Java implementations of TSP, OCSP and CMS

Question

I'm trying to understand java APIs for digital signatures. I should use custom cryptoprovider to compose digital signature. I know how to sign document and get detached signature using this CSP, now I need to add timestamp and certificate status to this signature(to make signature valid for government authorities). These thing are done using TSP and OCSP. The question:

1. where should get TSP client?
2. am I right that it is sufficient to use built in java OCSP support for verifing certificate?
3. does tsp and verification info somehow connected with CMS?
4. the last and the most interesting: what should I do with timestamp info and cert verification info: would it be detached files or they are parts of signature??

Answer 1

where should get TSP client?

To use CMS, TSP and OCSP you might want to check out Bouncy Castle. They have support for all of those in the main package as well as the supplementary CMS and TSP packages.

am I right that it is sufficient to use built in java OCSP support for verifing certificate?

Although the standard PKIX certificate validation mechanism supports OCSP it might make sense to integrate e.g. the Bouncy Castle OCSP code in the form of a custom PKIXCertPathChecker. You can either add it on top of the existing validation or make it a full-fledged replacement, instructions can be found here. We had problems using the built-in OCSP support when connecting through a proxy, so we replaced the default using this technique in the past.

does tsp and verification info somehow connected with CMS?

The timestamp response that the TSP server sends you is nothing more than another CMS SignedData, so in itself again a kind of signature. What you typically do in order to avoid myriads of separate files is using the unsigned properties feature of CMS to include your timestamp within the original signature itself. You simply add the timestamp as an unsigned signature property in the usignedAttrs field of SignerInfo, therefore minimizing the separate files to exactly one, the signature itself which embeds all additional information within the signedAttrs and unsignedAttrs fields.

the last and the most interesting: what should I do with timestamp info and cert verification info: would it be detached files or they are parts of signature??

Timestamps I have already described; the validation info such as CRLs and OCSP responses can be embedded within the "crls" field of SignedData. You can add these whenever you want without breaking the actual signature - these contents as well as the unsigned properties will not be taken into account for either generating or verifying the signature.

If you embed the information using just the CMS (RFC 5652) means you will end up with a fairly proprietary scheme. Depending on your needs, this might already be good enough. If you should need something more interoperable, however, you might want to look into CAdES (ETSI TS 101 733), a free ETSI standard that can be downloaded at http://pda.etsi.org. That standard provides more information on how to properly embed additional signature data such as timestamps and revocation information.

Answer 2

I would recommend using BouncyCastle (http://www.bouncycastle.org/java.html) if you are looking into Java Cryptography related for a provider.

Quoting from it's website:

• Generators/Processors for OCSP (RFC 2560).
• Generators/Processors for TSP (RFC 3161 & RFC 5544).