public Rfc3161TimestampTokenNetstandard21Wrapper(
System.Security.Cryptography.Pkcs.Rfc3161TimestampToken rfc3161TimestampToken)
{
_rfc3161TimestampToken = rfc3161TimestampToken;
TokenInfo = new Rfc3161TimestampTokenInfoNetstandard21Wrapper(_rfc3161TimestampToken.TokenInfo);
}
private bool ProcessResponse(
ReadOnlyMemory <byte> source,
out Rfc3161TimestampToken token,
out Rfc3161RequestResponseStatus status,
out int bytesConsumed,
bool shouldThrow)
{
status = Rfc3161RequestResponseStatus.Unknown;
token = null;
Rfc3161TimeStampResp resp;
try
{
resp = AsnSerializer.Deserialize <Rfc3161TimeStampResp>(source, AsnEncodingRules.DER, out bytesConsumed);
}
catch (CryptographicException) when(!shouldThrow)
{
bytesConsumed = 0;
status = Rfc3161RequestResponseStatus.DoesNotParse;
return(false);
}
// bytesRead will be set past this point
PkiStatus pkiStatus = (PkiStatus)resp.Status.Status;
if (pkiStatus != PkiStatus.Granted &&
pkiStatus != PkiStatus.GrantedWithMods)
{
if (shouldThrow)
{
throw new CryptographicException(
SR.Format(
SR.Cryptography_TimestampReq_Failure,
pkiStatus,
resp.Status.FailInfo.GetValueOrDefault()));
}
status = Rfc3161RequestResponseStatus.RequestFailed;
return(false);
}
if (!Rfc3161TimestampToken.TryDecode(resp.TimeStampToken.GetValueOrDefault(), out token, out _))
{
if (shouldThrow)
{
throw new CryptographicException(SR.Cryptography_TimestampReq_BadResponse);
}
bytesConsumed = 0;
status = Rfc3161RequestResponseStatus.DoesNotParse;
return(false);
}
status = ValidateResponse(token, shouldThrow);
return(status == Rfc3161RequestResponseStatus.Accepted);
}
private Rfc3161RequestResponseStatus ValidateResponse(
Rfc3161TimestampToken token,
bool shouldThrow)
{
Debug.Assert(token != null);
// This method validates the acceptance criteria sprinkled throughout the
// field descriptions in https://tools.ietf.org/html/rfc3161#section-2.4.1 and
// https://tools.ietf.org/html/rfc3161#section-2.4.2
if (!token.VerifyHash(GetMessageHash().Span, HashAlgorithmId.Value))
{
if (shouldThrow)
{
throw new CryptographicException(SR.Cryptography_BadHashValue);
}
return(Rfc3161RequestResponseStatus.HashMismatch);
}
Rfc3161TimestampTokenInfo tokenInfo = token.TokenInfo;
// We only understand V1 messaging and validation
if (tokenInfo.Version != 1)
{
if (shouldThrow)
{
throw new CryptographicException(SR.Cryptography_TimestampReq_BadResponse);
}
return(Rfc3161RequestResponseStatus.VersionTooNew);
}
// reqPolicy is what the policy SHOULD be, so we can't reject it here.
ReadOnlyMemory <byte>?requestNonce = GetNonce();
ReadOnlyMemory <byte>?responseNonce = tokenInfo.GetNonce();
// The RFC says that if a nonce was in the request it MUST be present in
// the response and it MUST be equal.
//
// It does not say that if no nonce was requested that the response MUST NOT include one, so
// don't check anything if no nonce was requested.
if (requestNonce != null)
{
if (responseNonce == null ||
!requestNonce.Value.Span.SequenceEqual(responseNonce.Value.Span))
{
if (shouldThrow)
{
throw new CryptographicException(SR.Cryptography_TimestampReq_BadNonce);
}
return(Rfc3161RequestResponseStatus.NonceMismatch);
}
}
SignedCms tokenCms = token.AsSignedCms();
if (RequestSignerCertificate)
{
// If the certificate was requested it
// A) MUST be present in token.AsSignedCms().Certificates
// B) the ESSCertID(2) identifier MUST be correct.
//
// Other certificates are permitted, and will not be validated.
if (tokenCms.SignerInfos[0].Certificate == null)
{
if (shouldThrow)
{
throw new CryptographicException(SR.Cryptography_TimestampReq_NoCertFound);
}
return(Rfc3161RequestResponseStatus.RequestedCertificatesMissing);
}
}
else
{
// If no certificate was requested then the CMS Certificates collection
// MUST be empty.
