Archived
1
0
Fork 0
This repository has been archived on 2024-10-31. You can view files and clone it, but cannot push or open issues or pull requests.
dotfiles/simpleDots/bin/tsaClient.sh

68 lines
2.3 KiB
Bash
Raw Permalink Normal View History

#!/bin/bash
#########################################################################
## tsaClient.sh
#
# Clientscript for the FreeTSA Timestamping Service
# This script generates a tgz archive containing a given file and the
# timestamping information from freetsa.org including tsr, tsq, log and
# the ca certificates.
#
# devops@elfring.ms - 2019-05-29
#
#
echo "Clientscript for the FreeTSA Timestamping Service"
echo "https://www.freetsa.org"
echo
fileToStamp=$1
if [ _$# != _1 ]
then
echo "Usage: $0 [file to timestamp]"
echo
exit 1
fi
if [ ! -e $fileToStamp ]
then
echo "$fileToStamp does not exist."
echo
exit 2
fi
{
echo "Timestamping file $fileToStamp"
echo
echo "-------> Create SHA512 checksum (informational)"
echo "# sha512sum $fileToStamp"
sha512sum $fileToStamp 2>&1 | sed 's/^/ /'
echo
echo "-------> Create and display timestamp query (TSQ)"
echo "# openssl ts -query -data $fileToStamp -no_nonce -sha512 -cert -out $fileToStamp.tsq"
echo "# openssl ts -query -in $fileToStamp.tsq -text"
openssl ts -query -data $fileToStamp -no_nonce -sha512 -cert -out $fileToStamp.tsq 2>&1 | sed 's/^/ /'
openssl ts -query -in $fileToStamp.tsq -text 2>&1 | sed 's/^/ /'
echo
echo "-------> Have the TSQ signed and display the reply (TSR)"
echo "# curl --silent --header "Content-Type: application/timestamp-query" --data-binary "@$fileToStamp.tsq" https://freetsa.org/tsr --output $fileToStamp.tsr"
echo "# openssl ts -reply -in $fileToStamp.tsq -text"
curl --silent --header "Content-Type: application/timestamp-query" --data-binary "@$fileToStamp.tsq" https://freetsa.org/tsr --output $fileToStamp.tsr 2>&1 | sed 's/^/ /'
openssl ts -reply -in $fileToStamp.tsr -text 2>&1 | sed 's/^/ /'
echo
echo "-------> Verify TSR (informational)"
echo "# curl --silent --output freetsa_cacert.pem https://freetsa.org/files/cacert.pem"
echo "# openssl ts -verify -data $fileToStamp -in $fileToStamp.tsr -CAfile freetsa_cacert.pem"
curl --silent --output freetsa_cacert.pem https://freetsa.org/files/cacert.pem 2>&1 | sed 's/^/ /'
openssl ts -verify -data $fileToStamp -in $fileToStamp.tsr -CAfile freetsa_cacert.pem 2>&1 | sed 's/^/ /'
} | tee $fileToStamp.log
tar czf $fileToStamp.tsa.tgz $fileToStamp.tsq $fileToStamp.tsr $fileToStamp.log freetsa_cacert.pem $fileToStamp
rm $fileToStamp.tsq $fileToStamp.tsr $fileToStamp.log freetsa_cacert.pem
echo