TEST CASE |
ID | 10001 |
CODE | OK |
EXP_VALUE | ACCEPT |
NOTE | norm-reply (granted) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10002 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10002
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 1 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | abbr. |
DETAIL | abbr. |
TEST CASE |
ID | 10002 |
CODE | MIME |
EXP_VALUE | REJECT |
NOTE | invalid mime-type |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10003 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-response |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 2 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 3.4. Time-Stamp Protocol via HTTP |
DETAIL | valid response with content type application/timestamp-response or #typo of RFC 3161 |
TEST CASE |
ID | 10003 |
CODE | STATUS |
EXP_VALUE | ACCEPT |
NOTE | norm-reply (grantedWithMods) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10004 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 1(grantedWithMods) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 3 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | "when the PKIStatus contains the value one a TimeStampToken,with modifications, is present." |
TEST CASE |
ID | 10004 |
CODE | STATUS |
EXP_VALUE | REJECT |
NOTE | norm-reply (rejection) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10005 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | 1.2.9999.9999 |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | NONE |
PKIStatusInfo.status | 2(rejection) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | 15 (unacceptedPolicy) |
TSTInfo.version | - |
TSTInfo.policy | - |
MessageImprint.hashAlgorithm | - |
MessageImprint.hashedMessage | - |
TSTInfo.serialNumber | - |
TSTInfo.genTime | - |
TSTInfo.accuracy | - |
TSTInfo.ordering | - |
TSTInfo.nonce | - |
TSTInfo.tsa | - |
TSTInfo.extensions | - |
CMS::signedData.version | - |
CMS::contentInfo | - |
CMS::econtentInfo | - |
CMS::signingCertificate | - |
CMS::signerInfo | - |
CMS::ESSCertID.certHash | - |
CMS::signature | - |
CMS::SigningCertificate.signer_keypair | - |
CMS::SigningCertificate.certs | - |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | the requesting entity SHALL verify the status error returned in the response |
TEST CASE |
ID | 10005 |
CODE | STATUS |
EXP_VALUE | REJECT |
NOTE | TimeStampResp.status is out of a range |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10006 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | NONE |
PKIStatusInfo.status | 9 |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | - |
TSTInfo.policy | - |
MessageImprint.hashAlgorithm | - |
MessageImprint.hashedMessage | - |
TSTInfo.serialNumber | - |
TSTInfo.genTime | - |
TSTInfo.accuracy | - |
TSTInfo.ordering | - |
TSTInfo.nonce | - |
TSTInfo.tsa | - |
TSTInfo.extensions | - |
CMS::signedData.version | - |
CMS::contentInfo | - |
CMS::econtentInfo | - |
CMS::signingCertificate | - |
CMS::signerInfo | - |
CMS::ESSCertID.certHash | - |
CMS::signature | - |
CMS::SigningCertificate.signer_keypair | - |
CMS::SigningCertificate.certs | - |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | Compliant clients MUST generate an error if values it does not understand are present. |
TEST CASE |
ID | 10006 |
CODE | STATUS |
EXP_VALUE | REJECT |
NOTE | PKIStatusInfo.failInfo is out of a range |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10007 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | NONE |
PKIStatusInfo.status | 2(rejection) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | 26 |
TSTInfo.version | - |
TSTInfo.policy | - |
MessageImprint.hashAlgorithm | - |
MessageImprint.hashedMessage | - |
TSTInfo.serialNumber | - |
TSTInfo.genTime | - |
TSTInfo.accuracy | - |
TSTInfo.ordering | - |
TSTInfo.nonce | - |
TSTInfo.tsa | - |
TSTInfo.extensions | - |
CMS::signedData.version | - |
CMS::contentInfo | - |
CMS::econtentInfo | - |
CMS::signingCertificate | - |
CMS::signerInfo | - |
CMS::ESSCertID.certHash | - |
CMS::signature | - |
CMS::SigningCertificate.signer_keypair | - |
CMS::SigningCertificate.certs | - |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | Compliant clients MUST generate an error if values it does not understand are present. |
TEST CASE |
ID | 10007 |
CODE | TST |
EXP_VALUE | REJECT |
NOTE | no TST in spite of granted reply |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10008 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | NONE |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | - |
TSTInfo.policy | - |
MessageImprint.hashAlgorithm | - |
MessageImprint.hashedMessage | - |
TSTInfo.serialNumber | - |
TSTInfo.genTime | - |
TSTInfo.accuracy | - |
TSTInfo.ordering | - |
TSTInfo.nonce | - |
TSTInfo.tsa | - |
TSTInfo.extensions | - |
CMS::signedData.version | - |
CMS::contentInfo | - |
CMS::econtentInfo | - |
CMS::signingCertificate | - |
CMS::signerInfo | - |
CMS::ESSCertID.certHash | - |
CMS::signature | - |
CMS::SigningCertificate.signer_keypair | - |
CMS::SigningCertificate.certs | - |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | "When the status contains the value zero or one, a TimeStampToken MUST be present." |
