summary refs log tree commit diff
path: root/crypto/src
diff options
context:
space:
mode:
authormw <megan@cryptoworkshop.com>2020-10-27 16:31:51 +1100
committermw <megan@cryptoworkshop.com>2020-10-27 16:31:51 +1100
commitb290b56d91ab7ee85198b2be77925fca9f037ac8 (patch)
treee3b377c06b354a8778d9519e12d93167ee876169 /crypto/src
parentAdded fractional time and new tests (diff)
downloadBouncyCastle.NET-ed25519-b290b56d91ab7ee85198b2be77925fca9f037ac8.tar.xz
Finished NewTspTests
Diffstat (limited to 'crypto/src')
-rw-r--r--crypto/src/asn1/x509/X509ExtensionsGenerator.cs13
-rw-r--r--crypto/src/cms/CMSSignedData.cs11
-rw-r--r--crypto/src/cms/CMSSignedHelper.cs20
-rw-r--r--crypto/src/tsp/TimeStampResponseGenerator.cs63
-rw-r--r--crypto/src/tsp/TimeStampToken.cs7
-rw-r--r--crypto/src/tsp/TimeStampTokenGenerator.cs40
6 files changed, 145 insertions, 9 deletions
diff --git a/crypto/src/asn1/x509/X509ExtensionsGenerator.cs b/crypto/src/asn1/x509/X509ExtensionsGenerator.cs
index d6f567b22..58620ea5e 100644
--- a/crypto/src/asn1/x509/X509ExtensionsGenerator.cs
+++ b/crypto/src/asn1/x509/X509ExtensionsGenerator.cs
@@ -77,5 +77,16 @@ namespace Org.BouncyCastle.Asn1.X509
 		{
 			return new X509Extensions(extOrdering, extensions);
 		}
-	}
+
+        internal void AddExtension(DerObjectIdentifier oid,  X509Extension x509Extension)
+        {
+            if (extensions.Contains(oid))
+            {				
+				throw new ArgumentException  ("extension " + oid + " already added");
+			}
+
+			extOrdering.Add(oid);
+			extensions.Add(oid, x509Extension);
+        }
+    }
 }
diff --git a/crypto/src/cms/CMSSignedData.cs b/crypto/src/cms/CMSSignedData.cs
index 8634b2b3a..6028de709 100644
--- a/crypto/src/cms/CMSSignedData.cs
+++ b/crypto/src/cms/CMSSignedData.cs
@@ -150,11 +150,16 @@ namespace Org.BouncyCastle.Cms
 			get { return signedData.Version.IntValueExact; }
 		}
 
-		/**
+        internal IX509Store GetCertificates()
+        {
+            return Helper.GetCertificates(signedData.Certificates);
+		}
+
+        /**
 		* return the collection of signers that are associated with the
 		* signatures for the message.
 		*/
-		public SignerInformationStore GetSignerInfos()
+        public SignerInformationStore GetSignerInfos()
 		{
 			if (signerInfoStore == null)
 			{
@@ -217,7 +222,7 @@ namespace Org.BouncyCastle.Cms
 			string type)
 		{
 			if (certificateStore == null)
-			{
+			{				
 				certificateStore = Helper.CreateCertificateStore(type, signedData.Certificates);
 			}
 
diff --git a/crypto/src/cms/CMSSignedHelper.cs b/crypto/src/cms/CMSSignedHelper.cs
index 6d49a5513..d59b8f39d 100644
--- a/crypto/src/cms/CMSSignedHelper.cs
+++ b/crypto/src/cms/CMSSignedHelper.cs
@@ -20,6 +20,7 @@ using Org.BouncyCastle.X509;
 using Org.BouncyCastle.X509.Store;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Crypto.Tls;
 
 namespace Org.BouncyCastle.Cms
 {
@@ -127,7 +128,9 @@ namespace Org.BouncyCastle.Cms
             ecAlgorithms.Add(CmsSignedGenerator.DigestSha512, EncryptionECDsaWithSha512);
     }
 
-		/**
+       
+
+        /**
         * Return the digest algorithm using one of the standard JCA string
         * representations rather than the algorithm identifier (if possible).
         */
@@ -422,5 +425,18 @@ namespace Org.BouncyCastle.Cms
 
             return encOID;
         }
-    }
+
+		public IX509Store GetCertificates(Asn1Set certificates)
+		{
+			ArrayList certList = new ArrayList();
+			if (certificates != null)
+            {				
+				foreach (Asn1Encodable enc in certificates)
+                {
+					certList.Add(X509CertificateStructure.GetInstance(enc));
+                }				
+			}
+			return new X509CollectionStore(certList);
+		}
+	}
 }
diff --git a/crypto/src/tsp/TimeStampResponseGenerator.cs b/crypto/src/tsp/TimeStampResponseGenerator.cs
index b596f8d97..69a5c098b 100644
--- a/crypto/src/tsp/TimeStampResponseGenerator.cs
+++ b/crypto/src/tsp/TimeStampResponseGenerator.cs
@@ -6,6 +6,7 @@ using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Cmp;
 using Org.BouncyCastle.Asn1.Cms;
 using Org.BouncyCastle.Asn1.Tsp;
+using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Math;
 using Org.BouncyCastle.Utilities.Date;
 
