Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Ruby) RFC3161 Timestamp Client - Fetch from Timestamp Authority (TSA) and VerifySends an RFC 3161 timestamp request to a TSA (Timestamp Authority) server and validates the timestamp token response. Note: This example requires Chilkat v9.5.0.75 or greater.
require 'chilkat' # Note: Requires Chilkat v9.5.0.75 or greater. # This requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. # First sha-256 hash the data that is to be timestamped. # In this example, the data is the string "Hello World" crypt = Chilkat::CkCrypt2.new() crypt.put_HashAlgorithm("sha256") crypt.put_EncodingMode("base64") base64Hash = crypt.hashStringENC("Hello World") http = Chilkat::CkHttp.new() requestToken = Chilkat::CkBinData.new() optionalPolicyOid = "" addNonce = false requestTsaCert = true # Create a time-stamp request token success = http.CreateTimestampRequest("sha256",base64Hash,optionalPolicyOid,addNonce,requestTsaCert,requestToken) if (success != true) print http.lastErrorText() + "\n"; exit end # Send the time-stamp request token to the TSA. # This is the equivalent of the following CURL command: # curl -H "Content-Type: application/timestamp-query" --data-binary '@file.tsq' https://freetsa.org/tsr > file.tsr tsaUrl = "https://freetsa.org/tsr" # Another timestamp server you could try is: http://timestamp.digicert.com tsaUrl = "http://timestamp.digicert.com" # resp is a CkHttpResponse resp = http.PBinaryBd("POST",tsaUrl,requestToken,"application/timestamp-query",false,false) if (http.get_LastMethodSuccess() != true) print http.lastErrorText() + "\n"; exit end # Get the timestamp reply from the HTTP response object. timestampReply = Chilkat::CkBinData.new() resp.GetBodyBd(timestampReply) # Show the base64 encoded timestamp reply. print timestampReply.getEncoded("base64") + "\n"; # Let's verify the timestamp reply against the TSA's cert, which we've previously downloaded. # See https://freetsa.org/index_en.php tsaCert = Chilkat::CkCert.new() success = tsaCert.LoadFromFile("qa_data/certs/freetsa.org.cer") if (success != true) print tsaCert.lastErrorText() + "\n"; exit end # The VerifyTimestampReply method will return one of the following values: # -1: The timestampReply does not contain a valid timestamp reply. # -2: The timestampReply is a valid timestamp reply, but failed verification using the public key of the tsaCert. # 0: Granted and verified. # 1: Granted and verified, with mods (see RFC 3161) # 2: Rejected. # 3: Waiting. # 4: Revocation Warning # 5: Revocation Notification pkiStatus = http.VerifyTimestampReply(timestampReply,tsaCert) if (pkiStatus < 0) print http.lastErrorText() + "\n"; exit end print "pkiStatus = " + pkiStatus.to_s() + "\n"; # json is a CkJsonObject json = http.LastJsonData() json.put_EmitCompact(false) print json.emit() + "\n"; # The LastJsonData looks like the following. # Note: The "timestampReply.pkiStatus" portion of the LastJsonData was added in Chilkat v9.5.0.83 # Use this online tool to generate parsing code from sample JSON: # Generate Parsing Code from JSON # { # "timestampReply": { # "pkiStatus": { # "value": 0, # "meaning": "granted" # } # }, # "pkcs7": { # "verify": { # "digestAlgorithms": [ # "sha256" # ], # "signerInfo": [ # { # "cert": { # "serialNumber": "04CD3F8568AE76C61BB0FE7160CCA76D", # "issuerCN": "DigiCert SHA2 Assured ID Timestamping CA", # "digestAlgOid": "2.16.840.1.101.3.4.2.1", # "digestAlgName": "SHA256" # }, # "contentType": "1.2.840.113549.1.9.16.1.4", # "signingTime": "200405023019Z", # "messageDigest": "f14zOsdnN9vyyV3HjjBiLzNDi1PF28hAFMODxNkNRZs=", # "signingAlgOid": "1.2.840.113549.1.1.1", # "signingAlgName": "RSA-PKCSV-1_5", # "authAttr": { # "1.2.840.113549.1.9.3": { # "name": "contentType", # "oid": "1.2.840.113549.1.9.16.1.4" # }, # "1.2.840.113549.1.9.5": { # "name": "signingTime", # "utctime": "200405023019Z" # }, # "1.2.840.113549.1.9.16.2.12": { # "name": "signingCertificate", # "der": "MBowGDAWBBQDJb1QXtqWMC3CL0+gHkwovig0xQ==" # }, # "1.2.840.113549.1.9.4": { # "name": "messageDigest", # "digest": "f14zOsdnN9vyyV3HjjBiLzNDi1PF28hAFMODxNkNRZs=" # } # } # } # ] # } # } # } signingTime = Chilkat::CkDtObj.new() authAttrSigningTimeUtctime = Chilkat::CkDtObj.new() timestampReplyPkiStatusValue = json.IntOf("timestampReply.pkiStatus.value") timestampReplyPkiStatusMeaning = json.stringOf("timestampReply.pkiStatus.meaning") i = 0 count_i = json.SizeOfArray("pkcs7.verify.digestAlgorithms") while i < count_i json.put_I(i) strVal = json.stringOf("pkcs7.verify.digestAlgorithms[i]") i = i + 1 end i = 0 count_i = json.SizeOfArray("pkcs7.verify.signerInfo") while i < count_i json.put_I(i) certSerialNumber = json.stringOf("pkcs7.verify.signerInfo[i].cert.serialNumber") certIssuerCN = json.stringOf("pkcs7.verify.signerInfo[i].cert.issuerCN") certDigestAlgOid = json.stringOf("pkcs7.verify.signerInfo[i].cert.digestAlgOid") certDigestAlgName = json.stringOf("pkcs7.verify.signerInfo[i].cert.digestAlgName") contentType = json.stringOf("pkcs7.verify.signerInfo[i].contentType") json.DtOf("pkcs7.verify.signerInfo[i].signingTime",false,signingTime) messageDigest = json.stringOf("pkcs7.verify.signerInfo[i].messageDigest") signingAlgOid = json.stringOf("pkcs7.verify.signerInfo[i].signingAlgOid") signingAlgName = json.stringOf("pkcs7.verify.signerInfo[i].signingAlgName") authAttrContentTypeName = json.stringOf("pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.3\".name") authAttrContentTypeOid = json.stringOf("pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.3\".oid") authAttrSigningTimeName = json.stringOf("pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.5\".name") json.DtOf("pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.5\".utctime",false,authAttrSigningTimeUtctime) authAttrSigningCertificateName = json.stringOf("pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.16.2.12\".name") authAttrSigningCertificateDer = json.stringOf("pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.16.2.12\".der") authAttrMessageDigestName = json.stringOf("pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.4\".name") authAttrMessageDigestDigest = json.stringOf("pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.4\".digest") i = i + 1 end |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.