|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Xojo Plugin) RFC3161 Timestamp Client - Fetch from Timestamp Authority (TSA) and VerifySends an RFC 3161 timestamp request to a TSA (Timestamp Authority) server and validates the timestamp token response. Note: This example requires Chilkat v9.5.0.75 or greater.
// Note: Requires Chilkat v9.5.0.75 or greater. // This requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // First sha-256 hash the data that is to be timestamped. // In this example, the data is the string "Hello World" Dim success As Boolean Dim crypt As New Chilkat.Crypt2 crypt.HashAlgorithm = "sha256" crypt.EncodingMode = "base64" Dim base64Hash As String base64Hash = crypt.HashStringENC("Hello World") Dim http As New Chilkat.Http Dim requestToken As New Chilkat.BinData Dim optionalPolicyOid As String optionalPolicyOid = "" Dim addNonce As Boolean addNonce = False Dim requestTsaCert As Boolean requestTsaCert = True // Create a time-stamp request token success = http.CreateTimestampRequest("sha256",base64Hash,optionalPolicyOid,addNonce,requestTsaCert,requestToken) If (success <> True) Then System.DebugLog(http.LastErrorText) Return End If // Send the time-stamp request token to the TSA. // This is the equivalent of the following CURL command: // curl -H "Content-Type: application/timestamp-query" --data-binary '@file.tsq' https://freetsa.org/tsr > file.tsr Dim tsaUrl As String tsaUrl = "https://freetsa.org/tsr" // Another timestamp server you could try is: http://timestamp.digicert.com tsaUrl = "http://timestamp.digicert.com" Dim resp As Chilkat.HttpResponse resp = http.PBinaryBd("POST",tsaUrl,requestToken,"application/timestamp-query",False,False) If (http.LastMethodSuccess <> True) Then System.DebugLog(http.LastErrorText) Return End If // Get the timestamp reply from the HTTP response object. Dim timestampReply As New Chilkat.BinData success = resp.GetBodyBd(timestampReply) // Show the base64 encoded timestamp reply. System.DebugLog(timestampReply.GetEncoded("base64")) // Let's verify the timestamp reply against the TSA's cert, which we've previously downloaded. // See https://freetsa.org/index_en.php Dim tsaCert As New Chilkat.Cert success = tsaCert.LoadFromFile("qa_data/certs/freetsa.org.cer") If (success <> True) Then System.DebugLog(tsaCert.LastErrorText) Return End If // The VerifyTimestampReply method will return one of the following values: // -1: The timestampReply does not contain a valid timestamp reply. // -2: The timestampReply is a valid timestamp reply, but failed verification using the public key of the tsaCert. // 0: Granted and verified. // 1: Granted and verified, with mods (see RFC 3161) // 2: Rejected. // 3: Waiting. // 4: Revocation Warning // 5: Revocation Notification Dim pkiStatus As Int32 pkiStatus = http.VerifyTimestampReply(timestampReply,tsaCert) If (pkiStatus < 0) Then System.DebugLog(http.LastErrorText) Return End If System.DebugLog("pkiStatus = " + Str(pkiStatus)) Dim json As Chilkat.JsonObject json = http.LastJsonData() json.EmitCompact = False System.DebugLog(json.Emit()) // The LastJsonData looks like the following. // Note: The "timestampReply.pkiStatus" portion of the LastJsonData was added in Chilkat v9.5.0.83 // Use this online tool to generate parsing code from sample JSON: // Generate Parsing Code from JSON // { // "timestampReply": { // "pkiStatus": { // "value": 0, // "meaning": "granted" // } // }, // "pkcs7": { // "verify": { // "digestAlgorithms": [ // "sha256" // ], // "signerInfo": [ // { // "cert": { // "serialNumber": "04CD3F8568AE76C61BB0FE7160CCA76D", // "issuerCN": "DigiCert SHA2 Assured ID Timestamping