TEST CASE |
ID | 10008 |
CODE | TST |
EXP_VALUE | REJECT |
NOTE | TST exists though TimeStampResp.status is 2(rejection) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10009 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | 1.2.9999.9999 |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 2(rejection) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | 15 (unacceptedPolicy) |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 8 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | "When status contains a value other than zero or one, a TimeStampToken MUST NOT be present." |
TEST CASE |
ID | 10009 |
CODE | CMS |
EXP_VALUE | REJECT |
NOTE | CMS::contentType is invalid |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10010 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10010
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 9 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-Data |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | It is defined as a ContentInfo ([CMS]) and SHALL encapsulate a signed data content type. |
TEST CASE |
ID | 10010 |
CODE | CMS |
EXP_VALUE | REJECT |
NOTE | CMS::eContentType is invalid |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10011 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10011
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 10 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-Data |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | For a time-stamp token it is defined as: id-ct-TSTInfo OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 4} |
TEST CASE |
ID | 10011 |
CODE | CMS |
EXP_VALUE | ACCEPT |
NOTE | CMS::signedData.version is invalid |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10012 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10012
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 11 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 1 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3369 |
SECTION | 5.1 SignedData Type |
DETAIL | "if attribute certificates are present, the encapsulated content type is other than id-data, or any of the elements of SignerInfos are version 3, then the value of version shall be 3." |
TEST CASE |
ID | 10012 |
CODE | TSTInfo |
EXP_VALUE | REJECT |
NOTE | invalid TST encoding |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10013 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10013
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT(but unable to decode) |
PKIStatusInfo.status | - |
PKIStatusInfo.statusString | - |
PKIStatusInfo.failInfo | - |
TSTInfo.version | - |
TSTInfo.policy | - |
MessageImprint.hashAlgorithm | - |
MessageImprint.hashedMessage | - |
TSTInfo.serialNumber | - |
TSTInfo.genTime | - |
TSTInfo.accuracy | - |
TSTInfo.ordering | - |
TSTInfo.nonce | - |
TSTInfo.tsa | - |
TSTInfo.extensions | - |
CMS::signedData.version | - |
CMS::contentInfo | - |
CMS::econtentInfo | - |
CMS::signingCertificate | - |
CMS::signerInfo | - |
CMS::ESSCertID.certHash | - |
CMS::signature | - |
CMS::SigningCertificate.signer_keypair | - |
CMS::SigningCertificate.certs | - |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | it SHALL verify the various fields contained in the TimeStampToken |
TEST CASE |
ID | 10013 |
CODE | TSTInfo-Version |
EXP_VALUE | REJECT |
NOTE | invalid TSTInfo.version |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10014 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10014
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 0 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 13 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | The version field (currently v1) describes the version of the time-stamp token. |
TEST CASE |
ID | 10014 |
CODE | TSTInfo-Version |
EXP_VALUE | REJECT |
NOTE | invalid TSTInfo.version |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10015 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10015
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 2 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 14 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | The version field (currently v1) describes the version of the time-stamp token. |
TEST CASE |
ID | 10015 |
CODE | reqPolicy |
EXP_VALUE | ACCEPT |
NOTE | matched TSTInfo.policy (1.2.3) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10016 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | 1.2.3 |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 15 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | "If a similar field was present in the TimeStampReq, then it MUST have the same value" |
TEST CASE |
ID | 10016 |
CODE | reqPolicy |
EXP_VALUE | REJECT |
NOTE | mismatched TSTInfo.policy (1.2.3.1.2.3) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10017 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | 1.2.9999.9999 |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3.1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 16 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | "If a similar field was present in the TimeStampReq, then it MUST have the same value" |
