public TimeStampReq(
MessageImprint messageImprint,
DerObjectIdentifier tsaPolicy,
DerInteger nonce,
DerBoolean certReq,
X509Extensions extensions)
{
// default
this.version = new DerInteger(1);
this.messageImprint = messageImprint;
this.tsaPolicy = tsaPolicy;
this.nonce = nonce;
this.certReq = certReq;
this.extensions = extensions;
}
private TimeStampReq(
Asn1Sequence seq)
{
int nbObjects = seq.Count;
int seqStart = 0;
// version
version = DerInteger.GetInstance(seq[seqStart++]);
// messageImprint
messageImprint = MessageImprint.GetInstance(seq[seqStart++]);
for (int opt = seqStart; opt < nbObjects; opt++)
{
// tsaPolicy
if (seq[opt] is DerObjectIdentifier)
{
tsaPolicy = DerObjectIdentifier.GetInstance(seq[opt]);
}
// nonce
else if (seq[opt] is DerInteger)
{
nonce = DerInteger.GetInstance(seq[opt]);
}
// certReq
else if (seq[opt] is DerBoolean)
{
certReq = DerBoolean.GetInstance(seq[opt]);
}
// extensions
else if (seq[opt] is Asn1TaggedObject)
{
Asn1TaggedObject tagged = (Asn1TaggedObject) seq[opt];
if (tagged.TagNo == 0)
{
extensions = X509Extensions.GetInstance(tagged, false);
}
}
}
}
public TimeStampToken Generate(
TimeStampRequest request,
BigInteger serialNumber,
DateTime genTime, X509Extensions additionalExtensions)
{
DerObjectIdentifier digestAlgOID = new DerObjectIdentifier(request.MessageImprintAlgOid);
AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOID, DerNull.Instance);
MessageImprint messageImprint = new MessageImprint(algID, request.GetMessageImprintDigest());
Accuracy accuracy = null;
if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0)
{
DerInteger seconds = null;
if (accuracySeconds > 0)
{
seconds = new DerInteger(accuracySeconds);
}
DerInteger millis = null;
if (accuracyMillis > 0)
{
millis = new DerInteger(accuracyMillis);
}
DerInteger micros = null;
if (accuracyMicros > 0)
{
micros = new DerInteger(accuracyMicros);
}
accuracy = new Accuracy(seconds, millis, micros);
}
DerBoolean derOrdering = null;
if (ordering)
{
derOrdering = DerBoolean.GetInstance(ordering);
}
DerInteger nonce = null;
if (request.Nonce != null)
{
nonce = new DerInteger(request.Nonce);
}
DerObjectIdentifier tsaPolicy = new DerObjectIdentifier(tsaPolicyOID);
if (request.ReqPolicy != null)
{
tsaPolicy = new DerObjectIdentifier(request.ReqPolicy);
}
X509Extensions respExtensions = request.Extensions;
if (additionalExtensions != null)
{
X509ExtensionsGenerator extGen = new X509ExtensionsGenerator();
if (respExtensions != null)
{
foreach (object oid in respExtensions.ExtensionOids)
{
DerObjectIdentifier id = DerObjectIdentifier.GetInstance(oid);
extGen.AddExtension(id, respExtensions.GetExtension(DerObjectIdentifier.GetInstance(id)));
}
}
foreach (object oid in additionalExtensions.ExtensionOids)
{
DerObjectIdentifier id = DerObjectIdentifier.GetInstance(oid);
extGen.AddExtension(id, additionalExtensions.GetExtension(DerObjectIdentifier.GetInstance(id)));
}
respExtensions = extGen.Generate();
}
DerGeneralizedTime generalizedTime;
if (resolution != Resolution.R_SECONDS)
{
generalizedTime = new DerGeneralizedTime(createGeneralizedTime(genTime));
}
else
{
generalizedTime = new DerGeneralizedTime(genTime);
}
TstInfo tstInfo = new TstInfo(tsaPolicy, messageImprint,
new DerInteger(serialNumber), generalizedTime, accuracy,
derOrdering, nonce, tsa, respExtensions);
try
{
