def pack_der(self, filename):
if not os.access(filename, os.R_OK):
self.logger.error('no file %s found' % filename)
return None
try:
file_hash = open(filename, 'rb')
hash_obj = hashlib.sha256()
hash_obj.update(file_hash.read())
digest = hash_obj.digest()
except:
self.logger.error('not hash generate')
return None
# costruisce la rischiesta
algorithm_identifier = rfc2459.AlgorithmIdentifier()
algorithm_identifier.setComponentByPosition(
0, rfc3161.__dict__['id_sha256'])
algorithm_identifier.setComponentByPosition(
1, univ.Null()) # serve per Aruba
message_imprint = rfc3161.MessageImprint()
# setto l'identificatore della hash nella richiesta
message_imprint.setComponentByPosition(0, algorithm_identifier)
# inserisco la hash nella richiesta
message_imprint.setComponentByPosition(1, digest)
request = rfc3161.TimeStampReq()
request.setComponentByPosition(0, 'v1')
request.setComponentByPosition(1, message_imprint)
request.setComponentByPosition(4,
univ.Boolean(True)) # server per Aruba
# codifico tutto in DER
binary_request = encoder.encode(request)
return binary_request
def __call__(self, data=None, digest=None, include_tsa_certificate=None, nonce=None):
algorithm_identifier = rfc2459.AlgorithmIdentifier()
algorithm_identifier.setComponentByPosition(0, get_hash_oid(self.hashname))
message_imprint = rfc3161.MessageImprint()
message_imprint.setComponentByPosition(0, algorithm_identifier)
hashobj = hashlib.new(self.hashname)
if data:
hashobj.update(data)
digest = hashobj.digest()
elif digest:
assert len(digest) == hashobj.digest_size, 'digest length is wrong'
else:
raise ValueError('You must pass some data to digest, or the digest')
message_imprint.setComponentByPosition(1, digest)
request = rfc3161.TimeStampReq()
request.setComponentByPosition(0, 'v1')
request.setComponentByPosition(1, message_imprint)
if nonce is not None:
request.setComponentByPosition(3, int(nonce))
request.setComponentByPosition(4, include_tsa_certificate if include_tsa_certificate is not None else self.include_tsa_certificate)
binary_request = encoder.encode(request)
headers = { 'Content-Type': 'application/timestamp-query' }
if self.username != None:
base64string = base64.standard_b64encode('%s:%s' % (self.username, self.password))
headers['Authorization'] = "Basic %s" % base64string
try:
response = requests.post(self.url, data=binary_request,
timeout=self.timeout, headers=headers)
except request.RequestException, e:
raise TimestampingError('Unable to send the request to %r' % self.url, e)
def create_timestamp_query(filename):
if not os.path.exists(filename):
return None, 'file non esistente'
if not os.path.isfile(filename):
return None, 'not a file'
# calcolo l'hash 256 de file
try:
file_hash = open(filename, "rb")
hash_obj = hashlib.sha256()
hash_obj.update(file_hash.read())
digest = hash_obj.digest()
except:
return None, 'failed to hash file' # TODO da riverede la gestione delle eccezioni
# costruisce l'oggetto richiesta
algorithm_identifier = rfc2459.AlgorithmIdentifier()
algorithm_identifier.setComponentByPosition(0,
rfc3161.__dict__["id_sha256"])
algorithm_identifier.setComponentByPosition(1,
univ.Null()) # serve per Aruba
message_imprint = rfc3161.MessageImprint()
message_imprint.setComponentByPosition(0, algorithm_identifier)
message_imprint.setComponentByPosition(1, digest)
request = rfc3161.TimeStampReq()
request.setComponentByPosition(0, 'v1')
request.setComponentByPosition(1, message_imprint)
request.setComponentByPosition(4, univ.Boolean(True)) # server per Aruba
# codifico tutto in DER
binary_request = encoder.encode(request)
return binary_request, ""
def __call__(self, data=None, sha1=None):
algorithm_identifier = rfc2459.AlgorithmIdentifier()
algorithm_identifier.setComponentByPosition(
0, get_hash_oid(self.hashobj.name))
message_imprint = rfc3161.MessageImprint()
message_imprint.setComponentByPosition(0, algorithm_identifier)
if data:
self.hashobj.update(data)
sha1 = self.hashobj.digest()
elif sha1:
assert len(sha1) == self.hashobj.digest_size
else:
raise ValueError(
'You must pass some data to digest, or the sha1 digest')
message_imprint.setComponentByPosition(1, sha1)
request = rfc3161.TimeStampReq()
request.setComponentByPosition(0, 'v1')
request.setComponentByPosition(1, message_imprint)
request.setComponentByPosition(4)
binary_request = encoder.encode(request)
http_request = urllib2.Request(
self.url, binary_request,
{'Content-Type': 'application/timestamp-query'})
if self.username != None:
base64string = base64.standard_b64encode(
'%s:%s' % (self.username, self.password))
http_request.add_header("Authorization", "Basic %s" % base64string)
try:
response = urllib2.urlopen(http_request).read()
except (IOError, socket.error), e:
raise TimestampingError(
'Unable to send the request to %s' % self.url, e)
def __call__(self,
data=None,
digest=None,
include_tsa_certificate=None,
nonce=None):
algorithm_identifier = rfc2459.AlgorithmIdentifier()
algorithm_identifier.setComponentByPosition(
0, get_hash_oid(self.hashname))
message_imprint = rfc3161.MessageImprint()
message_imprint.setComponentByPosition(0, algorithm_identifier)
hashobj = hashlib.new(self.hashname)
if data:
hashobj.update(data)
digest = hashobj.digest()
elif digest:
assert len(digest) == hashobj.digest_size, 'digest length is wrong'
else:
raise ValueError(
'You must pass some data to digest, or the digest')
message_imprint.setComponentByPosition(1, digest)
request = rfc3161.TimeStampReq()
request.setComponentByPosition(0, 'v1')
request.setComponentByPosition(1, message_imprint)
if self.tsa_policy_id:
policy = TSAPolicyId(self.tsa_policy_id)
request.setComponentByPosition(2, policy)
if nonce is not None:
request.setComponentByPosition(3, int(nonce))
request.setComponentByPosition(
4, include_tsa_certificate if include_tsa_certificate is not None
else self.include_tsa_certificate)
binary_request = encoder.encode(request)
headers = {'Content-Type': 'application/timestamp-query'}
if self.username != None:
base64string = base64.standard_b64encode(
'%s:%s' % (self.username, self.password))
headers['Authorization'] = "Basic %s" % base64string
response = self._make_request(self.url, binary_request, self.timeout,
headers)
tst_response, substrate = decoder.decode(
response.content, asn1Spec=rfc3161.TimeStampResp())
if substrate:
return False, 'Extra data returned'
result, message = self.check_response(tst_response,
digest,
nonce=nonce)
if result:
return encoder.encode(tst_response.time_stamp_token), ''
else:
return False, message