Stack Overflow
Stack Overflow

Questions tagged [rfc3161]

RFC issued by the IETF in 2001 is about the "Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)"

IETF RFC 3161 defines file formats and operational protocols for requesting and delivering assertions of proofs that a datum existed before a particular date.

Abstract from RFC file:

This document describes the format of a request sent to a Time Stamping Authority (TSA) and of the response that is returned. It also establishes several security-relevant requirements for TSA operation, with regards to processing requests to generate responses.

34 questions
1
vote
1 answer

How to verify a RFC3161 timestamp token that uses RSASSA-PSS

My timestamp provider recently changed from using rsaEncryption to sign the timestamp token to rsassaPss (see the diff of the asn1parse here). Before the change I used the following command in OpenSSL (v1.1.1a) to verify the timestamp token: $…
Victor
  • 23,172
  • 30
  • 86
  • 125
1
vote
1 answer

openSSL verify RFC 3161 TimeStampResp signed with self-signed certificate

I generated a RFC 3161 TimeStampResp out of a RFC 3161 TimeStampReq using openSSL. Therefore I used a self signed CA cert and a TSA cert issued by the self-signed CA using this command: openssl ts -reply -queryfile request.tsq -signer TSAcert.pem…
Roflex
  • 55
  • 8
1
vote
1 answer

How to extract certificates from a time-stamp response in Bouncy Castle

Using Bouncy Castle and C#, I am requesting a timestamp token with the certificates included (timestampRequestGenerator.SetCertReq(true)) and I get a response significantly bigger than when setting SetCertReq to false, so I assume that the response…
Victor
  • 23,172
  • 30
  • 86
  • 125
1
vote
1 answer

PHP and timestamp protocol

In PHP i must sign a document with the Timestamp Protocol via HTTP (RFC 3161) using ARUBA as CA. The Aruba's documentation says: To time-stamp a datum you must call the url https://servizi.arubapec.it/tsa/ngrequest.php with a POST method. In…
Tom
  • 4,007
  • 24
  • 69
  • 105
1
vote
1 answer

How to get TimeStamping Token and apply it to PDF file?

I'm trying to get a Time Stamping token from a server, and apply this token to a PDF file that will be signed later. I'm asking if someone has already works with a similar concept using java I have some information about the TimeStamping Authority…
Angelika
  • 23
  • 1
  • 11
1
vote
1 answer

Saving rfc5544 structure to file

I successfully obtained a Timestamp from a tsa server (RFC 3161) and i've created the following Object using bouncyCastle: TimeStampedData timeStampedData = new TimeStampedData(uri, null, asn1OctetString, evid); How can i save this structure to a…
ilcaste
  • 45
  • 1
  • 6
0
votes
1 answer

Jmeter generate HTTP TimeStampRequest RFC3161

I would like to use Jmeter to generate HTTP TimeStampRequests "application/timestamp-query" as presented in the standard RFC3161. Currently I'm using Java program to do it but I would like to improve it by using Jmeter functionalities. Is it…
tiamat
  • 879
  • 2
  • 12
  • 35
0
votes
1 answer

OpenSSL: how to extract certificates and token status from RFC3161 timestamping reply?

using openssl ts (https://www.openssl.org/docs/man1.1.0/man1/openssl-ts.html) I can create TS queries, replies, extract tokens from replies and verify tokens (if I have the signing certificate in DER format) of the RFC3161 format as specified here:…
matthias_buehlmann
  • 4,641
  • 6
  • 34
  • 76
0
votes
1 answer

Can you add a timestamped no-tamper-proof to a PDF without "signing" it?

When signing a PDF using digital signature, one can use a trusted timestamping service to add a time-stamp token that is signed by the timestamping authority. When viewing the signature of the PDF then, it will say that it contains a signed…
matthias_buehlmann
  • 4,641
  • 6
  • 34
  • 76
0
votes
0 answers

XAdES equivalent of PAdES timestamp

Is there an equivalent in XAdES for the PAdES timestamp where the PDF gets "signed" by the TSA? I don't mean XAdES-T where, if I understand correctly, a timestamp is added to an existing signature, I'm looking for something like this (A.2 page 15):…
Sesto
  • 1
  • 2
0
votes
0 answers

Implementation of RFC3161 in Groovy script

I need to get timestamp from a TSA in a Groovy script, in a SoapUI project. I try to use following script to get timestamp. import org.bouncycastle.asn1.* import org.bouncycastle.asn1.cmp.* import org.bouncycastle.operator.* import…
plaidshirt
  • 5,189
  • 19
  • 91
  • 181
0
votes
1 answer

How to use an OnlineTSPSource with esig/dss Library?

I'm attempting to use an online timestamp authority (rfc3161) with the Digital Signature Service Java library. However, the following snippet (from their test cases, and similar to the one from their Cookbook): String tspServer =…
hawaii
  • 328
  • 4
  • 12
0
votes
0 answers

Adobe - Signature is timestamped but the timestamp could not be verified

I'm fighting with creating signature with timestamp on my pdf file. After many attempts we succeeded and signed PDF file. Adobe verified this file but there is one mistake with timestamp. There is information about: Signature is timestamped but the…
Algeroth
  • 785
  • 3
  • 12
  • 29
0
votes
0 answers

External pdf Signature with itext 5.5.10

I tried to sign a document with itext 5.5.10.I first signed my file with an empty signature and then created a SHA1 hash from the file containing the empty signature. I invoke the web service of my TSA to get the signedData. First part…
kava
  • 3
  • 4
0
votes
0 answers

Sigining PDF use Token RFC 3161 with itext

How to signed PDF with token RFC3161 use itext and BouncyCastle ? Thanks in advance!! String token = "my jeton "; ASN1InputStream in = new ASN1InputStream(Base64.getDecoder().decode(token)); ASN1Sequence seq =…
kava
  • 3
  • 4
1
2
3