CA", // "digestAlgOid": "2.16.840.1.101.3.4.2.1", // "digestAlgName": "SHA256" // }, // "contentType": "1.2.840.113549.1.9.16.1.4", // "signingTime": "200405023019Z", // "messageDigest": "f14zOsdnN9vyyV3HjjBiLzNDi1PF28hAFMODxNkNRZs=", // "signingAlgOid": "1.2.840.113549.1.1.1", // "signingAlgName": "RSA-PKCSV-1_5", // "authAttr": { // "1.2.840.113549.1.9.3": { // "name": "contentType", // "oid": "1.2.840.113549.1.9.16.1.4" // }, // "1.2.840.113549.1.9.5": { // "name": "signingTime", // "utctime": "200405023019Z" // }, // "1.2.840.113549.1.9.16.2.12": { // "name": "signingCertificate", // "der": "MBowGDAWBBQDJb1QXtqWMC3CL0+gHkwovig0xQ==" // }, // "1.2.840.113549.1.9.4": { // "name": "messageDigest", // "digest": "f14zOsdnN9vyyV3HjjBiLzNDi1PF28hAFMODxNkNRZs=" // } // } // } // ] // } // } // } Dim signingTime As New Chilkat.DtObj Dim authAttrSigningTimeUtctime As New Chilkat.DtObj Dim strVal As String Dim certSerialNumber As String Dim certIssuerCN As String Dim certDigestAlgOid As String Dim certDigestAlgName As String Dim contentType As String Dim messageDigest As String Dim signingAlgOid As String Dim signingAlgName As String Dim authAttrContentTypeName As String Dim authAttrContentTypeOid As String Dim authAttrSigningTimeName As String Dim authAttrSigningCertificateName As String Dim authAttrSigningCertificateDer As String Dim authAttrMessageDigestName As String Dim authAttrMessageDigestDigest As String Dim timestampReplyPkiStatusValue As Int32 timestampReplyPkiStatusValue = json.IntOf("timestampReply.pkiStatus.value") Dim timestampReplyPkiStatusMeaning As String timestampReplyPkiStatusMeaning = json.StringOf("timestampReply.pkiStatus.meaning") Dim i As Int32 i = 0 Dim count_i As Int32 count_i = json.SizeOfArray("pkcs7.verify.digestAlgorithms") While i < count_i json.I = i strVal = json.StringOf("pkcs7.verify.digestAlgorithms[i]") i = i + 1 Wend i = 0 count_i = json.SizeOfArray("pkcs7.verify.signerInfo") While i < count_i json.I = i certSerialNumber = json.StringOf("pkcs7.verify.signerInfo[i].cert.serialNumber") certIssuerCN = json.StringOf("pkcs7.verify.signerInfo[i].cert.issuerCN") certDigestAlgOid = json.StringOf("pkcs7.verify.signerInfo[i].cert.digestAlgOid") certDigestAlgName = json.StringOf("pkcs7.verify.signerInfo[i].cert.digestAlgName") contentType = json.StringOf("pkcs7.verify.signerInfo[i].contentType") success = json.DtOf("pkcs7.verify.signerInfo[i].signingTime",False,signingTime) messageDigest = json.StringOf("pkcs7.verify.signerInfo[i].messageDigest") signingAlgOid = json.StringOf("pkcs7.verify.signerInfo[i].signingAlgOid") signingAlgName = json.StringOf("pkcs7.verify.signerInfo[i].signingAlgName") authAttrContentTypeName = json.StringOf("pkcs7.verify.signerInfo[i].authAttr.""1.2.840.113549.1.9.3"".name") authAttrContentTypeOid = json.StringOf("pkcs7.verify.signerInfo[i].authAttr.""1.2.840.113549.1.9.3"".oid") authAttrSigningTimeName = json.StringOf("pkcs7.verify.signerInfo[i].authAttr.""1.2.840.113549.1.9.5"".name") success = json.DtOf("pkcs7.verify.signerInfo[i].authAttr.""1.2.840.113549.1.9.5"".utctime",False,authAttrSigningTimeUtctime) authAttrSigningCertificateName = json.StringOf("pkcs7.verify.signerInfo[i].authAttr.""1.2.840.113549.1.9.16.2.12"".name") authAttrSigningCertificateDer = json.StringOf("pkcs7.verify.signerInfo[i].authAttr.""1.2.840.113549.1.9.16.2.12"".der") authAttrMessageDigestName = json.StringOf("pkcs7.verify.signerInfo[i].authAttr.""1.2.840.113549.1.9.4"".name") authAttrMessageDigestDigest = json.StringOf("pkcs7.verify.signerInfo[i].authAttr.""1.2.840.113549.1.9.4"".digest") i = i + 1 Wend |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.