Skip navigation links

SecureTime Java API

The SecureTime Java API adds smart fail-over logic to existing BouncyCastle libraries for accessing DigiStamp cloud based TSA nodes.

See: Description

Package Description

The SecureTime Java API adds smart failover logic to existing BouncyCastle libraries when accessing DigiStamp cloud based TSA nodes. DigiStamp maintains TSA servers in several geographic locations, that combined with this toolkit to perform a failover between locations then you achieve exceptional reliability.

There is a command line Demo program provided, otherwise, you will need Java skills to use the SecureTime Java API. Other programming and tool choices are here

You will need to establish an account with DigiStamp to request timestamps from the servers, free evaluation accounts are available.


The toolkit library allows adding timestamping capability to your existing application. The toolkit performs these functions:

  1. File hash generation
  2. Creating a timestamp request
  3. Communicating the timestamp request to the DigiStamp server via the Internet (you configure the rules for automatic failover to timestamp Internet sites)
  4. Decoding the timestamp response
  5. Outputting a PKI CMS record structure that contains the timestamp
  6. Verifying the timestamp authenticity

Sample Programs

After you unzip the API download from out website, edit the file to input your DigiStamp Account number and password before running the demo programs.

The source code for the demos is included with the SecureTime API delivery.

Simple command line program

Time stamping the contents of a file and save the new time stamp to disk. The file is hashed with SHA-512 and an Internet communication to the DigiStamp server is performed as part of the processing.

"Right Click" in a Windows File Explorer to timestamp any file

Like the command line program above for creating a timestamp of your file. This enables the Windows File Explorer "Send To" dialog to retrieve a timestamp for that file. This timestamp.bat is put in "shell:sendto ".


The included source will describe configuration options and recommendations. The file describes additional parameters.

A Java programmer will find configuration information in these class descriptions ConfigManager and CertHandler can be helpful.

License Terms

Delivered with the software is a file Digistamp License. Please review the license carefully. You accept this license by not deleting your copies of the software. If you have questions about the license please contact DigiStamp before proceeding with use of the SecureTime API.

Support Requests, Bug Reports, and Requests for Enhancements

Internet Email: It is important to us that we receive your feedback and suggestions for improvement.

Fail over testing and using TSATEST3

The toolkit has features to failover to another DigiStamp timestamp server if one fails to respond. This is described in the configuration class. To help you test fail over capabilities you can specify TSATEST3 in your testing configuration. TSATEST3 is always in a "failed" condition.

Change History

February 2021 v4.6

DigiStamp's URL names have changed. Also include a newer version of BouncyCastle
May 18, 2023 included a newer version of BouncyCastle

October 7, 2016 v4.3.2

Configuration option added to support retrieving certificates from Jar files.

September 23, 2016 v4.3

The RSA algorithm was restored as one of the Root CA certificate choices, it had been removed in v4.2

June 21, 2016 v4.2

Added support for new signature algorithms: Elliptic Curves NIST and Brainpool. These will be part of an upcoming release of the DigiStamp TSA Service.

July 9, 2015 v4.1

API structure was modified based on end-user feedback. Began to utilitize the BouncyCastle libraries for more functions like ASN encoding / decoding. The PDF signing function was removed.

October 25, 2009 v3.2

Using iText version 2.1.7 support for time stamping reduced the custom code that was needed..

April 14, 2009 v3.1.Beta.1

Modifications to iText were isolated into a sinlge changed class. DigiStamp toolkit components had significant changes in class and package names.

November 14, 2008 v2.3.2.Beta.1

Add a demo program to demonstrate signing and timestamping a PDF file. The structure of the delivery archive was changed to support additional demo programs.

May 14, 2006 v2.1

Add a demo program to verify a timestamp using source code libraries from BouncyCastle.

February 9, 2005 v2.1

The DigiStamp Internet servers now reports time in milliseconds and includes an expanded certificate chain-of-authority to verify the audit process. Added suppport for additional message digest algorithms, for example SHA-256. The API's general class structure was not changed, but method signatures and names were changed. We suggest looking at the demo source code that is included to see how method names have changed.

August 1, 2003 v1.2.4

Resolved issue where class files would not load in Java Bean IDE enviroment using VM 1.4.

June 26, 2001 v1.2.3

Resolved issue where "timeOut" configuration was being reduced to half the time specified.

June 20, 2001 v1.2.2

Support was added for retrieving the x.509 public key certificates as part of the resulting timestamp. Changes made to the "timestamp request" to request the certificates and changes to "CMSTsToken" to access the returned certificates. The example program "DemoTStlktVM13" was enhanced to demonstrate how you could use this certificate capability.

Support for TSA Policy was added to the timestamp request and the associated accessor on TstInfo.

April 12, 2001 v1.2

Class name changes:
DgsComm - was DgsCommTSR

Multi-threaded model support changes were implement using a different design. This is based on feedback from users. The class DgsComm no longer extend Thread. Example programs using SwingWorker utility demonstrate the new threading model.

Configuration enhancements allow a "time out" and "hold out" concept. Using these configurations you can set the length of time that you process waits for a response from the timestamp server before executing failover. Also, if a timestamp server does file to respond then it will not be used again for a user specified durations. See DgsConfig.

JavaDoc was upgraded to v1.2 format. Significant improvements in the content.

An additional example program was added and the existing examples improved.

October 15, 2000 v.1.1

Included an example for verifying the authenticity of a timestamp locally (no Internet call to DigiStamp). This requires the use of Java 2 SDK version 1.3 or an external provider of the RSA algorithm.

Upgraded to Draft 10 of the IETF Timestamp Protocol. This resulted in changes to ‘clock accuracy’ accessors in class TstInfo. Timestamps created by previous version of the toolkit are still supported.

The class TsToken was removed to reduce the number of indirections. The class CMSTsToken was enhanced to contain the methods from the removed TsToken class.

September 5, 2000 v.1.1 Beta

Documentation upgrade
Resolve issue using ‘round robin’ did not fail over to second server

March 20, 2000 v.1.0 Beta
Skip navigation links
Copyright © 2000-2023 DigiStamp    Visit our Web Site