public async Task <TspHttpResponse> Respond(TspHttpRequest tspHttpRequest)
{
try
{
var tspReqResult = GetTimeStampRequest(tspHttpRequest);
if (!tspReqResult.IsValid)
{
return(CreateResponse(new TimeStampResp(tspReqResult.PkiStatusInfo, null).GetEncoded()));
}
var contentInfo = await GetTimeStampToken(tspReqResult.TimeStampRequest);
return(CreateResponse(new TimeStampResp(tspReqResult.PkiStatusInfo, contentInfo).GetEncoded()));
}
catch (Exception e)
{
TimeStampLogger.Error(e.Message);
var pkiStatus = new PkiStatusInfo(
(int)PkiStatus.Rejection,
new PkiFreeText(new DerUtf8String("An internal error ocurred.")),
new PkiFailureInfo(PkiFailureInfo.SystemFailure));
return(CreateResponse(new TimeStampResp(pkiStatus, null).GetEncoded()));
}
}
/// <summary>
/// Converts the <see cref="HttpRequestMessage"/> to <see cref="TspHttpRequest"/>
/// </summary>
/// <param name="requestMessage"><see cref="HttpRequestMessage"/></param>
/// <returns><see cref="TspHttpRequest"/></returns>
public static async Task <TspHttpRequest> ToTspHttpRequest(this HttpRequestMessage requestMessage)
{
var tspHttpRequest = new TspHttpRequest
{
MediaType = requestMessage.Content.Headers.ContentType.MediaType,
Content = await requestMessage.Content.ReadAsByteArrayAsync()
};
return(tspHttpRequest);
}
/// <summary>
/// Converts <see cref="HttpRequest"/> to <see cref="TspHttpRequest"/>
/// </summary>
/// <param name="request"><see cref="HttpRequest"/></param>
/// <returns><see cref="TspHttpRequest"/></returns>
public static async Task <TspHttpRequest> ToTspHttpRequest(this HttpRequest request)
{
var tspHttpRequest = new TspHttpRequest
{
MediaType = request.ContentType,
Content = await request.GetRawBodyBytesAsync()
};
return(tspHttpRequest);
}
/// <summary>
/// Retrieves the <see cref="TimeStampRequest"/> from the <see cref="TspHttpRequest"/>
/// </summary>
/// <param name="tspHttpRequest"><see cref="TspHttpRequest"/></param>
/// <returns><see cref="TspReqResult"/> containing the <see cref="TimeStampRequest"/> and the <see cref="PkiStatusInfo"/></returns>
private TspReqResult GetTimeStampRequest(TspHttpRequest tspHttpRequest)
{
// Validates the header of the request
if (tspHttpRequest.MediaType != "application/timestamp-query")
{
var pkiStatusInfo = new PkiStatusInfo(
(int)PkiStatus.Rejection,
new PkiFreeText(new DerUtf8String("Content type is not 'application/timestamp-query'.")),
new PkiFailureInfo(PkiFailureInfo.BadRequest));
return(new TspReqResult
{
PkiStatusInfo = pkiStatusInfo
});
}
// Try to create the TimeStampRequest from the http request
TimeStampRequest timeStampRequest;
try
{
timeStampRequest = new TimeStampRequest(tspHttpRequest.Content);
}
catch (Exception)
{
var pkiStatusInfo = new PkiStatusInfo(
(int)PkiStatus.Rejection,
new PkiFreeText(new DerUtf8String("Query in bad format")),
new PkiFailureInfo(PkiFailureInfo.BadDataFormat));
return(new TspReqResult
{
PkiStatusInfo = pkiStatusInfo
});
}
// Validates whether the request uses accepted hash algorithms
if (AcceptedAlgorithms.All(algorithm => algorithm.Id != timeStampRequest.MessageImprintAlgOid))
{
var pkiStatusInfo = new PkiStatusInfo(
(int)PkiStatus.Rejection,
new PkiFreeText(new DerUtf8String("Hash Algorithm is not accepted.")),
new PkiFailureInfo(PkiFailureInfo.BadAlg));
return(new TspReqResult
{
PkiStatusInfo = pkiStatusInfo
});
}
// Validates whether the hashed message length matches the digest length of the hash algorithm
if (timeStampRequest.GetMessageImprintDigest().Length != TspAlgorithmUtil.GetDigestLength(new DerObjectIdentifier(timeStampRequest.MessageImprintAlgOid)))
{
var pkiStatusInfo = new PkiStatusInfo(
(int)PkiStatus.Rejection,
new PkiFreeText(new DerUtf8String("Digest length is not equal the message imprint length.")),
new PkiFailureInfo(PkiFailureInfo.BadDataFormat));
return(new TspReqResult
{
PkiStatusInfo = pkiStatusInfo
});
}
// Validates whether the TSA accepts the policy for stamping
if (timeStampRequest.ReqPolicy != null && timeStampRequest.ReqPolicy != BcTimeStampResponderRepository.GetPolicyOid())
{
var pkiStatusInfo = new PkiStatusInfo(
(int)PkiStatus.Rejection,
new PkiFreeText(new DerUtf8String("TSP policy is unknown.")),
new PkiFailureInfo(PkiFailureInfo.UnacceptedPolicy));
return(new TspReqResult
{
PkiStatusInfo = pkiStatusInfo
});
}
// Validates whether the TSA accepts the extensions
if (timeStampRequest.HasExtensions)
{
var acceptedExtensions = BcTimeStampResponderRepository.GetAcceptedExtensions();
var extensions = timeStampRequest.GetExtensionOids()
.Cast <DerObjectIdentifier>()
.Select(oid => timeStampRequest.GetExtension(oid));
if (extensions.Any(e => !acceptedExtensions.Any(a => a.IsCritical == e.IsCritical && Equals(a.Value, e.Value))))
{
var pkiStatusInfo = new PkiStatusInfo(
(int)PkiStatus.Rejection,
new PkiFreeText(new DerUtf8String("TSP does not recognizes any extensions")),
new PkiFailureInfo(PkiFailureInfo.UnacceptedExtension));
return(new TspReqResult
{
PkiStatusInfo = pkiStatusInfo
});
}
}
// returns the time stamp request with granted status
return(new TspReqResult
{
PkiStatusInfo = new PkiStatusInfo((int)PkiStatus.Granted),
TimeStampRequest = timeStampRequest
});
}