TEST CASE |
ID | 10017 |
CODE | messageImprint |
EXP_VALUE | REJECT |
NOTE | TSTInfo.massageImprint.hash is mismatched (120bit) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10018 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | 1.2.840.113549.2.5(md5) |
MessageImprint.hashedMessage | 0xd8e8fca2dc0f896fd7cb4cb0031ba249(120bit) |
TSTInfo.serialNumber | 17 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | "In particular, it SHALL verify that what was time-stamped corresponds to what was requested to be time-stamped." |
TEST CASE |
ID | 10018 |
CODE | messageImprint |
EXP_VALUE | REJECT |
NOTE | TSTInfo.massageImprint.hash is mismatched (160bit) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10019 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | 1.3.14.3.2.26(sha-1) |
MessageImprint.hashedMessage | 0x4e1243bd22c66e76c2ba9eddc1f91394e57f9f83(160bit) |
TSTInfo.serialNumber | 18 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | "In particular, it SHALL verify that what was time-stamped corresponds to what was requested to be time-stamped." |
TEST CASE |
ID | 10019 |
CODE | serialNumber |
EXP_VALUE | ACCEPT |
NOTE | big serialNumber |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10020 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10020
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 0x4e1243bd22c66e76c2ba9eddc1f91394 e57f9f834e1243bd22c66e76c2ba9edd c1f91394e57f9f834e1243bd22c66e76 c2ba9eddc1f91394e57f9f834e1243bd(64byte) |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | Time-Stamping users MUST be ready to accommodate integers up to 160 bits. |
TEST CASE |
ID | 10020 |
CODE | genTime |
EXP_VALUE | REJECT |
NOTE | invalid TSTInfo.genTime (no seconds) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10021 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10021
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 20 |
TSTInfo.genTime | YYYYMMDDhhmmZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | GeneralizedTime values MUST include seconds. |
TEST CASE |
ID | 10021 |
CODE | genTime |
EXP_VALUE | REJECT |
NOTE | invalid TSTInfo.genTime (no 'Z') |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10022 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10022
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 21 |
TSTInfo.genTime | YYYYMMDDhhmmss |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | "The encoding MUST terminate with a ""Z"" (which means ""Zulu"" time)." |
TEST CASE |
ID | 10022 |
CODE | genTime |
EXP_VALUE | REJECT |
NOTE | invalid TSTInfo.genTime (YYYYMMDDhhmmss:999Z) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10023 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10023
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 22 |
TSTInfo.genTime | YYYYMMDDhhmmss:999Z |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | "The decimal point element, if present, MUST be the point option "".""." |
TEST CASE |
ID | 10023 |
CODE | genTime |
EXP_VALUE | REJECT |
NOTE | invalid TSTInfo.genTime (YYYYMMDDhhmmss.900Z) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10024 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10024
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 23 |
TSTInfo.genTime | YYYYMMDDhhmmss.900Z |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | "The fractional-seconds elements, if present, MUST omit all trailing 0's;" |
TEST CASE |
ID | 10024 |
CODE | genTime |
EXP_VALUE | REJECT |
NOTE | invalid TSTInfo.genTime (YYYYMMDDhhmmss.000Z) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10025 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10025
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 24 |
TSTInfo.genTime | YYYYMMDDhhmmss.000Z |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | "if the elements correspond to 0, they MUST be wholly omitted" |
TEST CASE |
ID | 10025 |
CODE | genTime |
EXP_VALUE | REJECT |
NOTE | invalid TSTInfo.genTime (YYYYMMDDhhmmss.Z) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10026 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10026
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 25 |
TSTInfo.genTime | YYYYMMDDhhmmss.Z |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | and the decimal point element also MUST be omitted. |
TEST CASE |
ID | 10026 |
CODE | genTime |
EXP_VALUE | REJECT |
NOTE | too old genTime (with nonce) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10027 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 26 |
TSTInfo.genTime | YYYYMMDDhhmmssZ -864000 |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | It SHALL then verify the timeliness of the response by verifying either the time included in the response against a local trusted time reference |
TEST CASE |
ID | 10027 |
CODE | genTime |
EXP_VALUE | REJECT |
NOTE | too old genTime (without nonce) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10028 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 27 |
