68 lines
2.3 KiB
Bash
68 lines
2.3 KiB
Bash
|
#!/bin/bash
|
||
|
#########################################################################
|
||
|
## tsaClient.sh
|
||
|
#
|
||
|
# Clientscript for the FreeTSA Timestamping Service
|
||
|
# This script generates a tgz archive containing a given file and the
|
||
|
# timestamping information from freetsa.org including tsr, tsq, log and
|
||
|
# the ca certificates.
|
||
|
#
|
||
|
# devops@elfring.ms - 2019-05-29
|
||
|
#
|
||
|
#
|
||
|
|
||
|
echo "Clientscript for the FreeTSA Timestamping Service"
|
||
|
echo "https://www.freetsa.org"
|
||
|
echo
|
||
|
|
||
|
fileToStamp=$1
|
||
|
|
||
|
if [ _$# != _1 ]
|
||
|
then
|
||
|
echo "Usage: $0 [file to timestamp]"
|
||
|
echo
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
if [ ! -e $fileToStamp ]
|
||
|
then
|
||
|
echo "$fileToStamp does not exist."
|
||
|
echo
|
||
|
exit 2
|
||
|
fi
|
||
|
|
||
|
{
|
||
|
echo "Timestamping file $fileToStamp"
|
||
|
echo
|
||
|
|
||
|
echo "-------> Create SHA512 checksum (informational)"
|
||
|
echo "# sha512sum $fileToStamp"
|
||
|
sha512sum $fileToStamp 2>&1 | sed 's/^/ /'
|
||
|
echo
|
||
|
|
||
|
echo "-------> Create and display timestamp query (TSQ)"
|
||
|
echo "# openssl ts -query -data $fileToStamp -no_nonce -sha512 -cert -out $fileToStamp.tsq"
|
||
|
echo "# openssl ts -query -in $fileToStamp.tsq -text"
|
||
|
openssl ts -query -data $fileToStamp -no_nonce -sha512 -cert -out $fileToStamp.tsq 2>&1 | sed 's/^/ /'
|
||
|
openssl ts -query -in $fileToStamp.tsq -text 2>&1 | sed 's/^/ /'
|
||
|
echo
|
||
|
|
||
|
echo "-------> Have the TSQ signed and display the reply (TSR)"
|
||
|
echo "# curl --silent --header "Content-Type: application/timestamp-query" --data-binary "@$fileToStamp.tsq" https://freetsa.org/tsr --output $fileToStamp.tsr"
|
||
|
echo "# openssl ts -reply -in $fileToStamp.tsq -text"
|
||
|
curl --silent --header "Content-Type: application/timestamp-query" --data-binary "@$fileToStamp.tsq" https://freetsa.org/tsr --output $fileToStamp.tsr 2>&1 | sed 's/^/ /'
|
||
|
openssl ts -reply -in $fileToStamp.tsr -text 2>&1 | sed 's/^/ /'
|
||
|
echo
|
||
|
|
||
|
echo "-------> Verify TSR (informational)"
|
||
|
echo "# curl --silent --output freetsa_cacert.pem https://freetsa.org/files/cacert.pem"
|
||
|
echo "# openssl ts -verify -data $fileToStamp -in $fileToStamp.tsr -CAfile freetsa_cacert.pem"
|
||
|
curl --silent --output freetsa_cacert.pem https://freetsa.org/files/cacert.pem 2>&1 | sed 's/^/ /'
|
||
|
openssl ts -verify -data $fileToStamp -in $fileToStamp.tsr -CAfile freetsa_cacert.pem 2>&1 | sed 's/^/ /'
|
||
|
|
||
|
} | tee $fileToStamp.log
|
||
|
|
||
|
tar czf $fileToStamp.tsa.tgz $fileToStamp.tsq $fileToStamp.tsr $fileToStamp.log freetsa_cacert.pem $fileToStamp
|
||
|
rm $fileToStamp.tsq $fileToStamp.tsr $fileToStamp.log freetsa_cacert.pem
|
||
|
echo
|