C
C
Extract TSTInfo from RFC3161 Timestamp Reply
See more HTTP Examples
Sends an RFC 3161 timestamp request to a TSA (Timestamp Authority) server and converts the timestamp reply to XML, and then extracts the TSTInfo from the XML and converts it to XML.Chilkat C Downloads
#include <C_CkCrypt2.h>
#include <C_CkHttp.h>
#include <C_CkBinData.h>
#include <C_CkHttpResponse.h>
#include <C_CkAsn.h>
#include <C_CkXml.h>
#include <C_CkStringBuilder.h>
void ChilkatSample(void)
{
BOOL success;
HCkCrypt2 crypt;
const char *base64Hash;
HCkHttp http;
HCkBinData requestToken;
const char *optionalPolicyOid;
BOOL addNonce;
BOOL requestTsaCert;
const char *tsaUrl;
HCkHttpResponse resp;
HCkBinData timestampReply;
HCkAsn asn;
HCkXml xml;
const char *tstInfoBase64;
HCkBinData bdTstInfo;
HCkAsn asnTstInfo;
HCkXml xmlTstInfo;
HCkStringBuilder sbGenTime;
success = FALSE;
// Note: Requires Chilkat v9.5.0.75 or greater.
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// First sha-256 hash the data that is to be timestamped.
// In this example, the data is the string "Hello World"
crypt = CkCrypt2_Create();
CkCrypt2_putHashAlgorithm(crypt,"sha256");
CkCrypt2_putEncodingMode(crypt,"base64");
base64Hash = CkCrypt2_hashFileENC(crypt,"qa_data/hamlet.xml");
http = CkHttp_Create();
requestToken = CkBinData_Create();
optionalPolicyOid = "";
addNonce = FALSE;
requestTsaCert = TRUE;
// Create a time-stamp request token
success = CkHttp_CreateTimestampRequest(http,"sha256",base64Hash,optionalPolicyOid,addNonce,requestTsaCert,requestToken);
if (success == FALSE) {
printf("%s\n",CkHttp_lastErrorText(http));
CkCrypt2_Dispose(crypt);
CkHttp_Dispose(http);
CkBinData_Dispose(requestToken);
return;
}
// Send the time-stamp request token to the TSA.
// This is the equivalent of the following CURL command:
// curl -H "Content-Type: application/timestamp-query" --data-binary '@file.tsq' http://timestamp.digicert.com > file.tsr
tsaUrl = "http://timestamp.digicert.com";
resp = CkHttpResponse_Create();
success = CkHttp_HttpBd(http,"POST",tsaUrl,requestToken,"application/timestamp-query",resp);
if (success == FALSE) {
printf("%s\n",CkHttp_lastErrorText(http));
CkCrypt2_Dispose(crypt);
CkHttp_Dispose(http);
CkBinData_Dispose(requestToken);
CkHttpResponse_Dispose(resp);
return;
}
// Get the timestamp reply from the HTTP response object.
timestampReply = CkBinData_Create();
CkHttpResponse_GetBodyBd(resp,timestampReply);
// Convert the binary timestamp reply to XML
asn = CkAsn_Create();
success = CkAsn_LoadBd(asn,timestampReply);
if (success == FALSE) {
printf("%s\n",CkAsn_lastErrorText(asn));
CkCrypt2_Dispose(crypt);
CkHttp_Dispose(http);
CkBinData_Dispose(requestToken);
CkHttpResponse_Dispose(resp);
CkBinData_Dispose(timestampReply);
CkAsn_Dispose(asn);
return;
}
xml = CkXml_Create();
success = CkXml_LoadXml(xml,CkAsn_asnToXml(asn));
// Extract the TSTInfo from the XML.
// The TSTInfo is this base64 encoded ASN.1
// TSTInfo ::= SEQUENCE {
// version INTEGER { v1(1) },
// policy TSAPolicyId,
// messageImprint MessageImprint,
// -- MUST have the same value as the similar field in
// -- TimeStampReq
// serialNumber INTEGER,
// -- Time-Stamping users MUST be ready to accommodate integers
// -- up to 160 bits.
// genTime GeneralizedTime,
// accuracy Accuracy OPTIONAL,
// ordering BOOLEAN DEFAULT FALSE,
// nonce INTEGER OPTIONAL,
// -- MUST be present if the similar field was present
// -- in TimeStampReq. In that case it MUST have the same value.
// tsa [0] GeneralName OPTIONAL,
// extensions [1] IMPLICIT Extensions OPTIONAL }
tstInfoBase64 = CkXml_getChildContent(xml,"sequence[1]|contextSpecific|sequence|sequence|contextSpecific|octets");
bdTstInfo = CkBinData_Create();
CkBinData_AppendEncoded(bdTstInfo,tstInfoBase64,"base64");
asnTstInfo = CkAsn_Create();
success = CkAsn_LoadBd(asnTstInfo,bdTstInfo);
if (success == FALSE) {
printf("%s\n",CkAsn_lastErrorText(asnTstInfo));
CkCrypt2_Dispose(crypt);
CkHttp_Dispose(http);
CkBinData_Dispose(requestToken);
CkHttpResponse_Dispose(resp);
CkBinData_Dispose(timestampReply);
CkAsn_Dispose(asn);
CkXml_Dispose(xml);
CkBinData_Dispose(bdTstInfo);
CkAsn_Dispose(asnTstInfo);
return;
}
xmlTstInfo = CkXml_Create();
success = CkXml_LoadXml(xmlTstInfo,CkAsn_asnToXml(asnTstInfo));
printf("%s\n",CkXml_getXml(xmlTstInfo));
// Here's the TSTInfo XML:
// <?xml version="1.0" encoding="utf-8"?>
// <sequence>
// <int>01</int>
// <oid>2.16.840.1.114412.7.1</oid>
// <sequence>
// <sequence>
// <oid>2.16.840.1.101.3.4.2.1</oid>
// <null/>
// </sequence>
// <octets>4sRRyWOzC7EOic4fQ9+Op1pa10DbgoBGjBvkq09LZmE=</octets>
// </sequence>
// <int>00AD2C86E49872597B60F87D5C54BCFFAE</int>
// <universal tag="24" constructed="0">MjAyMzAzMTYxMTQ5NTJa</universal>
// </sequence>
// The genTime (GeneralizedTime) is contained in the final "universal" XML element and is
// in base64. It is the time at which the time-stamp token has been created by
// the TSA. After decoding from base64, it is:
//
// The syntax is: YYYYMMDDhhmmss[.s...]Z
// Example: 19990609001326.34352Z
sbGenTime = CkStringBuilder_Create();
CkStringBuilder_DecodeAndAppend(sbGenTime,CkXml_getChildContent(xmlTstInfo,"universal"),"base64","utf-8");
printf("%s\n",CkStringBuilder_getAsString(sbGenTime));
// Result:
// 20230316115718Z
CkCrypt2_Dispose(crypt);
CkHttp_Dispose(http);
CkBinData_Dispose(requestToken);
CkHttpResponse_Dispose(resp);
CkBinData_Dispose(timestampReply);
CkAsn_Dispose(asn);
CkXml_Dispose(xml);
CkBinData_Dispose(bdTstInfo);
CkAsn_Dispose(asnTstInfo);
CkXml_Dispose(xmlTstInfo);
CkStringBuilder_Dispose(sbGenTime);
}