The SecureTime Java API adds smart failover logic to existing BouncyCastle
libraries when accessing DigiStamp cloud based TSA nodes. DigiStamp maintains
TSA servers in several geographic locations, that combined with this toolkit
to perform a failover between locations then you achieve exceptional reliability.
There is a command line Demo program provided, otherwise, you will need
Java skills to use the SecureTime Java API. Other programming and tool
choices are here
You will need to establish an account with DigiStamp to request timestamps from the servers, free evaluation accounts are available.
Introduction
The toolkit library allows adding timestamping capability to your existing
application. The toolkit performs these functions:
- File hash generation
- Creating a timestamp request
- Communicating the timestamp request to the DigiStamp server via the Internet
(you configure the rules for automatic failover to timestamp Internet sites)
- Decoding the timestamp response
- Outputting a PKI CMS record structure that contains the timestamp
- Verifying the timestamp authenticity
Sample Programs
After you unzip the API download from out website, edit the file com.digistamp.properties to input your DigiStamp Account number and password before running
the demo programs.
The source code for the demos is included with the SecureTime API delivery.
Simple command line program
Time stamping the contents of a file and save the new time stamp to disk.
The file is hashed with SHA-512 and an Internet communication to the DigiStamp
server is performed as part of the processing.
"Right Click" in a Windows File Explorer to timestamp any file
Like the command line program above for creating a timestamp of your file.
This enables the Windows File Explorer "Send To" dialog to retrieve
a timestamp for that file. This timestamp.bat is put in "shell:sendto ".
Configuration
The included source com.digistamp.tsp.demo.CreateTimestamp.java will describe configuration options and recommendations. The file com.digistamp.properties describes additional parameters.
A Java programmer will find configuration information in these
class descriptions ConfigManager and CertHandler can be helpful.
License Terms
Delivered with the software is a file Digistamp License. Please review the license carefully. You accept this license by not deleting
your copies of the software. If you have questions about the license please
contact DigiStamp before proceeding with use of the SecureTime API.
Support Requests, Bug Reports, and Requests for Enhancements
Internet Email: support@digistamp.com. It is important to us that we receive your feedback and suggestions for
improvement.
Fail over testing and using TSATEST3
The toolkit has features to failover to another DigiStamp timestamp server
if one fails to respond. This is described in the configuration class.
To help you test fail over capabilities you can specify TSATEST3 in your
testing configuration. TSATEST3 is always in a "failed" condition.
Change History
February 2021 v4.6
DigiStamp's URL names have changed. Also include a newer version of BouncyCastle
May 18, 2023 included a newer version of BouncyCastle
October 7, 2016 v4.3.2
Configuration option added to support retrieving certificates from Jar files.
September 23, 2016 v4.3
The RSA algorithm was restored as one of the Root CA certificate choices,
it had been removed in v4.2
June 21, 2016 v4.2
Added support for new signature algorithms: Elliptic Curves NIST and Brainpool.
These will be part of an upcoming release of the DigiStamp TSA Service.
July 9, 2015 v4.1
API structure was modified based on end-user feedback. Began to utilitize
the BouncyCastle libraries for more functions like ASN encoding / decoding.
The PDF signing function was removed.
October 25, 2009 v3.2
Using iText version 2.1.7 support for time stamping reduced the custom
code that was needed..
April 14, 2009 v3.1.Beta.1
Modifications to iText were isolated into a sinlge changed class. DigiStamp
toolkit components had significant changes in class and package names.
November 14, 2008 v2.3.2.Beta.1
Add a demo program to demonstrate signing and timestamping a PDF file.
The structure of the delivery archive was changed to support additional
demo programs.
May 14, 2006 v2.1
Add a demo program to verify a timestamp using source code libraries from
BouncyCastle.
February 9, 2005 v2.1
The DigiStamp Internet servers now reports time in milliseconds and includes
an expanded certificate chain-of-authority to verify the audit process.
Added suppport for additional message digest algorithms, for example SHA-256.
The API's general class structure was not changed, but method signatures
and names were changed. We suggest looking at the demo source code that
is included to see how method names have changed.
August 1, 2003 v1.2.4
Resolved issue where class files would not load in Java Bean IDE enviroment
using VM 1.4.
June 26, 2001 v1.2.3
Resolved issue where "timeOut" configuration was being reduced
to half the time specified.
June 20, 2001 v1.2.2
Support was added for retrieving the x.509 public key certificates as part
of the resulting timestamp. Changes made to the "timestamp request"
to request the certificates and changes to "CMSTsToken" to access
the returned certificates. The example program "DemoTStlktVM13"
was enhanced to demonstrate how you could use this certificate capability.
Support for TSA Policy was added to the timestamp request and the associated
accessor on TstInfo.
April 12, 2001 v1.2
Class name changes:
DgsComm - was DgsCommTSR
DgsConfig - was PDGS_TIMESTAMP_PARA
Multi-threaded model support changes were implement using a different design.
This is based on feedback from users. The class DgsComm no longer extend
Thread. Example programs using SwingWorker utility demonstrate the new
threading model.
Configuration enhancements allow a "time out" and "hold
out" concept. Using these configurations you can set the length of
time that you process waits for a response from the timestamp server before
executing failover. Also, if a timestamp server does file to respond then
it will not be used again for a user specified durations. See DgsConfig.
JavaDoc was upgraded to v1.2 format. Significant improvements in the content.
An additional example program was added and the existing examples improved.
October 15, 2000 v.1.1
Included an example for verifying the authenticity of a timestamp locally
(no Internet call to DigiStamp). This requires the use of Java 2 SDK version
1.3 or an external provider of the RSA algorithm.
Upgraded to Draft 10 of the IETF Timestamp Protocol. This resulted in changes
to ‘clock accuracy’ accessors in class TstInfo. Timestamps
created by previous version of the toolkit are still supported.
The class TsToken was removed to reduce the number of indirections. The
class CMSTsToken was enhanced to contain the methods from the removed TsToken
class.
September 5, 2000 v.1.1 Beta
Documentation upgrade
Resolve issue using ‘round robin’ did not fail over to second
server
March 20, 2000 v.1.0 Beta