/// <summary> /// SignedCms containing a time stamp authority token reponse /// </summary> /// <param name="timestampCms">SignedCms from Time Stamp Authority</param> public Timestamp(SignedCms timestampCms) { SignedCms = timestampCms ?? throw new ArgumentNullException(nameof(timestampCms)); if (Rfc3161TimestampVerificationUtility.TryReadTSTInfoFromSignedCms(timestampCms, out var tstInfo)) { try { SignedCms.CheckSignature(verifySignatureOnly: true); } catch (Exception ex) { throw new TimestampException(NuGetLogCode.NU3021, Strings.VerifyError_TimestampSignatureValidationFailed, ex); } TstInfo = tstInfo; GeneralizedTime = tstInfo.Timestamp; var accuracyInMilliseconds = Rfc3161TimestampVerificationUtility.GetAccuracyInMilliseconds(tstInfo); UpperLimit = tstInfo.Timestamp.AddMilliseconds(accuracyInMilliseconds); LowerLimit = tstInfo.Timestamp.AddMilliseconds(-accuracyInMilliseconds); } else { throw new TimestampException(NuGetLogCode.NU3021, Strings.VerifyError_TimestampSignatureValidationFailed); } }
internal static double GetAccuracyInMilliseconds(IRfc3161TimestampTokenInfo tstInfo) { double accuracyInMilliseconds; if (!tstInfo.AccuracyInMicroseconds.HasValue) { if (StringComparer.Ordinal.Equals(tstInfo.PolicyId, Oids.BaselineTimestampPolicy)) { accuracyInMilliseconds = 1000; } else { accuracyInMilliseconds = 0; } } else { accuracyInMilliseconds = tstInfo.AccuracyInMicroseconds.Value * _millisecondsPerMicrosecond; } if (accuracyInMilliseconds < 0) { throw new InvalidDataException(Strings.VerifyError_TimestampInvalid); } return(accuracyInMilliseconds); }
public Rfc3161TimestampTokenNetstandard21Wrapper( System.Security.Cryptography.Pkcs.Rfc3161TimestampToken rfc3161TimestampToken) { _rfc3161TimestampToken = rfc3161TimestampToken; TokenInfo = new Rfc3161TimestampTokenInfoNetstandard21Wrapper(_rfc3161TimestampToken.TokenInfo); }
public Rfc3161TimestampTokenNet472Wrapper( IRfc3161TimestampTokenInfo tstInfo, X509Certificate2 signerCertificate, X509Certificate2Collection additionalCerts, byte[] encoded) { _rfc3161TimestampToken = new Rfc3161TimestampToken( tstInfo, signerCertificate, additionalCerts, encoded); }
internal static bool TryReadTSTInfoFromSignedCms( SignedCms timestampCms, out IRfc3161TimestampTokenInfo tstInfo) { tstInfo = null; if (timestampCms.ContentInfo.ContentType.Value.Equals(Oids.TSTInfoContentType, StringComparison.Ordinal)) { tstInfo = Rfc3161TimestampTokenInfoFactory.Create(timestampCms.ContentInfo.Content); return(true); } // return false if the signedCms object does not contain the right ContentType return(false); }
internal Rfc3161TimestampToken( IRfc3161TimestampTokenInfo tstInfo, X509Certificate2 signerCertificate, X509Certificate2Collection additionalCerts, byte[] encoded) { Debug.Assert(tstInfo != null); Debug.Assert(signerCertificate != null); Debug.Assert(additionalCerts != null); TokenInfo = tstInfo; SignerCertificate = signerCertificate; AdditionalCerts = additionalCerts; _encoded = encoded; }
public static IRfc3161TimestampTokenInfo Create(byte[] bytes) { if (bytes == null) { throw new ArgumentNullException(nameof(bytes)); } IRfc3161TimestampTokenInfo iRfc3161TimestampTokenInfo = null; #if IS_DESKTOP iRfc3161TimestampTokenInfo = new Rfc3161TimestampTokenInfoNet472Wrapper(bytes); #else iRfc3161TimestampTokenInfo = new Rfc3161TimestampTokenInfoNetstandard21Wrapper(bytes); #endif return(iRfc3161TimestampTokenInfo); }
public static IRfc3161TimestampToken Create( IRfc3161TimestampTokenInfo tstInfo, X509Certificate2 signerCertificate, X509Certificate2Collection additionalCerts, byte[] encoded) { if (tstInfo == null) { throw new ArgumentNullException(nameof(tstInfo)); } if (signerCertificate == null) { throw new ArgumentNullException(nameof(signerCertificate)); } if (additionalCerts == null) { throw new ArgumentNullException(nameof(additionalCerts)); } if (encoded == null) { throw new ArgumentNullException(nameof(encoded)); } #if IS_SIGNING_SUPPORTED IRfc3161TimestampToken iRfc3161TimestampToken = null; #if IS_DESKTOP iRfc3161TimestampToken = new Rfc3161TimestampTokenNet472Wrapper( tstInfo, signerCertificate, additionalCerts, encoded); #else iRfc3161TimestampToken = new Rfc3161TimestampTokenNetstandard21Wrapper( tstInfo, signerCertificate, additionalCerts, encoded); #endif return(iRfc3161TimestampToken); #else throw new NotSupportedException(); #endif }
public Rfc3161TimestampTokenNetstandard21Wrapper( IRfc3161TimestampTokenInfo tstInfo, X509Certificate2 signerCertificate, X509Certificate2Collection additionalCerts, byte[] encoded) { bool success = System.Security.Cryptography.Pkcs.Rfc3161TimestampToken.TryDecode( new ReadOnlyMemory <byte>(encoded), out _rfc3161TimestampToken, out var _); if (!success) { throw new CryptographicException(Strings.InvalidAsn1); } TokenInfo = new Rfc3161TimestampTokenInfoNetstandard21Wrapper(_rfc3161TimestampToken.TokenInfo); }