===== Reading Certificates =====

To read certificates from a smartcard the methods ''getSignatureCertificates()'' or ''getEncryptionCertificates()'' of ''SmartCard'' can be used. For signature creation ''getSignatureCertificates()'' and for encryption ''getEncryptionCertificates()'' must be used.
These methods returns certificates in binary encoded format. If you are using (ma3api-asn-....jar  /  ma3api-asn.dll) then you can use ''ECertificate'' to convert this binary value to a meaningful certificate object.  
 
The signing certificate must be a qualified certificate in order for the signature to have legal validity.
The method ''isQualifiedCertificate()'' of ''ECertificate'' checks if a certificate is qualified.
Certificates can be differentiated from each pther by their subject values which can be retrieved by ''getSubject().stringValue()'' in ''ECertificate''. User may select a specific certificate according to the subject value.

Besides, the method ''getSubject().getCommonNameAttribute()'' of ''ECertificate'' returns the name of the certificate owner. In a smartcard, since all of the certificates have the same owner, this method can not be used to differentiate the certificates in a smartcard. It can be used to display the name of the signer.

The code segment below demonstrates reading signing certificates from a smartcard and shows the subject fields of the qualified ones. 

<sxh java;title:Java>
List<byte []> certs = smartCard.getSignatureCertificates(session);
for (byte[] bs : certs) 
{
	ECertificate cert = new ECertificate(bs);
	if(cert.isQualifiedCertificate())
		System.out.println(cert.getSubject().stringValue());
}
</sxh>

<sxh csharp;title:C#>
List<byte[]> certBytes = sc.getSignatureCertificates(session);
foreach (byte[] bs in certBytes)
{
ECertificate cert = new ECertificate(bs);
//cert.isQualifiedCertificate()
Console.WriteLine(cert.getSubject().getCommonNameAttribute());
}
</sxh>

If ESYA  API-ASN classes are not available, the class ''x509Certificate'' can be used instaed of ''ECertificate''. Instead of using ''isQualifiedCertificate()'', the sample code can be used in this case.
To retrieve the subject field of a certificate the method ''getSubjectDN().toString()'' of ''x509Certificate'' can be used.

The code segment below demonstrates reading signing certificates from a smartcard and shows the subject fields of the qualified ones. 

<sxh java;title:Java>
List<byte []> certs = smartCard.getSignatureCertificates(session);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
String qcStatement = "1.3.6.1.5.5.7.1.3";
for (byte[] bs : certs) 
{
	X509Certificate cert = (X509Certificate)cf.generateCertificate(new
	ByteArrayInputStream(bs));
	if( cert.getExtensionValue(qcStatement) != null)
	System.out.println(cert.getSubjectDN().toString());
}
</sxh>

==== Reading Names of the Objects in Smartcard  ====

Each certificate ,public key and private key take place as objects in a smartcard. Smartcard operations can also be performed by using the name of the objects in it which is not suggested since those names may change from card to card. In some cases using object names may be more meaningful to the user. The methods ''getSignatureKeyLabels(...)'' and ''getEncryptionKeyLabels(...)'' of ''SmartCard'' are used to read the names of the keys. I the name of the certificate object is the same as the name of the keys then the certificate can also be read with this name for which ''readCertificate(long aSessionID,String aLabel)'' can be used.