CmsSignedDataGenerator signedDataGenerator = new CmsSignedDataGenerator();
byte[] derEncodedTstInfo = tstInfo.GetDerEncoded();
if (request.CertReq)
{
signedDataGenerator.AddCertificates(x509Certs);
}
signedDataGenerator.AddCrls(x509Crls);
signedDataGenerator.AddSignerInfoGenerator(signerInfoGenerator);
CmsSignedData signedData = signedDataGenerator.Generate(
PkcsObjectIdentifiers.IdCTTstInfo.Id,
new CmsProcessableByteArray(derEncodedTstInfo),
true);
return(new TimeStampToken(signedData));
}
catch (CmsException cmsEx)
{
throw new TspException("Error generating time-stamp token", cmsEx);
}
catch (IOException e)
{
throw new TspException("Exception encoding info", e);
}
catch (X509StoreException e)
{
throw new TspException("Exception handling CertStore", e);
}
// catch (InvalidAlgorithmParameterException e)
// {
// throw new TspException("Exception handling CertStore CRLs", e);
// }
}
public TimeStampToken Generate(TimeStampRequest request, BigInteger serialNumber, DateTime genTime)
{
DerObjectIdentifier objectID = new DerObjectIdentifier(request.MessageImprintAlgOid);
AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier(objectID, DerNull.Instance);
MessageImprint messageImprint = new MessageImprint(hashAlgorithm, request.GetMessageImprintDigest());
Accuracy accuracy = null;
if (this.accuracySeconds > 0 || this.accuracyMillis > 0 || this.accuracyMicros > 0)
{
DerInteger seconds = null;
if (this.accuracySeconds > 0)
{
seconds = new DerInteger(this.accuracySeconds);
}
DerInteger millis = null;
if (this.accuracyMillis > 0)
{
millis = new DerInteger(this.accuracyMillis);
}
DerInteger micros = null;
if (this.accuracyMicros > 0)
{
micros = new DerInteger(this.accuracyMicros);
}
accuracy = new Accuracy(seconds, millis, micros);
}
DerBoolean derBoolean = null;
if (this.ordering)
{
derBoolean = DerBoolean.GetInstance(this.ordering);
}
DerInteger nonce = null;
if (request.Nonce != null)
{
nonce = new DerInteger(request.Nonce);
}
DerObjectIdentifier tsaPolicyId = new DerObjectIdentifier(this.tsaPolicyOID);
if (request.ReqPolicy != null)
{
tsaPolicyId = new DerObjectIdentifier(request.ReqPolicy);
}
TstInfo tstInfo = new TstInfo(tsaPolicyId, messageImprint, new DerInteger(serialNumber), new DerGeneralizedTime(genTime), accuracy, derBoolean, nonce, this.tsa, request.Extensions);
TimeStampToken result;
try
{
CmsSignedDataGenerator cmsSignedDataGenerator = new CmsSignedDataGenerator();
byte[] derEncoded = tstInfo.GetDerEncoded();
if (request.CertReq)
{
cmsSignedDataGenerator.AddCertificates(this.x509Certs);
}
cmsSignedDataGenerator.AddCrls(this.x509Crls);
cmsSignedDataGenerator.AddSigner(this.key, this.cert, this.digestOID, this.signedAttr, this.unsignedAttr);
CmsSignedData signedData = cmsSignedDataGenerator.Generate(PkcsObjectIdentifiers.IdCTTstInfo.Id, new CmsProcessableByteArray(derEncoded), true);
result = new TimeStampToken(signedData);
}
catch (CmsException e)
{
throw new TspException("Error generating time-stamp token", e);
}
catch (IOException e2)
{
throw new TspException("Exception encoding info", e2);
}
catch (X509StoreException e3)
{
throw new TspException("Exception handling CertStore", e3);
}
return(result);
}
private CmsSignedData GenerateTimestamp(
TimeStampRequest request,
BigInteger serialNumber,
DateTime generalizedTime)
{
var messageImprint = new MessageImprint(
new AlgorithmIdentifier(
