(Java) Extract TSTInfo from RFC3161 Timestamp Reply

See more HTTP Examples

Sends an RFC 3161 timestamp request to a TSA (Timestamp Authority) server and converts the timestamp reply to XML, and then extracts the TSTInfo from the XML and converts it to XML.

For more information, see https://www.ietf.org/rfc/rfc3161.txt

Chilkat Java Downloads Java Libs for Windows, MacOS, Linux, Alpine Linux, Solaris Java Libs for Android

import com.chilkatsoft.*;

public class ChilkatExample {

  static {
    try {
        System.loadLibrary("chilkat");
    } catch (UnsatisfiedLinkError e) {
      System.err.println("Native code library failed to load.\n" + e);
      System.exit(1);
    }
  }

  public static void main(String argv[])
  {
    // Note: Requires Chilkat v9.5.0.75 or greater.

    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // First sha-256 hash the data that is to be timestamped.
    // In this example, the data is the string "Hello World"
    boolean success;
    CkCrypt2 crypt = new CkCrypt2();
    crypt.put_HashAlgorithm("sha256");
    crypt.put_EncodingMode("base64");
    String base64Hash = crypt.hashFileENC("qa_data/hamlet.xml");

    CkHttp http = new CkHttp();

    CkBinData requestToken = new CkBinData();
    String optionalPolicyOid = "";
    boolean addNonce = false;
    boolean requestTsaCert = true;

    // Create a time-stamp request token
    success = http.CreateTimestampRequest("sha256",base64Hash,optionalPolicyOid,addNonce,requestTsaCert,requestToken);
    if (success == false) {
        System.out.println(http.lastErrorText());
        return;
        }

    // Send the time-stamp request token to the TSA.
    // This is the equivalent of the following CURL command:
    // curl -H "Content-Type: application/timestamp-query" --data-binary '@file.tsq' http://timestamp.digicert.com > file.tsr
    String tsaUrl = "http://timestamp.digicert.com";
    CkHttpResponse resp = http.PBinaryBd("POST",tsaUrl,requestToken,"application/timestamp-query",false,false);
    if (http.get_LastMethodSuccess() == false) {
        System.out.println(http.lastErrorText());
        return;
        }

    // Get the timestamp reply from the HTTP response object.
    CkBinData timestampReply = new CkBinData();
    resp.GetBodyBd(timestampReply);

    // Convert the binary timestamp reply to XML
    CkAsn asn = new CkAsn();
    success = asn.LoadBd(timestampReply);
    if (success == false) {
        System.out.println(asn.lastErrorText());
        return;
        }

    CkXml xml = new CkXml();
    success = xml.LoadXml(asn.asnToXml());

    // Extract the TSTInfo from the XML.
    // The TSTInfo is this base64 encoded ASN.1 

    // TSTInfo ::= SEQUENCE  {
    //    version                      INTEGER  { v1(1) },
    //    policy                       TSAPolicyId,
    //    messageImprint               MessageImprint,
    //      -- MUST have the same value as the similar field in
    //      -- TimeStampReq
    //    serialNumber                 INTEGER,
    //     -- Time-Stamping users MUST be ready to accommodate integers
    //     -- up to 160 bits.
    //    genTime                      GeneralizedTime,
    //    accuracy                     Accuracy                 OPTIONAL,
    //    ordering                     BOOLEAN             DEFAULT FALSE,
    //    nonce                        INTEGER                  OPTIONAL,
    //      -- MUST be present if the similar field was present
    //      -- in TimeStampReq.  In that case it MUST have the same value.
    //    tsa                          [0] GeneralName          OPTIONAL,
    //    extensions                   [1] IMPLICIT Extensions   OPTIONAL  }

    String tstInfoBase64 = xml.getChildContent("sequence[1]|contextSpecific|sequence|sequence|contextSpecific|octets");

    CkBinData bdTstInfo = new CkBinData();
    bdTstInfo.AppendEncoded(tstInfoBase64,"base64");

    CkAsn asnTstInfo = new CkAsn();
    success = asnTstInfo.LoadBd(bdTstInfo);
    if (success == false) {
        System.out.println(asnTstInfo.lastErrorText());
        return;
        }

    CkXml xmlTstInfo = new CkXml();
    success = xmlTstInfo.LoadXml(asnTstInfo.asnToXml());
    System.out.println(xmlTstInfo.getXml());

    // Here's the TSTInfo XML:

    // <?xml version="1.0" encoding="utf-8"?>
    // <sequence>
    //     <int>01</int>
    //     <oid>2.16.840.1.114412.7.1</oid>
    //     <sequence>
    //         <sequence>
    //             <oid>2.16.840.1.101.3.4.2.1</oid>
    //             <null/>
    //         </sequence>
    //         <octets>4sRRyWOzC7EOic4fQ9+Op1pa10DbgoBGjBvkq09LZmE=</octets>
    //     </sequence>
    //     <int>00AD2C86E49872597B60F87D5C54BCFFAE</int>
    //     <universal tag="24" constructed="0">MjAyMzAzMTYxMTQ5NTJa</universal>
    // </sequence>

    //    The genTime (GeneralizedTime) is contained in the final "universal" XML element and is 
    //    in base64. It is the time at which the time-stamp token has been created by
    //    the TSA. After decoding from base64, it is:
    // 
    //    The syntax is: YYYYMMDDhhmmss[.s...]Z
    //    Example: 19990609001326.34352Z

    CkStringBuilder sbGenTime = new CkStringBuilder();
    sbGenTime.DecodeAndAppend(xmlTstInfo.getChildContent("universal"),"base64","utf-8");
    System.out.println(sbGenTime.getAsString());

    // Result:
    // 20230316115718Z
  }
}