Sample code for 30+ languages & platforms
C

Extract TSTInfo from RFC3161 Timestamp Reply

See more HTTP Examples

Sends an RFC 3161 timestamp request to a TSA (Timestamp Authority) server and converts the timestamp reply to XML, and then extracts the TSTInfo from the XML and converts it to XML.

Chilkat C Downloads

C
#include <C_CkCrypt2.h>
#include <C_CkHttp.h>
#include <C_CkBinData.h>
#include <C_CkHttpResponse.h>
#include <C_CkAsn.h>
#include <C_CkXml.h>
#include <C_CkStringBuilder.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkCrypt2 crypt;
    const char *base64Hash;
    HCkHttp http;
    HCkBinData requestToken;
    const char *optionalPolicyOid;
    BOOL addNonce;
    BOOL requestTsaCert;
    const char *tsaUrl;
    HCkHttpResponse resp;
    HCkBinData timestampReply;
    HCkAsn asn;
    HCkXml xml;
    const char *tstInfoBase64;
    HCkBinData bdTstInfo;
    HCkAsn asnTstInfo;
    HCkXml xmlTstInfo;
    HCkStringBuilder sbGenTime;

    success = FALSE;

    // Note: Requires Chilkat v9.5.0.75 or greater.

    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // First sha-256 hash the data that is to be timestamped.
    // In this example, the data is the string "Hello World"

    crypt = CkCrypt2_Create();
    CkCrypt2_putHashAlgorithm(crypt,"sha256");
    CkCrypt2_putEncodingMode(crypt,"base64");
    base64Hash = CkCrypt2_hashFileENC(crypt,"qa_data/hamlet.xml");

    http = CkHttp_Create();

    requestToken = CkBinData_Create();
    optionalPolicyOid = "";
    addNonce = FALSE;
    requestTsaCert = TRUE;

    // Create a time-stamp request token
    success = CkHttp_CreateTimestampRequest(http,"sha256",base64Hash,optionalPolicyOid,addNonce,requestTsaCert,requestToken);
    if (success == FALSE) {
        printf("%s\n",CkHttp_lastErrorText(http));
        CkCrypt2_Dispose(crypt);
        CkHttp_Dispose(http);
        CkBinData_Dispose(requestToken);
        return;
    }

    // Send the time-stamp request token to the TSA.
    // This is the equivalent of the following CURL command:
    // curl -H "Content-Type: application/timestamp-query" --data-binary '@file.tsq' http://timestamp.digicert.com > file.tsr
    tsaUrl = "http://timestamp.digicert.com";
    resp = CkHttpResponse_Create();
    success = CkHttp_HttpBd(http,"POST",tsaUrl,requestToken,"application/timestamp-query",resp);
    if (success == FALSE) {
        printf("%s\n",CkHttp_lastErrorText(http));
        CkCrypt2_Dispose(crypt);
        CkHttp_Dispose(http);
        CkBinData_Dispose(requestToken);
        CkHttpResponse_Dispose(resp);
        return;
    }

    // Get the timestamp reply from the HTTP response object.
    timestampReply = CkBinData_Create();
    CkHttpResponse_GetBodyBd(resp,timestampReply);

    // Convert the binary timestamp reply to XML
    asn = CkAsn_Create();
    success = CkAsn_LoadBd(asn,timestampReply);
    if (success == FALSE) {
        printf("%s\n",CkAsn_lastErrorText(asn));
        CkCrypt2_Dispose(crypt);
        CkHttp_Dispose(http);
        CkBinData_Dispose(requestToken);
        CkHttpResponse_Dispose(resp);
        CkBinData_Dispose(timestampReply);
        CkAsn_Dispose(asn);
        return;
    }

    xml = CkXml_Create();
    success = CkXml_LoadXml(xml,CkAsn_asnToXml(asn));

    // Extract the TSTInfo from the XML.
    // The TSTInfo is this base64 encoded ASN.1 