new DerObjectIdentifier(request.MessageImprintAlgOid)), request.GetMessageImprintDigest());
DerInteger nonce = request.Nonce == null ? null : new DerInteger(request.Nonce);
var tstInfo = new TstInfo(
new DerObjectIdentifier(_options.Policy.Value),
messageImprint,
new DerInteger(serialNumber),
new DerGeneralizedTime(generalizedTime),
_options.Accuracy,
DerBoolean.False,
nonce,
tsa: null,
extensions: null);
var content = new CmsProcessableByteArray(tstInfo.GetEncoded());
var signedAttributes = new Asn1EncodableVector();
var certificateBytes = new Lazy <byte[]>(() => Certificate.GetEncoded());
if (_options.SigningCertificateUsage.HasFlag(SigningCertificateUsage.V1))
{
byte[] hash = _options.SigningCertificateV1Hash ?? DigestUtilities.CalculateDigest("SHA-1", certificateBytes.Value);
var signingCertificate = new SigningCertificate(new EssCertID(hash));
var attributeValue = new DerSet(signingCertificate);
var attribute = new BcAttribute(PkcsObjectIdentifiers.IdAASigningCertificate, attributeValue);
signedAttributes.Add(attribute);
}
if (_options.SigningCertificateUsage.HasFlag(SigningCertificateUsage.V2))
{
byte[] hash = DigestUtilities.CalculateDigest("SHA-256", certificateBytes.Value);
var signingCertificateV2 = new SigningCertificateV2(new EssCertIDv2(hash));
var attributeValue = new DerSet(signingCertificateV2);
var attribute = new BcAttribute(PkcsObjectIdentifiers.IdAASigningCertificateV2, attributeValue);
signedAttributes.Add(attribute);
}
var generator = new CmsSignedDataGenerator();
if (_options.ReturnSigningCertificate)
{
var certificates = X509StoreFactory.Create(
"Certificate/Collection",
new X509CollectionStoreParameters(new[] { Certificate }));
generator.AddCertificates(certificates);
}
generator.AddSigner(
_keyPair.Private,
Certificate,
_options.SignatureHashAlgorithm.Value,
new BcAttributeTable(signedAttributes),
new BcAttributeTable(DerSet.Empty));
CmsSignedData signedCms = generator.Generate(
PkcsObjectIdentifiers.IdCTTstInfo.Id,
content,
encapsulate: true);
return(signedCms);
}
//------------------------------------------------------------------------------
public TimeStampToken Generate(
TimeStampRequest request,
IBigInteger serialNumber,
DateTime genTime)
{
DerObjectIdentifier digestAlgOID = new DerObjectIdentifier(request.MessageImprintAlgOid);
AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOID, DerNull.Instance);
MessageImprint messageImprint = new MessageImprint(algID, request.GetMessageImprintDigest());
Accuracy accuracy = null;
if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0)
{
DerInteger seconds = null;
if (accuracySeconds > 0)
{
seconds = new DerInteger(accuracySeconds);
}
DerInteger millis = null;
if (accuracyMillis > 0)
{
millis = new DerInteger(accuracyMillis);
}
DerInteger micros = null;
if (accuracyMicros > 0)
{
micros = new DerInteger(accuracyMicros);
}
accuracy = new Accuracy(seconds, millis, micros);
}
DerBoolean derOrdering = null;
if (ordering)
{
derOrdering = DerBoolean.GetInstance(ordering);
}
DerInteger nonce = null;
if (request.Nonce != null)
{
nonce = new DerInteger(request.Nonce);
}
DerObjectIdentifier tsaPolicy = new DerObjectIdentifier(tsaPolicyOID);
if (request.ReqPolicy != null)
{
tsaPolicy = new DerObjectIdentifier(request.ReqPolicy);
}
TstInfo tstInfo = new TstInfo(tsaPolicy, messageImprint,
new DerInteger(serialNumber), new DerGeneralizedTime(genTime), accuracy,
