SecureTime API Toolkit
Toolkit Home  


The DgsTimeStampVerify function is given a PKCS 7 record the was created using DgsTimeStampRequestThis function verfies the digital signature and optionally recalculates the hash of the data object and compares with the time stamp hash.  Requires MicroSoft CryptoAPI.

BOOL DgsTimeStampVerify(
  LPSTR contentType,                  // in
  BYTE *content,                      // in
  DWORD cContent,                     // in
  DWORD dwIndex,                      // in
  BYTE *pbTimeStampBlob,              // in
  DWORD *pcbTimeStampBlob,             // in
  HCERTSTORE hCertStore,              // in
  LPSTR time                          // out


OID of the content type. Determines what data was originally time stamped.   Four options:
1.  Content type of signature time stamp token 1.2.840.113549. specifies that content is a PKCS 7 signed message and  pbTimeStampBlob is a PKCS 7 encoded time stamp token (as returned from function DgsTimeStampRequest).   When using this option the dwIndex is set to indicate which signature in content that is associated with the pbTimeStampBlob.
2.  Content type DATA specifies that content is the data that was hashed to create the time stamp token.   pbTimeStampBlob is a PKCS 7 encoded time stamp token (as return from function DgsTimeStampRequest).  The content type can be specified as "NO DIGEST" to indicate that the content is the result of the pre-executing the message digest function.  When using this option the dwIndex has no effect.
3.  Content type is a PKCS 7 signed message 1.2.840.11359.1.7.2.  The time stamp token is contained within the signed message as an Unsigned Attribute of SignerInfo.  When using this option dwIndex is set to indicate which signature in content is to be verified.   When using this option the pbTimeStampBlob is NULL and has no effect. (Current release does not suppor this option)
4.  Content type is NULL means only the time stamp is to be verified.   If NULL then the processing to compare the document hash to the hash inside the time stamp is not performed.
The contents that was  time stamped.  This parmeter is ignored if contentType is NULL.
The size of the buffer that contains content
Index to the SignerInfo signature that was time stamped.     Current release supports only 0, the first signature in the set.
The encoded time stamp token is a PKCS 7 message.
Pointer to a DWORD specifying the size, in bytes, of the pbTimeStampBlob buffer.
The certificate store used to retrieve the DigiStamp public keys that were used in the time stamp process.
The time (GMT) that was included in the time stamp.  Returned a separate data item for convenience.  If not NULL then the memory size provided must be 20 and will be returned with a null terminator.

Return Values

If the function succeeds, the return value is nonzero (TRUE).

If the function fails, the return value is zero (FALSE).

This function calls toolkit function  DgsTsGetParam.  Error messages from these functions can also be returned.

Error code Description
DGS_CONTENT_TYPE Unsupported content type.
DGS_ESSCERTID The ESSCertID was not available
DGS_MSG_TYPE The pbTimeStampBlob can not have multiple signatures
DGS_SIG_HASH Hash of the signature could not be calculated.
DGS_HASH_NOT_EQUAL The hash of the data object is not equal to hash in time stamp
DGS_PUBLIC_NA The public key was not in the key store.

  28 January, 2005



  Feedback      Related Links   Contact Us   Mailing List    Privacy Statement
Copyright 2000-2005 DigiStamp, Inc.
All Rights Reserved
SecureTime, IPVault, IPProtector, and e-TimeStamp  are service marks of the DigiStamp, Inc.