TSTInfo.genTime | YYYYMMDDhhmmssZ -864000 |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | NONE |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | It SHALL then verify the timeliness of the response by verifying either the time included in the response against a local trusted time reference |
TEST CASE |
ID | 10028 |
CODE | genTime |
EXP_VALUE | REJECT |
NOTE | too new genTime (with nonce) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10029 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10029
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 28 |
TSTInfo.genTime | YYYYMMDDhhmmssZ +864000 |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | It SHALL then verify the timeliness of the response by verifying either the time included in the response against a local trusted time reference |
TEST CASE |
ID | 10029 |
CODE | genTime |
EXP_VALUE | REJECT |
NOTE | too new genTime (without nonce) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10030 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10030
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 29 |
TSTInfo.genTime | YYYYMMDDhhmmssZ +864000 |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | NONE |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | It SHALL then verify the timeliness of the response by verifying either the time included in the response against a local trusted time reference |
TEST CASE |
ID | 10030 |
CODE | accuracy |
EXP_VALUE | ACCEPT |
NOTE | accuracy>1sec |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10031 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10031
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 30 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | 10.0.0 |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | "accuracy can be decomposed in seconds, milliseconds (between 1-999) and microseconds (1-999), all expressed as integer." |
TEST CASE |
ID | 10031 |
CODE | accuracy |
EXP_VALUE | ACCEPT |
NOTE | accuracy<1sec |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10032 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10032
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 31 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | 0.5.0 |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | "accuracy can be decomposed in seconds, milliseconds (between 1-999) and microseconds (1-999), all expressed as integer." |
TEST CASE |
ID | 10032 |
CODE | nonce |
EXP_VALUE | ACCEPT |
NOTE | matched nonce |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10033 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 32 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.1. Request Format |
DETAIL | the same nonce value MUST be included in the response |
TEST CASE |
ID | 10033 |
CODE | nonce |
EXP_VALUE | REJECT |
NOTE | unmatched nonce (0xFFFFFFFF) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10034 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 33 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | 0xFFFFFFFF |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.1. Request Format |
DETAIL | the same nonce value MUST be included in the response |
TEST CASE |
ID | 10034 |
CODE | nonce |
EXP_VALUE | REJECT |
NOTE | no nonce in spite of the request |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10035 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 34 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | 0xFFFFFFFF |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | The nonce field MUST be present if it was present in the TimeStampReq. |
TEST CASE |
ID | 10035 |
CODE | nonce |
EXP_VALUE | REJECT |
NOTE | unintended nonce |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10036 |
Get TST (for OFFLINE test) | NOT SUPPORTED |
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 35 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | 0xFFFFFFFF |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.1. Request Format |
DETAIL | the same nonce value MUST be included in the response |
TEST CASE |
ID | 10036 |
CODE | tsa |
EXP_VALUE | ACCEPT |
NOTE | TSTInfo.tsa exists |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10037 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10037
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 36 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | "c=jp,s=tokyo,o=jnsa,cn=challengePKI2003 TSA" |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | tsa [0] GeneralName OPTIONAL |
TEST CASE |
ID | 10037 |
CODE | tsa |
EXP_VALUE | REJECT |
NOTE | mismatched TSTInfo.tsa with signing certificate |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10038 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10038
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 37 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | "c=jp,s=tokyo,o=jnsa,cn=tryPKI2003 TSP" |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | "If present, it MUST correspond to one of the subject names included in the certificate that is to be used to verify the token." |
TEST CASE |
ID | 10038 |
CODE | extension |
EXP_VALUE | ACCEPT |
NOTE | TST with non-critical extension |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10039 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10039
