWerk SmartCard API (Professional) edition, reading the Card Holder Unique Identifier (CHUID), PIN validation via SPE and printed information or facial image data access is quite easy. A GetData() method gives you access to printed information, card capabilities, on-card X509 certificates and many more data containers.

All you need is SmartCard-API (Professional) and a few lines of code to read the CHUID. SmartCard API provides you with easy-to-use methods to extract data items such as GUID, FASCN or expiration date from raw BER encoded CHUID data.

A few lines more and you have access to the PIV card's printed information according to NIST SP 800-73-3. You'll have direct access to Name, Employee Affiliation, Expiration Date, Agency Card Serial Number and Issuer Identification data elements without having to dive into TLV encoded data containers. You'll have easy access to those methods via CardModule.PIV - a card module implemented on top of SmartCardAPI.

The sample code can also be used to access the Commercial Identity Verification (CIV) Credential. This card is technically the same as a PIV-I card. The only difference is that it does not require the use of Federal identity vetting, issuance and activation policies required to issue a PIV-I credential for Federal agencies and contractors.

Our C# sample code for Visual Studio demonstrates how to select the CAC /PIV access control applet to verify a PIN required to read CAC Personal Instance data via easy-to-use methods residing in CardModule.CAC and CardModule.PIV. The sample works with any PC/SC compliant smartcard reader including all government approved SCR devices.

We have prepared sample code to demonstrate this. It is work in progress. By no means a complete PIV or CAC implementation. That's what ActivIdentity's ActivClient can do. However we think that this code can be very helpful to get some basic info off a US Government issued chip card. Therefore we wrapped it in HelloWorld-style sample code that is available as part of the SmartCardAPI SDK. Please also look for "pre-release" download making " C# HelloPIV pre-release" sample code available whenever we have additional code available that is not yet part of the smartcard API SDK.

Key Features of HelloPIVCard Sample Code

Minimum Requirements

Buying a commercial license of the CardWerk SmartCard API (Professional) edition entitles you to redistribute the binary CardWerk SmartCard API (Professional) assembly to your customers at an incredible ROI.

Copyright 2004-2017 CardWerk Technologies,
All rights reserved. Imprint, Legal Disclaimer. Last modified June 7, 2017.