-
Notifications
You must be signed in to change notification settings - Fork 1
/
run.sh
38 lines (28 loc) · 1.24 KB
/
run.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# cf https://knowledge.digicert.com/generalinformation/INFO4231.html
# cf https://www.openssl.org/docs/man1.1.1/man1/openssl-ts.html
# cf https://www.binalyze.com/blog/dfir-lab/protect-your-chain-of-custody-with-content-hashing-and-timestamping
# cf python https://github.com/pyauth/tsp-client qui indique que digicert n''est pas https ...'
echo "test" > file.txt
# in one line : file.txt -> sha512 -> build query -> file.digicert.tsq
openssl ts -query -data file.txt -no_nonce -sha512 -cert -out file.digicert.tsq
echo "request query is : "
openssl ts -query -in file.digicert.tsq -text
sleep 5
curl -H "Content-Type: application/timestamp-query" --data-binary '@file.digicert.tsq' http://timestamp.digicert.com > file.digicert.tsr
echo "timestamp token is"
openssl ts -reply -in file.digicert.tsr -text
sleep 10
echo
echo "processing verification ..."
echo
sleep
echo "downloading digicert's public certificates"
rm *.cer
rm DigiCertAssuredIDRootCA.crt.pem
wget https://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt.pem
echo
echo
echo "verifying previous response with digicert's public certificate DigiCertAssuredIDRootCA.crt.pem"
sleep 5
echo
openssl ts -verify -in file.digicert.tsr -queryfile file.digicert.tsq -CAfile DigiCertAssuredIDRootCA.crt.pem