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 38 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | 1.1.1(non-critical) |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | extensions [1] IMPLICIT Extensions OPTIONAL |
TEST CASE |
ID | 10039 |
CODE | extension |
EXP_VALUE | REJECT |
NOTE | TST with undefined critical extension |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10040 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10040
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 39 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | 1.1.1(critical) |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | "Conforming time-stamping requesters MUST be able to recognize version 1 time-stamp tokens with all the optional fields present, but are not mandated to understand the semantics of any extension" |
TEST CASE |
ID | 10040 |
CODE | certReq |
EXP_VALUE | REJECT |
NOTE | no TSA certificate in spite of the request |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10041 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10041
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 40 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | NONE |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.1. Request Format |
DETAIL | "If the certReq field is present and set to true, the TSA's public key certificate that is referenced by the ESSCertID identifier inside a SigningCertificate attribute in the response MUST be provided by the TSA in the certificates field from the SignedData structure in that response. " |
TEST CASE |
ID | 10041 |
CODE | certReq |
EXP_VALUE | REJECT |
NOTE | unintended TSA certificate |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10042 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10042
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | FALSE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 41 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | If the certReq field is missing or if the certReq field is present and set to false then the certificates field from the SignedData structure MUST not be present in the response. |
TEST CASE |
ID | 10042 |
CODE | sign |
EXP_VALUE | REJECT |
NOTE | no digital signature |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10043 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10043
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 42 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 0 |
CMS::ESSCertID.certHash | - |
CMS::signature | - |
CMS::SigningCertificate.signer_keypair | - |
CMS::SigningCertificate.certs | - |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | it SHALL verify (...snip...) the validity of the digital signature of the TimeStampToken. |
TEST CASE |
ID | 10043 |
CODE | sign |
EXP_VALUE | REJECT |
NOTE | multiple digital signatures |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10044 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10044
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 43 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 2 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | "1,2" |
CMS::SigningCertificate.certs | "1,2" |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | The time-stamp token MUST NOT contain any signatures other than the signature of the TSA. |
TEST CASE |
ID | 10044 |
CODE | sign |
EXP_VALUE | REJECT |
NOTE | no ESSCertID |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10045 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10045
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 44 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | NONE |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | The certificate identifier (ESSCertID) of the TSA certificate MUST be included as a signerInfo attribute inside a SigningCertificate attribute. |
TEST CASE |
ID | 10045 |
CODE | sign |
EXP_VALUE | REJECT |
NOTE | invalid ESSCertID |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10046 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10046
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 45 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | 0x4e1243bd22c66e76c2ba9eddc1f91394e57f9f83(mismatched) |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.4.2. Response Format |
DETAIL | The certificate identifier (ESSCertID) of the TSA certificate MUST be included as a signerInfo attribute inside a SigningCertificate attribute. |
TEST CASE |
ID | 10046 |
CODE | sign |
EXP_VALUE | REJECT |
NOTE | signature is tampered |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10047 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10047
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 46 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | TAMPERED |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | it SHALL verify (...snip...) the validity of the digital signature of the TimeStampToken. |
TEST CASE |
ID | 10047 |
CODE | sign |
EXP_VALUE | REJECT |
NOTE | mismatched digital signature |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10048 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10048