    // TSTInfo ::= SEQUENCE  {
    //    version                      INTEGER  { v1(1) },
    //    policy                       TSAPolicyId,
    //    messageImprint               MessageImprint,
    //      -- MUST have the same value as the similar field in
    //      -- TimeStampReq
    //    serialNumber                 INTEGER,
    //     -- Time-Stamping users MUST be ready to accommodate integers
    //     -- up to 160 bits.
    //    genTime                      GeneralizedTime,
    //    accuracy                     Accuracy                 OPTIONAL,
    //    ordering                     BOOLEAN             DEFAULT FALSE,
    //    nonce                        INTEGER                  OPTIONAL,
    //      -- MUST be present if the similar field was present
    //      -- in TimeStampReq.  In that case it MUST have the same value.
    //    tsa                          [0] GeneralName          OPTIONAL,
    //    extensions                   [1] IMPLICIT Extensions   OPTIONAL  }

    tstInfoBase64 = CkXml_getChildContent(xml,"sequence[1]|contextSpecific|sequence|sequence|contextSpecific|octets");

    bdTstInfo = CkBinData_Create();
    CkBinData_AppendEncoded(bdTstInfo,tstInfoBase64,"base64");

    asnTstInfo = CkAsn_Create();
    success = CkAsn_LoadBd(asnTstInfo,bdTstInfo);
    if (success == FALSE) {
        printf("%s\n",CkAsn_lastErrorText(asnTstInfo));
        CkCrypt2_Dispose(crypt);
        CkHttp_Dispose(http);
        CkBinData_Dispose(requestToken);
        CkHttpResponse_Dispose(resp);
        CkBinData_Dispose(timestampReply);
        CkAsn_Dispose(asn);
        CkXml_Dispose(xml);
        CkBinData_Dispose(bdTstInfo);
        CkAsn_Dispose(asnTstInfo);
        return;
    }

    xmlTstInfo = CkXml_Create();
    success = CkXml_LoadXml(xmlTstInfo,CkAsn_asnToXml(asnTstInfo));
    printf("%s\n",CkXml_getXml(xmlTstInfo));

    // Here's the TSTInfo XML:

    // <?xml version="1.0" encoding="utf-8"?>
    // <sequence>
    //     <int>01</int>
    //     <oid>2.16.840.1.114412.7.1</oid>
    //     <sequence>
    //         <sequence>
    //             <oid>2.16.840.1.101.3.4.2.1</oid>
    //             <null/>
    //         </sequence>
    //         <octets>4sRRyWOzC7EOic4fQ9+Op1pa10DbgoBGjBvkq09LZmE=</octets>
    //     </sequence>
    //     <int>00AD2C86E49872597B60F87D5C54BCFFAE</int>
    //     <universal tag="24" constructed="0">MjAyMzAzMTYxMTQ5NTJa</universal>
    // </sequence>

    //    The genTime (GeneralizedTime) is contained in the final "universal" XML element and is 
    //    in base64. It is the time at which the time-stamp token has been created by
    //    the TSA. After decoding from base64, it is:
    // 
    //    The syntax is: YYYYMMDDhhmmss[.s...]Z
    //    Example: 19990609001326.34352Z

    sbGenTime = CkStringBuilder_Create();
    CkStringBuilder_DecodeAndAppend(sbGenTime,CkXml_getChildContent(xmlTstInfo,"universal"),"base64","utf-8");
    printf("%s\n",CkStringBuilder_getAsString(sbGenTime));

    // Result:
    // 20230316115718Z


    CkCrypt2_Dispose(crypt);
    CkHttp_Dispose(http);
    CkBinData_Dispose(requestToken);
    CkHttpResponse_Dispose(resp);
    CkBinData_Dispose(timestampReply);
    CkAsn_Dispose(asn);
    CkXml_Dispose(xml);
    CkBinData_Dispose(bdTstInfo);
    CkAsn_Dispose(asnTstInfo);
    CkXml_Dispose(xmlTstInfo);
    CkStringBuilder_Dispose(sbGenTime);

    }