if (tokenCms.Certificates.Count != 0)
{
if (shouldThrow)
{
throw new CryptographicException(SR.Cryptography_TimestampReq_UnexpectedCertFound);
}
return(Rfc3161RequestResponseStatus.UnexpectedCertificates);
}
}
return(Rfc3161RequestResponseStatus.Accepted);
}
private bool ProcessResponse(
ReadOnlyMemory <byte> source,
[NotNullWhen(true)] out Rfc3161TimestampToken?token,
out Rfc3161RequestResponseStatus status,
out int bytesConsumed,
bool shouldThrow)
{
status = Rfc3161RequestResponseStatus.Unknown;
token = null;
Rfc3161TimeStampResp resp;
try
{
AsnValueReader reader = new AsnValueReader(source.Span, AsnEncodingRules.DER);
int localBytesRead = reader.PeekEncodedValue().Length;
Rfc3161TimeStampResp.Decode(ref reader, source, out resp);
bytesConsumed = localBytesRead;
}
catch (CryptographicException) when(!shouldThrow)
{
bytesConsumed = 0;
status = Rfc3161RequestResponseStatus.DoesNotParse;
return(false);
}
// bytesRead will be set past this point
PkiStatus pkiStatus = (PkiStatus)resp.Status.Status;
if (pkiStatus != PkiStatus.Granted &&
pkiStatus != PkiStatus.GrantedWithMods)
{
if (shouldThrow)
{
throw new CryptographicException(
SR.Format(
SR.Cryptography_TimestampReq_Failure,
pkiStatus,
resp.Status.FailInfo.GetValueOrDefault()));
}
status = Rfc3161RequestResponseStatus.RequestFailed;
return(false);
}
if (!Rfc3161TimestampToken.TryDecode(resp.TimeStampToken.GetValueOrDefault(), out token, out _))
{
if (shouldThrow)
{
throw new CryptographicException(SR.Cryptography_TimestampReq_BadResponse);
}
bytesConsumed = 0;
status = Rfc3161RequestResponseStatus.DoesNotParse;
return(false);
}
status = ValidateResponse(token, shouldThrow);
return(status == Rfc3161RequestResponseStatus.Accepted);
}
/// <param name="encodedBytes" />
/// <param name="token" />
/// <param name="bytesConsumed" />
public static bool TryDecode(ReadOnlyMemory <byte> encodedBytes, out Rfc3161TimestampToken token, out int bytesConsumed)
{
throw new PlatformNotSupportedException();
}
public static bool TryDecode(ReadOnlyMemory <byte> source, out Rfc3161TimestampToken token, out int bytesConsumed)
{
bytesConsumed = 0;
token = null;
try
{
ContentInfoAsn contentInfo =
AsnSerializer.Deserialize <ContentInfoAsn>(source, AsnEncodingRules.BER, out int bytesActuallyRead);
// https://tools.ietf.org/html/rfc3161#section-2.4.2
//
// A TimeStampToken is as follows. It is defined as a ContentInfo
// ([CMS]) and SHALL encapsulate a signed data content type.
//
// TimeStampToken::= ContentInfo
// --contentType is id-signedData([CMS])
// --content is SignedData ([CMS])
if (contentInfo.ContentType != Oids.Pkcs7Signed)
{
return(false);
}
SignedCms cms = new SignedCms();
cms.Decode(source);
// The fields of type EncapsulatedContentInfo of the SignedData
// construct have the following meanings:
//
// eContentType is an object identifier that uniquely specifies the
// content type. For a time-stamp token it is defined as:
//
// id-ct-TSTInfo OBJECT IDENTIFIER ::= { iso(1) member-body(2)
// us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 4}
//
// eContent is the content itself, carried as an octet string.
// The eContent SHALL be the DER-encoded value of TSTInfo.
if (cms.ContentInfo.ContentType.Value != Oids.TstInfo)
{
return(false);
}
// RFC3161:
// The time-stamp token MUST NOT contain any signatures other than the
// signature of the TSA. The certificate identifier (ESSCertID) of the
// TSA certificate MUST be included as a signerInfo attribute inside a
// SigningCertificate attribute.
// RFC5816 says that ESSCertIDv2 should be allowed instead.
SignerInfoCollection signerInfos = cms.SignerInfos;
if (signerInfos.Count != 1)
{
return(false);
}
SignerInfo signer = signerInfos[0];
EssCertId certId;
EssCertIdV2 certId2;
if (!TryGetCertIds(signer, out certId, out certId2))
{
return(false);
}
X509Certificate2 signerCert = signer.Certificate;
if (signerCert == null &&
signer.SignerIdentifier.Type == SubjectIdentifierType.IssuerAndSerialNumber)
{
// If the cert wasn't provided, but the identifier was IssuerAndSerialNumber,
// and the ESSCertId(V2) has specified an issuerSerial value, ensure it's a match.
X509IssuerSerial issuerSerial = (X509IssuerSerial)signer.SignerIdentifier.Value;
if (certId?.IssuerSerial != null)
{
if (!IssuerAndSerialMatch(
certId.IssuerSerial.Value,
issuerSerial.IssuerName,
issuerSerial.SerialNumber))
{
return(false);
}
}
if (certId2?.IssuerSerial != null)
{
if (!IssuerAndSerialMatch(
certId2.IssuerSerial.Value,
issuerSerial.IssuerName,
issuerSerial.SerialNumber))
{
return(false);
}
}
}
Rfc3161TimestampTokenInfo tokenInfo;
if (Rfc3161TimestampTokenInfo.TryDecode(cms.ContentInfo.Content, out tokenInfo, out _))
{
if (signerCert != null &&
!CheckCertificate(signerCert, signer, certId, certId2, tokenInfo))
{
return(false);
}
token = new Rfc3161TimestampToken
{
_parsedDocument = cms,
_signerInfo = signer,
_essCertId = certId,
_essCertIdV2 = certId2,
TokenInfo = tokenInfo,
};
bytesConsumed = bytesActuallyRead;
return(true);
}
}
catch (CryptographicException)
{
}
return(false);
}
public static bool TryDecode(ReadOnlyMemory <byte> encodedBytes, out Rfc3161TimestampToken token, out int bytesConsumed) => throw null;
