(Delphi ActiveX) Extract TSTInfo from RFC3161 Timestamp Reply

See more HTTP Examples

Sends an RFC 3161 timestamp request to a TSA (Timestamp Authority) server and converts the timestamp reply to XML, and then extracts the TSTInfo from the XML and converts it to XML.

For more information, see https://www.ietf.org/rfc/rfc3161.txt

Chilkat for Delphi Downloads Chilkat ActiveX DLL for Delphi Chilkat non-ActiveX DLL for Delphi * The examples here use the ActiveX DLL.

uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Integer;
crypt: TChilkatCrypt2;
base64Hash: WideString;
http: TChilkatHttp;
requestToken: TChilkatBinData;
optionalPolicyOid: WideString;
addNonce: Integer;
requestTsaCert: Integer;
tsaUrl: WideString;
resp: IChilkatHttpResponse;
timestampReply: TChilkatBinData;
asn: TChilkatAsn;
xml: TChilkatXml;
tstInfoBase64: WideString;
bdTstInfo: TChilkatBinData;
asnTstInfo: TChilkatAsn;
xmlTstInfo: TChilkatXml;
sbGenTime: TChilkatStringBuilder;

begin
// Note: Requires Chilkat v9.5.0.75 or greater.

// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// First sha-256 hash the data that is to be timestamped.
// In this example, the data is the string "Hello World"

crypt := TChilkatCrypt2.Create(Self);
crypt.HashAlgorithm := 'sha256';
crypt.EncodingMode := 'base64';
base64Hash := crypt.HashFileENC('qa_data/hamlet.xml');

http := TChilkatHttp.Create(Self);

requestToken := TChilkatBinData.Create(Self);
optionalPolicyOid := '';
addNonce := 0;
requestTsaCert := 1;

// Create a time-stamp request token
success := http.CreateTimestampRequest('sha256',base64Hash,optionalPolicyOid,addNonce,requestTsaCert,requestToken.ControlInterface);
if (success = 0) then
  begin
    Memo1.Lines.Add(http.LastErrorText);
    Exit;
  end;

// Send the time-stamp request token to the TSA.
// This is the equivalent of the following CURL command:
// curl -H "Content-Type: application/timestamp-query" --data-binary '@file.tsq' http://timestamp.digicert.com > file.tsr
tsaUrl := 'http://timestamp.digicert.com';
resp := http.PBinaryBd('POST',tsaUrl,requestToken.ControlInterface,'application/timestamp-query',0,0);
if (http.LastMethodSuccess = 0) then
  begin
    Memo1.Lines.Add(http.LastErrorText);
    Exit;
  end;

// Get the timestamp reply from the HTTP response object.
timestampReply := TChilkatBinData.Create(Self);
resp.GetBodyBd(timestampReply.ControlInterface);

// Convert the binary timestamp reply to XML
asn := TChilkatAsn.Create(Self);
success := asn.LoadBd(timestampReply.ControlInterface);
if (success = 0) then
  begin
    Memo1.Lines.Add(asn.LastErrorText);
    Exit;
  end;

xml := TChilkatXml.Create(Self);
success := xml.LoadXml(asn.AsnToXml());

// Extract the TSTInfo from the XML.
// The TSTInfo is this base64 encoded ASN.1 

// TSTInfo ::= SEQUENCE  {
//    version                      INTEGER  { v1(1) },
//    policy                       TSAPolicyId,
//    messageImprint               MessageImprint,
//      -- MUST have the same value as the similar field in
//      -- TimeStampReq
//    serialNumber                 INTEGER,
//     -- Time-Stamping users MUST be ready to accommodate integers
//     -- up to 160 bits.
//    genTime                      GeneralizedTime,
//    accuracy                     Accuracy                 OPTIONAL,
//    ordering                     BOOLEAN             DEFAULT FALSE,
//    nonce                        INTEGER                  OPTIONAL,
//      -- MUST be present if the similar field was present
//      -- in TimeStampReq.  In that case it MUST have the same value.
//    tsa                          [0] GeneralName          OPTIONAL,
//    extensions                   [1] IMPLICIT Extensions   OPTIONAL  }

tstInfoBase64 := xml.GetChildContent('sequence[1]|contextSpecific|sequence|sequence|contextSpecific|octets');

bdTstInfo := TChilkatBinData.Create(Self);
bdTstInfo.AppendEncoded(tstInfoBase64,'base64');

asnTstInfo := TChilkatAsn.Create(Self);
success := asnTstInfo.LoadBd(bdTstInfo.ControlInterface);
if (success = 0) then
  begin
    Memo1.Lines.Add(asnTstInfo.LastErrorText);
    Exit;
  end;

xmlTstInfo := TChilkatXml.Create(Self);
success := xmlTstInfo.LoadXml(asnTstInfo.AsnToXml());
Memo1.Lines.Add(xmlTstInfo.GetXml());

// Here's the TSTInfo XML:

// <?xml version="1.0" encoding="utf-8"?>
// <sequence>
//     <int>01</int>
//     <oid>2.16.840.1.114412.7.1</oid>
//     <sequence>
//         <sequence>
//             <oid>2.16.840.1.101.3.4.2.1</oid>
//             <null/>
//         </sequence>
//         <octets>4sRRyWOzC7EOic4fQ9+Op1pa10DbgoBGjBvkq09LZmE=</octets>
//     </sequence>
//     <int>00AD2C86E49872597B60F87D5C54BCFFAE</int>
//     <universal tag="24" constructed="0">MjAyMzAzMTYxMTQ5NTJa</universal>
// </sequence>

//    The genTime (GeneralizedTime) is contained in the final "universal" XML element and is 
//    in base64. It is the time at which the time-stamp token has been created by
//    the TSA. After decoding from base64, it is:
// 
//    The syntax is: YYYYMMDDhhmmss[.s...]Z
//    Example: 19990609001326.34352Z

sbGenTime := TChilkatStringBuilder.Create(Self);
sbGenTime.DecodeAndAppend(xmlTstInfo.GetChildContent('universal'),'base64','utf-8');
Memo1.Lines.Add(sbGenTime.GetAsString());

// Result:
// 20230316115718Z
end;