AsicSharp 1.0.0
.NET 8.0
This package targets .NET 8.0. The package is compatible with this framework or higher.
.NET Standard 2.1
This package targets .NET Standard 2.1. The package is compatible with this framework or higher.
There is a newer version of this package available.
See the version list below for details.
See the version list below for details.
dotnet add package AsicSharp --version 1.0.0
NuGet\Install-Package AsicSharp -Version 1.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="AsicSharp" Version="1.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="AsicSharp" Version="1.0.0" />
<PackageReference Include="AsicSharp" />
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add AsicSharp --version 1.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: AsicSharp, 1.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#:package AsicSharp@1.0.0
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.
#addin nuget:?package=AsicSharp&version=1.0.0
#tool nuget:?package=AsicSharp&version=1.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
AsicSharp
Create and verify ASiC-S (Associated Signature Containers) with RFC 3161 timestamps in .NET.
Prove that data existed at a specific point in time using trusted Timestamp Authorities (TSA) like DigiCert — without needing your own signing certificate.
What is this?
An ASiC-S container is a ZIP file (per ETSI EN 319 162) that bundles:
- Your original file (any format)
- An RFC 3161 timestamp token from a trusted Timestamp Authority
This proves that this exact data existed at this exact time, signed by a trusted third party. The format is recognized by the EU eIDAS regulation for legal validity.
Installation
Library (for your application)
dotnet add package AsicSharp
CLI Tool (global)
dotnet tool install -g AsicSharp.Cli
Quick Start
Library Usage
using AsicSharp.Configuration;
using AsicSharp.Services;
// Standalone (no DI)
using var httpClient = new HttpClient();
var options = new AsicTimestampOptions
{
TimestampAuthorityUrl = WellKnownTsa.DigiCert
};
var tsaClient = new TsaClient(httpClient, options);
var asicService = new AsicService(tsaClient, options);
// Create a timestamped container
var data = File.ReadAllBytes("contract.pdf");
var result = await asicService.CreateAsync(data, "contract.pdf");
File.WriteAllBytes("contract.pdf.asics", result.ContainerBytes);
Console.WriteLine($"Timestamped at: {result.Timestamp:O}");
// Verify it later
var verification = asicService.VerifyFile("contract.pdf.asics");
Console.WriteLine($"Valid: {verification.IsValid}");
Console.WriteLine($"Timestamp: {verification.Timestamp:O}");
Console.WriteLine($"TSA: {verification.TsaCertificate?.Subject}");
With Dependency Injection
// In Startup / Program.cs
builder.Services.AddAsicSharp(options =>
{
options.TimestampAuthorityUrl = WellKnownTsa.DigiCert;
options.HashAlgorithm = HashAlgorithmName.SHA256;
});
// Or bind from configuration
builder.Services.AddAsicSharp(
builder.Configuration.GetSection("AsicTimestamp"));
// appsettings.json
{
"AsicTimestamp": {
"TimestampAuthorityUrl": "http://timestamp.digicert.com",
"HashAlgorithm": "SHA256",
"RequestSignerCertificates": true,
"Timeout": "00:00:30"
}
}
// In your service
public class MyService
{
private readonly IAsicService _asicService;
public MyService(IAsicService asicService)
{
_asicService = asicService;
}
public async Task TimestampDocument(byte[] data, string fileName)
{
var result = await _asicService.CreateAsync(data, fileName);
// result.ContainerBytes, result.Timestamp, result.DataHash
}
}
CLI Usage
# Timestamp a file
asicts stamp contract.pdf
asicts stamp contract.pdf --tsa http://timestamp.digicert.com --algorithm SHA256
# Verify a container
asicts verify contract.pdf.asics
asicts verify contract.pdf.asics --verbose
# Extract original file
asicts extract contract.pdf.asics --output ./extracted/
# List known TSA servers
asicts info
Supported Platforms
| Target | Status |
|---|---|
| .NET 10.0 | ✅ |
| .NET 8.0 | ✅ |
| .NET Standard 2.1 | ✅ (.NET Core 3.0+) |
Well-Known Timestamp Authorities
| TSA | URL | Notes |
|---|---|---|
| DigiCert | http://timestamp.digicert.com |
Default, widely trusted |
| Sectigo | http://timestamp.sectigo.com |
Formerly Comodo |
| GlobalSign | http://timestamp.globalsign.com/tsa/r6advanced1 |
|
| FreeTSA | https://freetsa.org/tsr |
Free & open |
| Apple | http://timestamp.apple.com/ts01 |
|
| Entrust | http://timestamp.entrust.net/TSS/RFC3161sha2TS |
ASiC-S Container Format
document.pdf.asics (ZIP)
├── mimetype → "application/vnd.etsi.asic-s+zip"
├── document.pdf → Your original file (unchanged)
└── META-INF/
├── timestamp.tst → RFC 3161 timestamp token
└── signature.p7s → (Optional) CMS/CAdES signature
Optional: Signing with Your Own Certificate
If you need to prove who timestamped the data (not just when), provide a signing certificate:
services.AddAsicSharp(options =>
{
options.SigningCertificate = new X509Certificate2("cert.pfx", "password");
});
This adds a CMS/CAdES detached signature (META-INF/signature.p7s) alongside the timestamp.
Verification Details
The Verify method returns detailed step-by-step results:
var result = asicService.Verify(containerBytes);
foreach (var step in result.Steps)
{
Console.WriteLine($"{(step.Passed ? "✓" : "✗")} {step.Name}: {step.Detail}");
}
// ✓ Container structure: Valid ZIP archive
// ✓ MIME type: application/vnd.etsi.asic-s+zip
// ✓ Data file: contract.pdf (125432 bytes)
// ✓ Timestamp token decode: Token decoded, timestamp: 2026-02-28T14:30:00Z
// ✓ Timestamp signature: Valid, signed by: CN=DigiCert Timestamp 2024, O=DigiCert
// ✓ Data hash match: Hash in timestamp matches data file
Standards Compliance
- ETSI EN 319 162-1 — Associated Signature Containers (ASiC) baseline
- RFC 3161 — Internet X.509 PKI Time-Stamp Protocol
- RFC 5652 — Cryptographic Message Syntax (CMS)
- EU eIDAS Regulation — Electronic identification and trust services
License
MIT — see LICENSE
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
| .NET Core | netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
| .NET Standard | netstandard2.1 is compatible. |
| MonoAndroid | monoandroid was computed. |
| MonoMac | monomac was computed. |
| MonoTouch | monotouch was computed. |
| Tizen | tizen60 was computed. |
| Xamarin.iOS | xamarinios was computed. |
| Xamarin.Mac | xamarinmac was computed. |
| Xamarin.TVOS | xamarintvos was computed. |
| Xamarin.WatchOS | xamarinwatchos was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
.NETStandard 2.1
- Microsoft.Extensions.Configuration.Abstractions (>= 9.0.3)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 9.0.3)
- Microsoft.Extensions.Http (>= 9.0.3)
- Microsoft.Extensions.Logging.Abstractions (>= 9.0.3)
- Microsoft.Extensions.Options (>= 9.0.3)
- Microsoft.Extensions.Options.ConfigurationExtensions (>= 9.0.3)
- System.Security.Cryptography.Pkcs (>= 9.0.3)
-
net10.0
- Microsoft.Extensions.Configuration.Abstractions (>= 9.0.3)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 9.0.3)
- Microsoft.Extensions.Http (>= 9.0.3)
- Microsoft.Extensions.Logging.Abstractions (>= 9.0.3)
- Microsoft.Extensions.Options (>= 9.0.3)
- Microsoft.Extensions.Options.ConfigurationExtensions (>= 9.0.3)
- System.Security.Cryptography.Pkcs (>= 9.0.3)
-
net8.0
- Microsoft.Extensions.Configuration.Abstractions (>= 9.0.3)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 9.0.3)
- Microsoft.Extensions.Http (>= 9.0.3)
- Microsoft.Extensions.Logging.Abstractions (>= 9.0.3)
- Microsoft.Extensions.Options (>= 9.0.3)
- Microsoft.Extensions.Options.ConfigurationExtensions (>= 9.0.3)
- System.Security.Cryptography.Pkcs (>= 9.0.3)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.