Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add missing XML docs to System.Security.* #44461

Merged
merged 8 commits into from
Nov 20, 2020
Merged
Show file tree
Hide file tree
Changes from 7 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,9 @@ public class Rfc2898DeriveBytes : DeriveBytes
private int _startIndex;
private int _endIndex;

/// <summary>
/// Gets the hash algorithm used for byte derivation.
/// </summary>
public HashAlgorithmName HashAlgorithm { get; }

public Rfc2898DeriveBytes(byte[] password, byte[] salt, int iterations)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,9 @@

namespace System.Security.Cryptography.Pkcs
{
/// <summary>
/// Represents the timestamp token information class defined in RFC3161 as TSTInfo.
/// </summary>
public sealed class Rfc3161TimestampTokenInfo
{
private readonly byte[] _encodedBytes;
Expand All @@ -20,6 +23,21 @@ public sealed class Rfc3161TimestampTokenInfo
private Oid? _hashAlgorithmId;
private ReadOnlyMemory<byte>? _tsaNameBytes;

/// <summary>
/// Initializes a new instance of the <see cref="Rfc3161TimestampTokenInfo" /> class with the specified parameters.
/// </summary>
/// <param name="policyId">An OID representing the TSA's policy under which the response was produced.</param>
/// <param name="hashAlgorithmId">A hash algorithm OID of the data to be timestamped.</param>
/// <param name="messageHash">A hash value of the data to be timestamped.</param>
/// <param name="serialNumber">An integer assigned by the TSA to the <see cref="Rfc3161TimestampTokenInfo"/>.</param>
/// <param name="timestamp">The timestamp encoded in the token.</param>
/// <param name="accuracyInMicroseconds">The accuracy with which <paramref name="timestamp"/> is compared. Also see <paramref name="isOrdering"/>.</param>
/// <param name="isOrdering"><see langword="true" /> to ensure that every timestamp token from the same TSA can always be ordered based on the <paramref name="timestamp"/>, regardless of the accuracy; <see langword="false" /> to make <paramref name="timestamp"/> indicate when token has been created by the TSA.</param>
/// <param name="nonce">The nonce associated with this timestamp token. Using a nonce always allows to detect replays, and hence its use is recommended.</param>
/// <param name="timestampAuthorityName">The hint in the TSA name identification. The actual identification of the entity that signed the response will always occur through the use of the certificate identifier.</param>
/// <param name="extensions">The extension values associated with the timestamp.</param>
/// <remarks>If <paramref name="hashAlgorithmId" />, <paramref name="messageHash" />, <paramref name="policyId" /> or <paramref name="nonce" /> are present in the <see cref="Rfc3161TimestampRequest"/>, then the same value should be used. If <paramref name="accuracyInMicroseconds"/> is not provided, then the accuracy may be available through other means such as i.e. <paramref name="policyId" />.</remarks>
krwq marked this conversation as resolved.
Show resolved Hide resolved
/// <exception cref="CryptographicException">ASN.1 corrupted data.</exception>
public Rfc3161TimestampTokenInfo(
Oid policyId,
Oid hashAlgorithmId,
Expand All @@ -29,7 +47,7 @@ public Rfc3161TimestampTokenInfo(
long? accuracyInMicroseconds = null,
bool isOrdering = false,
ReadOnlyMemory<byte>? nonce = null,
ReadOnlyMemory<byte>? tsaName = null,
ReadOnlyMemory<byte>? timestampAuthorityName = null,
X509ExtensionCollection? extensions = null)
{
_encodedBytes = Encode(
Expand All @@ -41,7 +59,7 @@ public Rfc3161TimestampTokenInfo(
isOrdering,
accuracyInMicroseconds,
nonce,
tsaName,
timestampAuthorityName,
extensions);

if (!TryDecode(_encodedBytes, true, out _parsedData, out _, out _))
Expand All @@ -57,17 +75,76 @@ private Rfc3161TimestampTokenInfo(byte[] copiedBytes, Rfc3161TstInfo tstInfo)
_parsedData = tstInfo;
}

/// <summary>
/// Gets the version of the timestamp token.
/// </summary>
/// <value>The version of the timestamp token.</value>
public int Version => _parsedData.Version;

/// <summary>
/// Gets an OID representing the TSA's policy under which the response was produced.
/// </summary>
/// <value>An OID representing the TSA's policy under which the response was produced.</value>
public Oid PolicyId => (_policyOid ??= new Oid(_parsedData.Policy, null));

/// <summary>
/// Gets an OID of the hash algorithm.
/// </summary>
/// <value>An OID of the hash algorithm.</value>
public Oid HashAlgorithmId => (_hashAlgorithmId ??= new Oid(_parsedData.MessageImprint.HashAlgorithm.Algorithm, null));

/// <summary>
/// Gets the data representing the message hash.
/// </summary>
/// <returns>The data representing the message hash.</returns>
public ReadOnlyMemory<byte> GetMessageHash() => _parsedData.MessageImprint.HashedMessage;

