1

Using Bouncy Castle and C#, I am requesting a timestamp token with the certificates included (timestampRequestGenerator.SetCertReq(true)) and I get a response significantly bigger than when setting SetCertReq to false, so I assume that the response has somewhere the public key certificates used to generate the timestamp.

How can I access those certificates using Bouncy Castle? I have explored the response object in Visual Studio but did not find where the certificates are. 

Stream inputFile = File.OpenRead("response-with-certs.tsr");
TimeStampResponse response = new TimeStampResponse(inputFile);
inputFile.Close();
Victor
  • 23,172
  • 30
  • 86
  • 125
  • Supposedly (after looking here: https://www.bouncycastle.org/docs/pkixdocs1.4/org/bouncycastle/tsp/TimeStampResponse.html) there would be an `Encoded` property or `GetEncoded()` method. If you capture that (using `Convert.ToBase64String`) we can inspect the asn1 together to check where the certs are. – zaitsman Dec 31 '17 at 23:46
  • Actually found some sample code here: https://www.digistamp.com/toolkitDoc/comNetToolkit/DigiStampCS.txt So you should be able to do `response.TimeStampToken.GetCertificates("Collection")` to get the cert collection out – zaitsman Dec 31 '17 at 23:48
  • Thank you @zaitsman, it worked. If you want, please can you write it as an answer so I can accept it? – Victor Jan 02 '18 at 00:51

1 Answers1

2

As mentioned in the comments, you should be able to retrieve the certificate collection like so:

response.TimeStampToken.GetCertificates("Collection");
zaitsman
  • 8,984
  • 6
  • 47
  • 79