PKI-Lite - v1.0.5
    Preparing search index...

    Class TimeStampReq

    Time-Stamp Request structure for RFC 3161 Time-Stamp Protocol.

    A TimeStampReq is sent to a Time Stamping Authority (TSA) to request a timestamp for data. The request contains a hash of the data to be timestamped (MessageImprint) along with optional parameters like policy requirements and nonce for replay protection.

    TimeStampReq ::= SEQUENCE { version INTEGER { v1(1) }, messageImprint MessageImprint, reqPolicy TSAPolicyId OPTIONAL, nonce TSANonce OPTIONAL, certReq BOOLEAN DEFAULT FALSE, extensions [0] IMPLICIT Extensions OPTIONAL }

    TSAPolicyId ::= OBJECT IDENTIFIER TSANonce ::= INTEGER

    // Create a timestamp request for some data
    const data = new TextEncoder().encode("Important document")
    const algorithm = AlgorithmIdentifier.digestAlgorithm('SHA-256')

    const messageImprint = new MessageImprint({
        hashAlgorithm: algorithm,
        hashedMessage: new Uint8Array(await algorithm.digest(data))
    })

    const tsReq = new TimeStampReq({
        version: 1,
        messageImprint: messageImprint,
        reqPolicy: "1.3.6.1.4.1.123.456.1", // TSA policy OID
        nonce: crypto.getRandomValues(new Uint8Array(16)),
        certReq: true // Request TSA certificate in response
    })

    // Send to TSA
    const tsResp = await tsReq.request({
        url: 'http://timestamp.example.com/tsa',
        timeout: 30000
    })

    RFC 3161 Section 2.4.1 - TSAReq Structure

    Hierarchy (View Summary)

    Index

    Constructors

    constructor

    Properties

    certReq extensions? messageImprint nonce? reqPolicy? version

    Accessors

    pemHeader pkiType

    Methods

    equals parseAs request toAsn1 toDer toHumanString toJSON toPem toString create fromAsn1 fromDer fromMessageImprint

    Constructors

    • Creates a new TimeStampReq instance.

      Parameters

      • options: {
            certReq?: boolean;
            extensions?: Extension[];
            messageImprint: MessageImprint;
            nonce?: Uint8Array<ArrayBufferLike>;
            reqPolicy?: ObjectIdentifierString;
            version?: number;
        }

        Configuration object for the timestamp request

        • OptionalcertReq?: boolean

          Whether to request the TSA certificate

        • Optionalextensions?: Extension[]

          Optional request extensions

        • messageImprint: MessageImprint

          Hash imprint of the data to timestamp

        • Optionalnonce?: Uint8Array<ArrayBufferLike>

          Optional nonce for replay protection

        • OptionalreqPolicy?: ObjectIdentifierString

          Optional TSA policy OID

        • Optionalversion?: number

          Protocol version, defaults to 1

      Returns TimeStampReq

      const request = new TimeStampReq({
          messageImprint: messageImprint,
          reqPolicy: "1.3.6.1.4.1.123.456.1",
          nonce: crypto.getRandomValues(new Uint8Array(8)),
          certReq: true
      })

    Properties

    certReq: boolean = false

    Whether to include the TSA certificate in the response

    extensions?: Extension[]

    Optional extensions for additional functionality

    messageImprint: MessageImprint

    Hash of the data to be timestamped

    nonce?: Uint8Array<ArrayBufferLike>

    Optional nonce for replay protection, should be unique per request

    reqPolicy?: ObjectIdentifier

    Optional TSA policy identifier specifying how the timestamp should be created

    version: number

    Version of the TSA request format, currently always 1

    Accessors

    • get pemHeader(): string

      Gets the PEM header name for this object type. Converts the class name to uppercase for use in PEM encoding.

      Returns string

    • get pkiType(): string

      Gets the PKI type name for this object (typically the class name). Used for PEM headers and debugging output.

      Returns string

    Methods

    • Compares this PKI object with another for equality. Two objects are considered equal if their DER encodings are identical.

      Parameters

      • other: PkiBase<any>

        The other PKI object to compare with

      Returns boolean

      true if the objects are equal, false otherwise

    • Sends the timestamp request to a Time Stamping Authority (TSA).

      This method handles the HTTP protocol for communicating with RFC 3161 compliant TSA servers. It sends the request as application/timestamp-query and expects an application/timestamp-reply response.

      Parameters

      • options: {
            otherRequestOptions?: RequestInit;
            password?: string;
            timeout?: number;
            url: string;
            username?: string;
        }

        Request configuration

        • OptionalotherRequestOptions?: RequestInit

          Additional fetch options

        • Optionalpassword?: string

          Optional basic auth password

        • Optionaltimeout?: number

          Optional request timeout in milliseconds

        • url: string

          TSA server URL

        • Optionalusername?: string

          Optional basic auth username

      Returns Promise<TimeStampResp>

      Promise resolving to the timestamp response

      Error if the HTTP request fails or TSA returns an error

      // Simple request to public TSA
      const response = await tsReq.request({
          url: 'http://timestamp.digicert.com'
      })

      // Authenticated request with timeout
      const response = await tsReq.request({
          url: 'https://tsa.example.com/tsa',
          username: 'user',
          password: 'pass',
          timeout: 30000
      })

      if (response.status.status === 0) { // Granted
          console.log('Timestamp obtained:', response.timeStampToken)
      } else {
          console.error('Timestamp request failed:', response.status.failInfo)
      }

    • Converts the TimeStampReq to its ASN.1 representation.

      Creates a SEQUENCE containing all the request fields in the proper order according to RFC 3161 specification.

      Returns Asn1BaseBlock

      ASN.1 structure representing the timestamp request

      const asn1 = tsReq.toAsn1()
      const der = asn1.toBER(false) // Convert to DER for transmission

    • Returns a human-readable string representation of this object. By default, returns the same as toString(), but subclasses can override for more user-friendly output.

      Returns string

      A human-readable string representation

    • Creates a TimeStampReq with the specified options.

      Alternative constructor method that provides more explicit parameter naming.

      Parameters

      • options: {
            certReq?: boolean;
            extensions?: Extension[];
            messageImprint: MessageImprint;
            nonce?: Uint8Array<ArrayBufferLike>;
            reqPolicy?: ObjectIdentifierString;
            version?: number;
        }

        Request configuration

      Returns TimeStampReq

      A new TimeStampReq instance

      const request = TimeStampReq.create({
          messageImprint: messageImprint,
          reqPolicy: "1.3.6.1.4.1.123.456.1",
          nonce: crypto.getRandomValues(new Uint8Array(16)),
          certReq: true
      })

    • Creates a TimeStampReq from an ASN.1 structure.

      Parses the ASN.1 SEQUENCE and extracts all optional and required fields according to RFC 3161 specification.

      Parameters

      Returns TimeStampReq

      The parsed TimeStampReq object

      Asn1ParseError if the ASN.1 structure is invalid

      const asn1 = derToAsn1(requestBytes)
      const request = TimeStampReq.fromAsn1(asn1)

      console.log(request.version) // Should be 1
      console.log(request.messageImprint.hashAlgorithm)
      console.log(request.certReq) // Certificate requested

    Settings

    Member Visibility

    On This Page

    Constructors
    Properties
    Accessors
    Methods