/// <summary>
/// Validates time stamp response against time stamp request.
/// </summary>
/// <param name="request">Time-stamp request.</param>
/// <param name="response">Time-stamp response.</param>
private static void ValidateResponse(Request request, Response response)
{
if (PkiStatus.Granted == response.PKIStatus || PkiStatus.GrantedWithMods == response.PKIStatus)
{
if (null == response.TST)
{
throw new TimeStampException("Invalid TS response: missing time stamp token", response.PKIStatus);
}
if (!Utils.CompareByteArray(response.TST.Nonce, request.Nonce))
{
throw new TimeStampException("Invalid TS response: nonce mismatch", response.PKIStatus);
}
if (!string.IsNullOrEmpty(request.ReqPolicy) && 0 != string.CompareOrdinal(response.TST.PolicyOid, request.ReqPolicy))
{
throw new TimeStampException("Invalid TS response: policy mismatch", response.PKIStatus);
}
if (!MsgImprint.CompareImprints(response.TST.MessageImprint, request.MessageImprint))
{
throw new TimeStampException("Invalid TS response: message imprint mismatch", response.PKIStatus);
}
}
else
{
throw new TimeStampException(string.Format(CultureInfo.InvariantCulture, "Invalid TS response. Response status: {0}", response.PKIStatus), response.PKIStatus, response.PKIStatusString, response.PKIFailureInfo);
}
}
/// <summary>
/// Sets properties of the <see cref="Request"/> class.
/// </summary>
/// <param name="hashedMessage">This field contains the hash of the data to be time-stamped.</param>
/// <param name="hashAlgOid">The hash algorithm identifier.</param>
/// <param name="nonce">Cryptographic nonce preventing replay attack.</param>
/// <param name="reqPolicy">Requested policy.</param>
/// <param name="certReq">The flag indicating that TSA should include its certificate in a response.</param>
/// <param name="version">The version of the time stamp request.</param>
private void Setup(byte[] hashedMessage, string hashAlgOid, byte[] nonce = null, string reqPolicy = null, bool certReq = false, int version = 1)
{
this.Version = version;
this.MessageImprint = new MsgImprint(hashedMessage, hashAlgOid);
this.ReqPolicy = reqPolicy;
this.Nonce = nonce;
this.CertReq = certReq;
}
/// <summary>
/// Compares two message imprints.
/// </summary>
/// <param name="a">The first message imprint.</param>
/// <param name="b">The second message imprint.</param>
/// <returns>True if message imprints are identical, otherwise false.</returns>
internal static bool CompareImprints(MsgImprint a, MsgImprint b)
{
if ((null == a) && (null == b))
{
return(true);
}
if ((null == a && null != b) || (null != a && null == b))
{
return(false);
}
if (0 != string.CompareOrdinal(a.HashAlgorithm, b.HashAlgorithm))
{
return(false);
}
if (false == Utils.CompareByteArray(a.HashedMessage, b.HashedMessage))
{
return(false);
}
return(true);
}