/// <summary>
/// Gets an integer assigned by the TSA to the <see cref="Rfc3161TimestampTokenInfo"/>.
/// </summary>
/// <returns>An integer assigned by the TSA to the <see cref="Rfc3161TimestampTokenInfo"/>.</returns>
public ReadOnlyMemory<byte> GetSerialNumber() => _parsedData.SerialNumber;

/// <summary>
/// Gets the timestamp encoded in the token.
/// </summary>
/// <value>The timestamp encoded in the token.</value>
public DateTimeOffset Timestamp => _parsedData.GenTime;

/// <summary>
/// Gets the accuracy with which <see cref="Timestamp"/> is compared.
/// </summary>
/// <seealso cref="IsOrdering" />
/// <value>The accuracy with which <see cref="Timestamp"/> is compared.</value>
public long? AccuracyInMicroseconds => _parsedData.Accuracy?.TotalMicros;

/// <summary>
/// Gets a value indicating if every timestamp token from the same TSA can always be ordered based on the <see cref="Timestamp"/>, regardless of the accuracy; If <see langword="false" />, <see cref="Timestamp"/> indicates when the token has been created by the TSA.
/// </summary>
/// <value>A value indicating if every timestamp token from the same TSA can always be ordered based on the <see cref="Timestamp"/>.</value>
public bool IsOrdering => _parsedData.Ordering;
krwq marked this conversation as resolved.
Show resolved Hide resolved

/// <summary>
/// Gets the nonce associated with this timestamp token.
/// </summary>
/// <value>The nonce associated with this timestamp token.</value>
krwq marked this conversation as resolved.
Show resolved Hide resolved
public ReadOnlyMemory<byte>? GetNonce() => _parsedData.Nonce;
krwq marked this conversation as resolved.
Show resolved Hide resolved

/// <summary>
/// Gets a value indicating whether there are any extensions associated with this timestamp token.
/// </summary>
/// <value>A value indicating whether there are any extensions associated with this timestamp token.</value>
public bool HasExtensions => _parsedData.Extensions?.Length > 0;

/// <summary>
/// Gets the data representing the hint in the TSA name identification.
/// </summary>
/// <returns>The data representing the hint in the TSA name identification.</returns>
/// <remarks>
/// The actual identification of the entity that signed the response
/// will always occur through the use of the certificate identifier (ESSCertID Attribute)
/// inside a SigningCertificate attribute which is part of the signer info.
/// </remarks>
public ReadOnlyMemory<byte>? GetTimestampAuthorityName()
{
if (_tsaNameBytes == null)
Expand All @@ -88,6 +165,10 @@ private Rfc3161TimestampTokenInfo(byte[] copiedBytes, Rfc3161TstInfo tstInfo)
return _tsaNameBytes.Value;
}

/// <summary>
/// Gets the extension values associated with the timestamp.
/// </summary>
/// <returns>The extension values associated with the timestamp.</returns>
public X509ExtensionCollection GetExtensions()
krwq marked this conversation as resolved.
Show resolved Hide resolved
{
var coll = new X509ExtensionCollection();
Expand Down Expand Up @@ -115,11 +196,21 @@ public X509ExtensionCollection GetExtensions()
return coll;
}

/// <summary>
/// Encodes this object into a TSTInfo value
/// </summary>
/// <returns>The encoded TSTInfo value.</returns>
public byte[] Encode()
{
return _encodedBytes.CloneByteArray();
}

/// <summary>
/// Attempts to encode this object as a TSTInfo value, writing the result into the provided buffer.
/// </summary>
/// <param name="destination">The destination buffer.</param>
/// <param name="bytesWritten">When this method returns <see langword="true" />, contains the bytes written to the <paramref name="destination" /> buffer.</param>
/// <returns><see langword="true" /> if the operation succeeded; <see langword="false" /> if the buffer size was insufficient.</returns>
public bool TryEncode(Span<byte> destination, out int bytesWritten)
{
if (destination.Length < _encodedBytes.Length)
Expand All @@ -133,12 +224,19 @@ public bool TryEncode(Span<byte> destination, out int bytesWritten)
return true;
}

/// <summary>
/// Decodes an encoded TSTInfo value.
/// </summary>
/// <param name="encodedBytes">The input or source buffer.</param>
/// <param name="timestampTokenInfo">When this method returns <see langword="true" />, the decoded data. When this method returns <see langword="false" />, the value is <see langword="null" />, meaning the data could not be decoded.</param>
/// <param name="bytesConsumed">The number of bytes used for decoding.</param>
/// <returns><see langword="true" /> if the operation succeeded; <see langword="false" /> otherwise.</returns>
public static bool TryDecode(
ReadOnlyMemory<byte> source,
ReadOnlyMemory<byte> encodedBytes,
[NotNullWhen(true)] out Rfc3161TimestampTokenInfo? timestampTokenInfo,
out int bytesConsumed)
{
if (TryDecode(source, false, out Rfc3161TstInfo tstInfo, out bytesConsumed, out byte[]? copiedBytes))
if (TryDecode(encodedBytes, false, out Rfc3161TstInfo tstInfo, out bytesConsumed, out byte[]? copiedBytes))
{
timestampTokenInfo = new Rfc3161TimestampTokenInfo(copiedBytes!, tstInfo);
return true;
Expand Down