public async Task TimestampData_WithValidInput_ReturnsTimestamp()
{
var logger = new TestLogger();
var timestampService = await _testFixture.GetDefaultTrustedTimestampServiceAsync();
var timestampProvider = new Rfc3161TimestampProvider(timestampService.Url);
var data = "Test data to be signed and timestamped";
using (var authorCert = new X509Certificate2(_trustedTestCert.Source.Cert))
{
var signedCms = SigningTestUtility.GenerateSignedCms(authorCert, Encoding.ASCII.GetBytes(data));
var signatureValue = signedCms.Encode();
var request = new TimestampRequest
{
SigningSpec = SigningSpecifications.V1,
TimestampHashAlgorithm = Common.HashAlgorithmName.SHA256,
Signature = signatureValue
};
// Act
var timestampedData = timestampProvider.TimestampData(request, logger, CancellationToken.None);
var timestampedCms = new SignedCms();
timestampedCms.Decode(timestampedData);
// Assert
timestampedData.Should().NotBeNull();
timestampedCms.Should().NotBeNull();
timestampedCms.Detached.Should().BeFalse();
timestampedCms.ContentInfo.Should().NotBeNull();
timestampedCms.SignerInfos.Count.Should().Be(1);
timestampedCms.SignerInfos[0].UnsignedAttributes.Count.Should().Be(1);
timestampedCms.SignerInfos[0].UnsignedAttributes[0].Oid.Value.Should().Be(Oids.SignatureTimeStampTokenAttribute);
}
}
public async Task TimestampData_WhenCancelled_Throws()
{
var logger = new TestLogger();
var timestampService = await _testFixture.GetDefaultTrustedTimestampServiceAsync();
var timestampProvider = new Rfc3161TimestampProvider(timestampService.Url);
var data = "Test data to be signed and timestamped";
using (var authorCert = new X509Certificate2(_trustedTestCert.Source.Cert))
{
var signedCms = SigningTestUtility.GenerateSignedCms(authorCert, Encoding.ASCII.GetBytes(data));
var signatureValue = signedCms.Encode();
var request = new TimestampRequest
{
SigningSpec = SigningSpecifications.V1,
TimestampHashAlgorithm = Common.HashAlgorithmName.SHA256,
Signature = signatureValue
};
// Act
Action timestampAction = () => timestampProvider.TimestampData(request, logger, new CancellationToken(canceled: true));
// Assert
timestampAction.ShouldThrow <OperationCanceledException>()
.WithMessage(_operationCancelledExceptionMessage);
}
}
public async Task TimestampData_WhenRequestNull_Throws()
{
var logger = new TestLogger();
var timestampService = await _testFixture.GetDefaultTrustedTimestampServiceAsync();
var timestampProvider = new Rfc3161TimestampProvider(timestampService.Url);
var authorCertName = "*****@*****.**";
var data = "Test data to be signed and timestamped";
Action <X509V3CertificateGenerator> modifyGenerator = delegate(X509V3CertificateGenerator gen)
{
gen.SetNotBefore(DateTime.MinValue);
gen.SetNotBefore(DateTime.UtcNow.Subtract(TimeSpan.FromDays(1))); // cert has expired
};
using (var authorCert = SigningTestUtility.GenerateCertificate(authorCertName, modifyGenerator: modifyGenerator))
{
var signedCms = SigningTestUtility.GenerateSignedCms(authorCert, Encoding.ASCII.GetBytes(data));
var signatureValue = signedCms.Encode();
var request = new TimestampRequest
{
SigningSpec = SigningSpecifications.V1,
TimestampHashAlgorithm = Common.HashAlgorithmName.SHA256,
Signature = signatureValue
};
// Act
Action timestampAction = () => timestampProvider.TimestampData(null, logger, CancellationToken.None);
// Assert
timestampAction.ShouldThrow <ArgumentNullException>()
.WithMessage(string.Format(_argumentNullExceptionMessage, nameof(request)));
}
}