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 47 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 2 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | it SHALL verify (...snip...) the validity of the digital signature of the TimeStampToken. |
TEST CASE |
ID | 10048 |
CODE | signerCert |
EXP_VALUE | REJECT |
NOTE | multiple ExtendKeyUsage in TSA certificate |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10049 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10049
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 48 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 2 |
CMS::SigningCertificate.certs | 2 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.3. Identification of the TSA |
DETAIL | The corresponding certificate MUST contain only one instance of the extended key usage field extension as defined in [RFC2459] Section 4.2.1.13 with KeyPurposeID having value |
TEST CASE |
ID | 10049 |
CODE | signerCert |
EXP_VALUE | REJECT |
NOTE | no keyUsage in TSA certificate |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10050 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10050
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 49 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 3 |
CMS::SigningCertificate.certs | 3 |
REFERENCE |
REF. | RFC 3280 |
SECTION | 4.2.1.13 |
DETAIL | abbr. |
TEST CASE |
ID | 10050 |
CODE | signerCert |
EXP_VALUE | REJECT |
NOTE | expired TSA certificate |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10051 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10051
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 50 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 4 |
CMS::SigningCertificate.certs | 4 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | it SHALL verify (...snip...) the validity of the digital signature of the TimeStampToken. |
TEST CASE |
ID | 10051 |
CODE | signerCert |
EXP_VALUE | REJECT |
NOTE | revoked TSA certificate |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10052 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10052
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 51 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 5 |
CMS::SigningCertificate.certs | 5 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | it SHALL verify (...snip...) the validity of the digital signature of the TimeStampToken. |
TEST CASE |
ID | 10052 |
CODE | signerCert |
EXP_VALUE | ACCEPT |
NOTE | TSA certificate exists (2048bits) |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10053 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10053
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 52 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 6 |
CMS::SigningCertificate.certs | 6 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | it SHALL verify (...snip...) the validity of the digital signature of the TimeStampToken. |
TEST CASE |
ID | 10053 |
CODE | messageImprint |
EXP_VALUE | REJECT |
NOTE | mismatched TSTInfo.massageImprint.hash |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10054 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10054
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | NONE |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | 1.2.840.113549.2.5(md5) |
MessageImprint.hashedMessage | 0x12345678901234500000(80bit) |
TSTInfo.serialNumber | 53 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 1 |
CMS::SigningCertificate.certs | 1 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.2. TSA Transactions |
DETAIL | Its length MUST match the length of the hash value for that algorithm |
TEST CASE |
ID | 10054 |
CODE | signerCert |
EXP_VALUE | REJECT |
NOTE | non-critical ExtendKeyUsage in TSA certificate |
TSA URL (for ONLINE test) | http://share.roboc.net/cgi-bin/cpki_tsa.cgi?id=10055 |
Get TST (for OFFLINE test) | http://share.roboc.net/cgi-bin/cpki_tsr_getfile.cgi?type=tst&id=10055
|
TSQ PROFILE |
TimeStampReq.version | 1 |
MessageImprint.hashAlgorithm | SHA-1 |
MessageImprint.hashedMessage | 0x (160bit) |
TimeStampReq.reqPolicy | NONE |
TimeStampReq.nonce | 0x (160bit) |
TimeStampReq.certReq | TRUE |
TimeStampReq.extensions | NONE |
TSR AND TST PROFILE |
MIME-TYPE(application/) | timestamp-reply |
TimeStampToken | PRESENT |
PKIStatusInfo.status | 0(granted) |
PKIStatusInfo.statusString | NONE |
PKIStatusInfo.failInfo | NONE |
TSTInfo.version | 1 |
TSTInfo.policy | 1.2.3 |
MessageImprint.hashAlgorithm | AUTO |
MessageImprint.hashedMessage | AUTO |
TSTInfo.serialNumber | 54 |
TSTInfo.genTime | YYYYMMDDhhmmssZ |
TSTInfo.accuracy | NONE |
TSTInfo.ordering | FALSE |
TSTInfo.nonce | AUTO |
TSTInfo.tsa | NONE |
TSTInfo.extensions | NONE |
CMS::signedData.version | 3 |
CMS::contentInfo | id-signedData |
CMS::econtentInfo | id-ct-TSTInfo |
CMS::signingCertificate | PRESENT |
CMS::signerInfo | 1 |
CMS::ESSCertID.certHash | AUTO |
CMS::signature | AUTO |
CMS::SigningCertificate.signer_keypair | 7 |
CMS::SigningCertificate.certs | 7 |
REFERENCE |
REF. | RFC 3161 |
SECTION | 2.3. Identification of the TSA |
DETAIL | This extension MUST be critical. |