Good day,
Can someone please help me using the Crypto Api function, CryptRetrieveTimeStamp? I successfully use CryptSignMessage to sign my message and now I want to timestamp the data at a TSA, but CryptRetrieveTimeStamp always return *TRUST_E_TIME_STAMP* error.
My function looks as follows, pbMessage and cbMessage are the data and size received from CryptSignMessage:
PCRYPT_TIMESTAMP_CONTEXT tcontext = NULL;
HCERTSTORE hStore = NULL;
fReturn = CryptRetrieveTimeStamp(widestr.c_str(),
TIMESTAMP_NO_AUTH_RETRIEVAL,
0,
szOID_RSA_MD5,
NULL,
(const BYTE*)pbMessage,
cbMessage,
&tcontext,
NULL,
&hStore);
I know the error means: The time stamp signer and or certificate could not be verified or is malformed. But I have no idea what or how to solve this error?
Any help/hints would be appreciated. Thanks, Magda
Viewing the request/response through wireshark gave better insight into the problem.
The TSA is a valid TSA, but the encoding was wrong. Changing *szOID_RSA_MD5* to *szOID_NIST_sha256* solved my problem.