timestamping-server-with-digicert-freetsa

Based upon https://knowledge.digicert.com/generalinformation/INFO4231.html

Let's generate the proof that file.txt was signed at a precised timestamp by DIGICERT

generate a file.digicert.tsq file : a query, containing a SH512 of file to be sent to DIGICERT about the file.txt

openssl ts -query -data file.txt -no_nonce -sha512 -cert -out file.digicert.tsq

send this request to DIGICERT and retrieve the signed response

curl -H "Content-Type: application/timestamp-query" --data-binary '@file.digicert.tsq'  http://timestamp.digicert.com > file.digicert.tsr

file.digicert.tsr is the signed reponse sent by DIGICERT,

it is possible to take a look at it

$ openssl ts -reply -in file.digicert.tsr -text


timestamp token is
Status info:
Status: Granted.
Status description: unspecified
Failure info: unspecified

TST info:
Version: 1
Policy OID: 2.16.840.1.114412.7.1
Hash Algorithm: sha512
Message data:
    0000 - 0e 3e 75 23 4a bc 68 f4-37 8a 86 b3 f4 b3 2a 19   .>u#J.h.7.....*.
    0010 - 8b a3 01 84 5b 0c d6 e5-01 06 e8 74 34 57 00 cc   ....[......t4W..
    0020 - 66 63 a8 6c 1e a1 25 dc-5e 92 be 17 c9 8f 9a 0f   fc.l..%.^.......
    0030 - 85 ca 9d 5f 59 5d b2 01-2f 7c c3 57 19 45 c1 23   ..._Y]../|.W.E.#
Serial number: 0xE054E094488400DF537BCE57215FD45B
Time stamp: Mar  4 15:48:59 2023 GMT
Accuracy: unspecified
Ordering: no
Nonce: unspecified
TSA: unspecified
Extensions:

TIMESTAMP is Time stamp: Mar 4 15:48:59 2023 GMT

Where you need it, you can verify that this response has been signed by DIGICERT for this file at this time

note that 2 certificates from Digicert must be used ... See run.sh for more informations

$ openssl ts -verify -in file.digicert.tsr -queryfile file.digicert.tsq -CAfile DigiCertAssuredIDRootCA.crt.pem -untrusted CHAIN.pem

Verification: OK

Name		Name	Last commit message	Last commit date
Latest commit History 14 Commits
.vscode		.vscode
806e97fbe80900d764b3ee4e7a541fa43136466de1b4fbefae759448919bb0e9		806e97fbe80900d764b3ee4e7a541fa43136466de1b4fbefae759448919bb0e9
CHAIN.pem		CHAIN.pem
DigiCertAssuredIDRootCA.crt.pem		DigiCertAssuredIDRootCA.crt.pem
DigiCertAssuredIDRootCA.crt.pem.1		DigiCertAssuredIDRootCA.crt.pem.1
DigiCertTrustedG4RSA4096SHA256TimeStampingCA.cer		DigiCertTrustedG4RSA4096SHA256TimeStampingCA.cer
DigiCertTrustedG4RSA4096SHA256TimeStampingCA.cer.1		DigiCertTrustedG4RSA4096SHA256TimeStampingCA.cer.1
DigiCertTrustedRootG4.cer		DigiCertTrustedRootG4.cer
DigiCertTrustedRootG4.cer.1		DigiCertTrustedRootG4.cer.1
LICENSE		LICENSE
README.md		README.md
TSACertificate.cer		TSACertificate.cer
b64.txt		b64.txt
file.digicert.tsq		file.digicert.tsq
file.digicert.tsq.1		file.digicert.tsq.1
file.digicert.tsq.2		file.digicert.tsq.2
file.digicert.tsq.3		file.digicert.tsq.3
file.digicert.tsr		file.digicert.tsr
file.digicert.withoutpolicyid.withnonce.tsq		file.digicert.withoutpolicyid.withnonce.tsq
file.digicert.withoutpolicyid.withoutnonce.tsq		file.digicert.withoutpolicyid.withoutnonce.tsq
file.digicert.withpolicyid.tsq		file.digicert.withpolicyid.tsq
file.digicert.withpolicyid.withnonce.tsq		file.digicert.withpolicyid.withnonce.tsq
file.digicert.withpolicyid.withoutnonce.tsq		file.digicert.withpolicyid.withoutnonce.tsq
file.txt		file.txt
file2.digicert.tsq		file2.digicert.tsq
file2.txt		file2.txt
file3.digicert.tsq		file3.digicert.tsq
file3.txt		file3.txt
file3b.digicert.tsq		file3b.digicert.tsq
image.jpg		image.jpg
run.sh		run.sh
run_with_cert.sh		run_with_cert.sh
run_without_cert.sh		run_without_cert.sh
toto		toto

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

timestamping-server-with-digicert-freetsa

About

Releases

Packages

Languages

License

ysimonx/timestamping-server-with-digicert

Folders and files

Latest commit

History

Repository files navigation

timestamping-server-with-digicert-freetsa

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages