Java API functions and specifications

This section provides an overview of the contents and use of the API/JDK. Detailed documentation of the API Java classes is provided in HTML format in the docs subdirectory of your install directory.

Components

The API/JDK consists of a tti.jar file, Javadoc documentation and a sample application that demonstrates proper usage.

Functional overview

The API/JDK can be used to obtain a time-stamp from a TSS with four basic steps:

  • Create an encoded request.

  • Submit it to the TSS.

  • Decode the result.

  • Verify the integrity of the time-stamp.

To obtain a time-stamp from a TSS:

  1. Using standard java.security classes, generate a digest of the data to be time-stamped.

  2. Generate a nonce for the request (a large random number that protects the request against replay attacks.)

  3. Create a TimeStampRequest object with the digest, nonce, and other relevant information.

  4. Call TimeStampRequest.encodeRequest to create an ASN.1 encoded version of the request.

  5. Create a TimeStampServerTCP object with the IP address of a time-stamp server.

  6. Call TimeStampServerTCP.submitRequest to request and receive the encoded time-stamp token. The encoded time-stamp token is a PKCS #7 SignedData object and the signature can be verified with any cryptographic tool kit that supports PKCS #7.

  7. Create a TimeStampToken object with the encoded time-stamp token.

  8. Call TimeStampToken.getTSTInfo to obtain a TSTInfo object that contains the time-stamp specific information (such as the time).

  9. Verify the integrity of the time-stamp token by checking that the time contained in the time-stamp is reasonably close to the current system time. Each of these steps is illustrated in the example program TtiTest.java included with the API/JDK.