/** * Validate the timestamp request, checking the digest to see if it is of an * accepted type and whether it is of the correct length for the algorithm specified. * * @param algorithms a set of string OIDS giving accepted algorithms. * @param policies if non-null a set of policies we are willing to sign under. * @param extensions if non-null a set of extensions we are willing to accept. * @param provider the provider to confirm the digest size against. * @throws TspException if the request is invalid, or processing fails. */ public void Validate( IList algorithms, IList policies, IList extensions) { if (!algorithms.Contains(this.MessageImprintAlgOid)) { throw new TspValidationException("request contains unknown algorithm.", PkiFailureInfo.BadAlg); } if (policies != null && this.ReqPolicy != null && !policies.Contains(this.ReqPolicy)) { throw new TspValidationException("request contains unknown policy.", PkiFailureInfo.UnacceptedPolicy); } if (this.Extensions != null && extensions != null) { foreach (DerObjectIdentifier oid in this.Extensions.ExtensionOids) { if (!extensions.Contains(oid.Id)) { throw new TspValidationException("request contains unknown extension.", PkiFailureInfo.UnacceptedExtension); } } } string digestName = TspUtil.GetDigestAlgName(this.MessageImprintAlgOid); IDigest digest; try { digest = DigestUtilities.GetDigest(digestName); } catch (Exception ex) { throw new TspException("digest algorithm cannot be found.", ex); } checkImprintLength(digest); }
public static ICollection GetSignatureTimestamps(SignerInformation signerInfo) { IList list = Platform.CreateArrayList(); Org.BouncyCastle.Asn1.Cms.AttributeTable unsignedAttributes = signerInfo.UnsignedAttributes; if (unsignedAttributes != null) { foreach (Org.BouncyCastle.Asn1.Cms.Attribute attribute in unsignedAttributes.GetAll(PkcsObjectIdentifiers.IdAASignatureTimeStampToken)) { foreach (Asn1Encodable asn1Encodable in attribute.AttrValues) { try { Org.BouncyCastle.Asn1.Cms.ContentInfo instance = Org.BouncyCastle.Asn1.Cms.ContentInfo.GetInstance(asn1Encodable.ToAsn1Object()); TimeStampToken timeStampToken = new TimeStampToken(instance); TimeStampTokenInfo timeStampInfo = timeStampToken.TimeStampInfo; byte[] a = DigestUtilities.CalculateDigest(TspUtil.GetDigestAlgName(timeStampInfo.MessageImprintAlgOid), signerInfo.GetSignature()); if (!Arrays.ConstantTimeAreEqual(a, timeStampInfo.GetMessageImprintDigest())) { throw new TspValidationException("Incorrect digest in message imprint"); } list.Add(timeStampToken); } catch (SecurityUtilityException) { throw new TspValidationException("Unknown hash algorithm specified in timestamp"); } catch (Exception) { throw new TspValidationException("Timestamp could not be parsed"); } } } } return(list); }
internal static IDigest CreateDigestInstance(string digestAlgOID) { string digestAlgName = TspUtil.GetDigestAlgName(digestAlgOID); return(DigestUtilities.GetDigest(digestAlgName)); }