4

Using tcpdf library I'm able to add a signature to pdf but timestamp (RFC3161) is not yet implemented in this library (applyTSA) and I need this feature.

According to ISO 32000-1:2008:

Time stamp information as an unsigned attribute (PDF 1.6): The timestamp token shall conform to RFC3161 and shall be computed and embedded into the PKCS#7 object as described in Appendix A of RFC3161. The specific treatment of timestamps and their processing is left to the particular signature handlers to define.

From RFC3161 APPENDIX A

The following object identifier identifies the Signature Time-stamp attribute:

id-aa-timeStampToken OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) aa(2) 14 }

The Signature time-stamp attribute value has ASN.1 type SignatureTimeStampToken:

SignatureTimeStampToken ::= TimeStampToken

The value of messageImprint field within TimeStampToken shall be a hash of the value of signature field within SignerInfo for the signedData being time-stamped.

It is very easy to generate the timestamp using openssl but it is not clear to me how to embed it into PKCS#7 object. My questions are:

  1. How can I add timestamp to my signature?
  2. Or, there is any open source library (php or else) with this feature?

An example will be appreciated

Community
  • 1
  • 1
h2odev
  • 634
  • 9
  • 21
  • I saw your comment on my other answer, but unfortunately, I don't kniw of anything that adds this functionality at this time. In fact, it looks like there are a couple of different requests for this on the tcpdf codebase, so possibly this will be an easy thing in the near future. – Reid Johnson Feb 16 '18 at 21:41
  • Did you ever solve this? – Mark Carpenter Jr Jan 22 '19 at 15:45
  • Yes, I have solved this using https://github.com/hablutzel1/phpcmstimestamper :) – h2odev Jan 22 '19 at 19:14
  • You also will need https://github.com/Visceral-Project/annotationTicketingFramework/tree/master/frontend/visceral/tickets/phpseclib/File – h2odev Jan 22 '19 at 19:19
  • And https://github.com/Visceral-Project/annotationTicketingFramework/tree/master/frontend/visceral/tickets/phpseclib/Math :D That's all you need :P – h2odev Jan 22 '19 at 19:20
  • @ReidJohnson I hope this will help you – h2odev Jan 22 '19 at 19:24
  • @MarkCarpenterJr I hoe this wil help you to :) – h2odev Jan 22 '19 at 19:24
  • $signature = CmsTimestamper::addTimestampToCms( $signature, "http://example.timestamp.server" ); – h2odev Jan 22 '19 at 19:25

0 Answers0