Beispiel #1
0
def get_token(data):
    ''' Call a Remote TimeStamper to obtain a ts token of data '''

    tst = None
    tsa_url = None
    with open(settings.tsa_yaml()) as tsa_list_fh:
        tsa_list = yaml.load(tsa_list_fh, Loader=yaml.FullLoader)

        for tsa in tsa_list:
            tsa_pathfile = os.path.join(settings.path_tsa_dir(), tsa['tsacrt'])
            if not os.path.isfile(tsa_pathfile):
                msg = "TSA cert file missing for %s" % tsa['url']
                logging.info(msg)
                continue
            with open(tsa_pathfile, 'rb') as tsa_fh:
                certificate = tsa_fh.read()
            timestamper = RemoteTimestamper(
                tsa['url'],
                certificate=certificate,
                cafile=tsa['cacrt'],
                hashname=tsa['hashname'],
                timeout=tsa['timeout'],
                username=tsa['username'],
                password=tsa['password'],
                include_tsa_certificate=tsa['include_tsa_cert'])
            nonce = unpack('<q', os.urandom(8))[0]

            msg = "try using TSA endpoint %s to timestamp data" % tsa['url']
            logging.debug(msg)
            try:
                tst = timestamper.timestamp(data=data, nonce=nonce)


# TODO: does the timestamp method compare result with current datetime?
# rfc3161ng.get_timestamp(tst) must be very close to current datetime
            except RuntimeError as err:
                logging.debug(err)
            except InvalidSignature:
                msg = "Invalid signature in timestamp from %s" % tsa['url']
                logging.info(msg)
            else:
                tsa_url = tsa['url']
                break

    if tst is not None:
        msg = "TSA %s timestamped dataobject at: %s" % (tsa_url,
                                                        get_timestamp(tst))
        logging.info(msg)
        return (tst, get_timestamp(tst), tsa_url)

    msg = "none of the TSA provided a timestamp"
    logging.critical(msg)
    return (None, None, None)
Beispiel #2
0
def default_test(tsa_server,
                 certificate,
                 username=None,
                 password=None,
                 data='xx',
                 nonce=None,
                 **kwargs):
    with open(certificate, 'rb') as f:
        certificate_data = f.read()

    kwargs.update({
        'certificate': certificate_data,
    })
    if username and password:
        kwargs.update({
            'username': username,
            'password': password,
        })

    timestamper = rfc3161ng.RemoteTimestamper(tsa_server, **kwargs)
    kwargs = {}
    if nonce:
        kwargs['nonce'] = nonce
    value = timestamper(data=data, **kwargs)
    assert value is not False
    assert isinstance(rfc3161ng.get_timestamp(value), datetime.datetime)
    assert value is not None
Beispiel #3
0
def get_info(tst):
    ''' Fetch timestamp and TSA info from token '''

    return (get_timestamp(tst), get_tsa_common_name(tst))