@@ -163,6 +164,68 @@ namespace Org.BouncyCastle.Tsp
             }
         }
 
+
+        public TimeStampResponse GenerateGrantedResponse(
+            TimeStampRequest request,
+            BigInteger serialNumber,
+            DateTimeObject genTime, 
+            String statusString, 
+            X509Extensions additionalExtensions)
+        {
+            TimeStampResp resp;
+
+            try
+            {
+                if (genTime == null)
+                    throw new TspValidationException("The time source is not available.",
+                        PkiFailureInfo.TimeNotAvailable);
+
+                request.Validate(acceptedAlgorithms, acceptedPolicies, acceptedExtensions);
+
+                this.status = PkiStatus.Granted;
+                this.AddStatusString(statusString);
+
+                PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo();
+
+                ContentInfo tstTokenContentInfo;
+                try
+                {
+                    TimeStampToken token = tokenGenerator.Generate(request, serialNumber, genTime.Value,additionalExtensions);
+                    byte[] encoded = token.ToCmsSignedData().GetEncoded();
+
+                    tstTokenContentInfo = ContentInfo.GetInstance(Asn1Object.FromByteArray(encoded));
+                }
+                catch (IOException e)
+                {
+                    throw new TspException("Timestamp token received cannot be converted to ContentInfo", e);
+                }
+
+                resp = new TimeStampResp(pkiStatusInfo, tstTokenContentInfo);
+            }
+            catch (TspValidationException e)
+            {
+                status = PkiStatus.Rejection;
+
+                this.SetFailInfoField(e.FailureCode);
+                this.AddStatusString(e.Message);
+
+                PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo();
+
+                resp = new TimeStampResp(pkiStatusInfo, null);
+            }
+
+            try
+            {
+                return new TimeStampResponse(resp);
+            }
+            catch (IOException e)
+            {
+                throw new TspException("created badly formatted response!", e);
+            }
+        }
+       
+
+
         class FailInfo
             : DerBitString
         {
diff --git a/crypto/src/tsp/TimeStampToken.cs b/crypto/src/tsp/TimeStampToken.cs
index 0615cbd76..1245589b4 100644
--- a/crypto/src/tsp/TimeStampToken.cs
+++ b/crypto/src/tsp/TimeStampToken.cs
@@ -146,7 +146,12 @@ namespace Org.BouncyCastle.Tsp
 			return tsToken.GetCrls(type);
 		}
 
-	    public IX509Store GetAttributeCertificates(
+        public IX509Store GetCertificates()
+        {
+			return tsToken.GetCertificates();
+        }
+
+        public IX509Store GetAttributeCertificates(
 			string type)
 	    {
 	        return tsToken.GetAttributeCertificates(type);
diff --git a/crypto/src/tsp/TimeStampTokenGenerator.cs b/crypto/src/tsp/TimeStampTokenGenerator.cs
index 5badcfdd0..dad0db63b 100644
--- a/crypto/src/tsp/TimeStampTokenGenerator.cs
+++ b/crypto/src/tsp/TimeStampTokenGenerator.cs
@@ -253,9 +253,18 @@ namespace Org.BouncyCastle.Tsp
         //------------------------------------------------------------------------------
 
         public TimeStampToken Generate(
+           TimeStampRequest request,
+           BigInteger serialNumber,
+           DateTime genTime)
+        {
+            return Generate(request, serialNumber, genTime, null);
+        }
+
+
+            public TimeStampToken Generate(
             TimeStampRequest request,
             BigInteger serialNumber,
-            DateTime genTime)
+            DateTime genTime, X509Extensions additionalExtensions)
         {
             DerObjectIdentifier digestAlgOID = new DerObjectIdentifier(request.MessageImprintAlgOid);
 
@@ -304,6 +313,33 @@ namespace Org.BouncyCastle.Tsp
                 tsaPolicy = new DerObjectIdentifier(request.ReqPolicy);
             }
 
+
+            X509Extensions respExtensions = request.Extensions;
+            if (additionalExtensions != null)
+            {
+                X509ExtensionsGenerator extGen = new X509ExtensionsGenerator();
+
+                if (respExtensions != null)
+                {                    
+                    foreach(object oid in respExtensions.ExtensionOids)
+                    {
+                        DerObjectIdentifier id = DerObjectIdentifier.GetInstance(oid);
+                        extGen.AddExtension(id, respExtensions.GetExtension(DerObjectIdentifier.GetInstance(id)));
+                    }                   
+                }
+
+                foreach (object oid in additionalExtensions.ExtensionOids)
+                {
+                    DerObjectIdentifier id = DerObjectIdentifier.GetInstance(oid);
+                    extGen.AddExtension(id, additionalExtensions.GetExtension(DerObjectIdentifier.GetInstance(id)));
+
+                }
+           
+                respExtensions = extGen.Generate();
+            }
+
+
+
             DerGeneralizedTime generalizedTime;
             if (resolution != Resolution.R_SECONDS)
             {
@@ -316,7 +352,7 @@ namespace Org.BouncyCastle.Tsp
 
             TstInfo tstInfo = new TstInfo(tsaPolicy, messageImprint,
                 new DerInteger(serialNumber), generalizedTime, accuracy,
-                derOrdering, nonce, tsa, request.Extensions);
+                derOrdering, nonce, tsa, respExtensions);
 
             try
             {