Time-Stamp Protocol
Jump to navigation
Jump to search
Introduction
The Time-Stamp Protocol, or TSP is a cryptographic protocol for certifying timestamps using X.509 certificates and public key infrastructure. The timestamp is the signer's assertion that a piece of electronic data existed at or before a particular time.
https://tools.ietf.org/html/rfc3161
Démonstration
LibreOffice
Voir https://freetsa.org/guide/libreoffice-time-stamping.html
FreeTSA
Voir Time Stamp Authority https://freetsa.org/index_en.php#online
########################################################### # 1. create a tsq file (SHA 512) ########################################################### openssl ts -query -data file.png -no_nonce -sha512 -out file.tsq openssl ts -query -in file.tsq -text # Option -cert: FreeTSA is expected to include its signing certificate in the response. (Optional) # If the tsq was created with the option "-cert", its verification does not require "-untrusted". #$ openssl ts -query -data file.png -no_nonce -sha512 -cert -out file.tsq # How to make Timestamps of many files? # To timestamp multiple files, create a text file with all their SHA-512 hashes and timestamp it. # Alternatively, you may pack all the files to be timestamped in a zip/rar/img/tar, etc file and timestamp it. # Generate a text file with all the hashes of the /var/log/ files $ find /var/log/ -type f -exec sha512sum {} + > compilation.txt ########################################################### # 2. cURL Time Stamp Request Input (HTTP / HTTPS) ########################################################### # HTTP 2.0 in cURL: Get the latest cURL release and use this command: curl --http2. curl -H "Content-Type: application/timestamp-query" --data-binary '@file.tsq' https://freetsa.org/tsr > file.tsr # Using the Tor-network. #$ curl -k --socks5-hostname 127.0.0.1:9050 -H "Content-Type: application/timestamp-query" --data-binary '@file.tsq' https://th3ccojidpgbgv5d.onion/tsr > file.tsr # tsget is very useful to stamp multiple time-stamp-queries: https://www.openssl.org/docs/manmaster/apps/tsget.html #$ tsget -h https://freetsa.org/tsr file1.tsq file2.tsq file3.tsq ########################################################### # 3. Verify tsg file ########################################################### wget https://freetsa.org/files/tsa.crt wget https://freetsa.org/files/cacert.pem # Timestamp Information. openssl ts -reply -in file.tsr -text # Verify (two diferent ways). # openssl ts -verify -data file -in file.tsr -CAfile cacert.pem -untrusted tsa.crt openssl ts -verify -in file.tsr -queryfile file.tsq -CAfile cacert.pem -untrusted tsa.crt # Verification: OK