public void Rfc3161TimestampProvider_Failure_Cancelled()
{
// Arrange
var logger = new TestLogger();
var timestampProvider = new Rfc3161TimestampProvider(new Uri(_testTimestampServer));
var data = "Test data to be signed and timestamped";
using (var authorCert = new X509Certificate2(_trustedTestCert.Source.Cert))
{
var signedCms = SigningTestUtility.GenerateSignedCms(authorCert, Encoding.ASCII.GetBytes(data));
var signatureValue = signedCms.Encode();
var request = new TimestampRequest
{
Certificate = authorCert,
SigningSpec = SigningSpecifications.V1,
TimestampHashAlgorithm = Common.HashAlgorithmName.SHA256,
SignatureValue = signatureValue
};
// Act
Action timestampAction = () => timestampProvider.TimestampData(request, logger, new CancellationToken(canceled: true));
// Assert
timestampAction.ShouldThrow <OperationCanceledException>()
.WithMessage(_operationCancelledExceptionMessage);
}
}
public async Task TimestampData_WhenTimestampSigningCertificateRevoked_Throws()
{
var testServer = await _testFixture.GetSigningTestServerAsync();
var certificateAuthority = await _testFixture.GetDefaultTrustedCertificateAuthorityAsync();
var timestampService = TimestampService.Create(certificateAuthority);
certificateAuthority.Revoke(timestampService.Certificate, CrlReason.KeyCompromise, DateTimeOffset.UtcNow);
using (testServer.RegisterResponder(timestampService))
{
var logger = new TestLogger();
var timestampProvider = new Rfc3161TimestampProvider(timestampService.Url);
var data = "Test data to be signed and timestamped";
using (var authorCert = new X509Certificate2(_trustedTestCert.Source.Cert))
{
var signedCms = SigningTestUtility.GenerateSignedCms(authorCert, Encoding.ASCII.GetBytes(data));
var signatureValue = signedCms.Encode();
var request = new TimestampRequest
{
SigningSpec = SigningSpecifications.V1,
TimestampHashAlgorithm = Common.HashAlgorithmName.SHA256,
SignatureValue = signatureValue
};
var exception = Assert.Throws <TimestampException>(
() => timestampProvider.TimestampData(request, logger, CancellationToken.None));
Assert.Equal(
"The timestamp service's certificate chain could not be built: The certificate is revoked.",
exception.Message);
}
}
}
public void Rfc3161TimestampProvider_Success()
{
// Arrange
var logger = new TestLogger();
var timestampProvider = new Rfc3161TimestampProvider(new Uri(_testTimestampServer));
var data = "Test data to be signed and timestamped";
using (var authorCert = new X509Certificate2(_trustedTestCert.Source.Cert))
{
var signedCms = SigningTestUtility.GenerateSignedCms(authorCert, Encoding.ASCII.GetBytes(data));
var signatureValue = signedCms.Encode();
var request = new TimestampRequest
{
Certificate = authorCert,
SigningSpec = SigningSpecifications.V1,
TimestampHashAlgorithm = Common.HashAlgorithmName.SHA256,
SignatureValue = signatureValue
};
// Act
var timestampedData = timestampProvider.TimestampData(request, logger, CancellationToken.None);
var timestampedCms = new SignedCms();
timestampedCms.Decode(timestampedData);
// Assert
timestampedData.Should().NotBeNull();
timestampedCms.Should().NotBeNull();
timestampedCms.Detached.Should().BeFalse();
timestampedCms.ContentInfo.Should().NotBeNull();
timestampedCms.Certificates.Count.Should().Be(1);
timestampedCms.SignerInfos.Count.Should().Be(1);
timestampedCms.SignerInfos[0].UnsignedAttributes.Count.Should().Be(1);
timestampedCms.SignerInfos[0].UnsignedAttributes[0].Oid.Value.Should().Be(Oids.SignatureTimeStampTokenAttributeOid);
}
}
