Java API functions and specifications
This section provides an overview of the contents and use of the API/JDK.
Detailed documentation of the API Java classes is provided in HTML format in the docs
subdirectory of your install directory.
Components
The API/JDK consists of a tti.jar
file, Javadoc documentation and a sample application that demonstrates proper usage.
Functional overview
The API/JDK can be used to obtain a time-stamp from a TSS with four basic steps:
-
Create an encoded request.
-
Submit it to the TSS.
-
Decode the result.
-
Verify the integrity of the time-stamp.
To obtain a time-stamp from a TSS:
-
Using standard
java.security
classes, generate a digest of the data to be time-stamped. -
Generate a nonce for the request (a large random number that protects the request against replay attacks.)
-
Create a
TimeStampRequest
object with the digest, nonce, and other relevant information. -
Call
TimeStampRequest.encodeRequest
to create an ASN.1 encoded version of the request. -
Create a
TimeStampServerTCP
object with the IP address of a time-stamp server. -
Call
TimeStampServerTCP.submitRequest
to request and receive the encoded time-stamp token. The encoded time-stamp token is a PKCS #7 SignedData object and the signature can be verified with any cryptographic tool kit that supports PKCS #7. -
Create a
TimeStampToken
object with the encoded time-stamp token. -
Call
TimeStampToken.getTSTInfo
to obtain aTSTInfo
object that contains the time-stamp specific information (such as the time). -
Verify the integrity of the time-stamp token by checking that the time contained in the time-stamp is reasonably close to the current system time. Each of these steps is illustrated in the example program
TtiTest.java
included with the API/JDK.