using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.Cms; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.Tsp; using Org.BouncyCastle.Utilities; using System; using System.IO; using System.Text; namespace Org.BouncyCastle.Tsp { public class TimeStampResponse { private readonly TimeStampResp m_resp; private readonly TimeStampToken m_timeStampToken; public int Status => m_resp.Status.StatusObject.IntValueExact; public TimeStampToken TimeStampToken => m_timeStampToken; private static TimeStampResp ParseTimeStampResp(byte[] encoding) { try { return TimeStampResp.GetInstance(encoding); } catch (Exception ex) { throw new TspException("malformed timestamp response: " + ex?.ToString(), ex); } } private static TimeStampResp ParseTimeStampResp(Stream input) { try { return TimeStampResp.GetInstance(Asn1Object.FromStream(input)); } catch (Exception ex) { throw new TspException("malformed timestamp response: " + ex?.ToString(), ex); } } public TimeStampResponse(TimeStampResp resp) { m_resp = resp; if (resp.TimeStampToken != null) m_timeStampToken = new TimeStampToken(resp.TimeStampToken); } public TimeStampResponse(byte[] resp) : this(ParseTimeStampResp(resp)) { } public TimeStampResponse(Stream input) : this(ParseTimeStampResp(input)) { } public string GetStatusString() { if (m_resp.Status.StatusString == null) return null; StringBuilder stringBuilder = new StringBuilder(); PkiFreeText statusString = m_resp.Status.StatusString; for (int i = 0; i < statusString.Count; i++) { stringBuilder.Append(statusString[i].GetString()); } return stringBuilder.ToString(); } public PkiFailureInfo GetFailInfo() { if (m_resp.Status.FailInfo == null) return null; return new PkiFailureInfo(m_resp.Status.FailInfo); } public void Validate(TimeStampRequest request) { TimeStampToken timeStampToken = TimeStampToken; if (timeStampToken != null) { TimeStampTokenInfo timeStampInfo = timeStampToken.TimeStampInfo; if (request.Nonce != null && !request.Nonce.Equals(timeStampInfo.Nonce)) throw new TspValidationException("response contains wrong nonce value."); if (Status != 0 && Status != 1) throw new TspValidationException("time stamp token found in failed request."); if (!timeStampInfo.MessageImprintAlgOid.Equals(request.MessageImprintAlgOid)) throw new TspValidationException("response for different message imprint algorithm."); if (!Arrays.FixedTimeEquals(request.MessageImprintDigest.GetOctets(), timeStampInfo.MessageImprintDigest.GetOctets())) throw new TspValidationException("response for different message imprint digest."); Org.BouncyCastle.Asn1.Cms.Attribute attribute = timeStampToken.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate]; Org.BouncyCastle.Asn1.Cms.Attribute attribute2 = timeStampToken.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2]; if (attribute == null && attribute2 == null) throw new TspValidationException("no signing certificate attribute present."); if (attribute == null) ; DerObjectIdentifier reqPolicy = request.TimeStampReq.ReqPolicy; if (reqPolicy != null && !reqPolicy.Equals(timeStampInfo.TstInfo.Policy)) throw new TspValidationException("TSA policy wrong for request."); } else if (Status == 0 || Status == 1) { throw new TspValidationException("no time stamp token found and one expected."); } } public byte[] GetEncoded() { return m_resp.GetEncoded(); } public byte[] GetEncoded(string encoding) { Asn1Encodable asn1Encodable = m_resp; if ("DL".Equals(encoding)) asn1Encodable = ((m_timeStampToken == null) ? new DLSequence(m_resp.Status) : new DLSequence(m_resp.Status, m_timeStampToken.ToCmsSignedData().ContentInfo)); return asn1Encodable.GetEncoded(encoding); } } }