derOrdering, nonce, tsa, request.Extensions);
try
{
CmsSignedDataGenerator signedDataGenerator = new CmsSignedDataGenerator();
byte[] derEncodedTstInfo = tstInfo.GetDerEncoded();
if (request.CertReq)
{
signedDataGenerator.AddCertificates(x509Certs);
}
signedDataGenerator.AddCrls(x509Crls);
signedDataGenerator.AddSigner(key, cert, digestOID, signedAttr, unsignedAttr);
CmsSignedData signedData = signedDataGenerator.Generate(
PkcsObjectIdentifiers.IdCTTstInfo.Id,
new CmsProcessableByteArray(derEncodedTstInfo),
true);
return(new TimeStampToken(signedData));
}
catch (CmsException cmsEx)
{
throw new TspException("Error generating time-stamp token", cmsEx);
}
catch (IOException e)
{
throw new TspException("Exception encoding info", e);
}
catch (X509StoreException e)
{
throw new TspException("Exception handling CertStore", e);
}
// catch (InvalidAlgorithmParameterException e)
// {
// throw new TspException("Exception handling CertStore CRLs", e);
// }
}
public void Read_WithInvalidAsn1_Throws()
{
Assert.Throws <CryptographicException>(
() => MessageImprint.Read(new byte[] { 0x30, 0x0b }));
}
public TimeStampToken Generate(TimeStampRequest request, BigInteger serialNumber, global::System.DateTime genTime)
{
//IL_01a0: Expected O, but got Unknown
DerObjectIdentifier algorithm = new DerObjectIdentifier(request.MessageImprintAlgOid);
AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier(algorithm, DerNull.Instance);
MessageImprint messageImprint = new MessageImprint(hashAlgorithm, request.GetMessageImprintDigest());
Accuracy accuracy = null;
if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0)
{
DerInteger seconds = null;
if (accuracySeconds > 0)
{
seconds = new DerInteger(accuracySeconds);
}
DerInteger millis = null;
if (accuracyMillis > 0)
{
millis = new DerInteger(accuracyMillis);
}
DerInteger micros = null;
if (accuracyMicros > 0)
{
micros = new DerInteger(accuracyMicros);
}
accuracy = new Accuracy(seconds, millis, micros);
}
DerBoolean derBoolean = null;
if (ordering)
{
derBoolean = DerBoolean.GetInstance(ordering);
}
DerInteger nonce = null;
if (request.Nonce != null)
{
nonce = new DerInteger(request.Nonce);
}
DerObjectIdentifier tsaPolicyId = new DerObjectIdentifier(tsaPolicyOID);
if (request.ReqPolicy != null)
{
tsaPolicyId = new DerObjectIdentifier(request.ReqPolicy);
}
TstInfo tstInfo = new TstInfo(tsaPolicyId, messageImprint, new DerInteger(serialNumber), new DerGeneralizedTime(genTime), accuracy, derBoolean, nonce, tsa, request.Extensions);
try
{
CmsSignedDataGenerator cmsSignedDataGenerator = new CmsSignedDataGenerator();
byte[] derEncoded = tstInfo.GetDerEncoded();
if (request.CertReq)
{
cmsSignedDataGenerator.AddCertificates(x509Certs);
}
cmsSignedDataGenerator.AddCrls(x509Crls);
cmsSignedDataGenerator.AddSigner(key, cert, digestOID, signedAttr, unsignedAttr);
CmsSignedData signedData = cmsSignedDataGenerator.Generate(PkcsObjectIdentifiers.IdCTTstInfo.Id, new CmsProcessableByteArray(derEncoded), encapsulate: true);
return(new TimeStampToken(signedData));
}
catch (CmsException e)
{
throw new TspException("Error generating time-stamp token", e);
}
catch (IOException val)
{
IOException e2 = val;
throw new TspException("Exception encoding info", (global::System.Exception)(object) e2);
}
catch (X509StoreException e3)
{
throw new TspException("Exception handling CertStore", e3);
}
}
