CREATIVE CHAOS   ▋ blog

RFC3161 Timestamp

PUBLISHED ON 03/02/2022 — EDITED ON 11/12/2023 — SYSOPS

Pastebin style!

Create a test file:

touch inputfile.txt

Create request:

openssl ts -query -data inputfile.txt -cert -sha256 -no_nonce -out request.tsq

Timestamp the request with curl:

cat request.tsq | curl -s -S -H 'Content-Type: application/timestamp-query' --data-binary @- http://tsa-test.server.xyz/rfc3161timestamp -o response.tsr

Check the timestamp:

openssl ts -reply -in response.tsr -text
Using configuration from /usr/lib/ssl/openssl.cnf
Status info:
Status: Granted.
Status description: granted
Failure info: unspecified

TST info:
Version: 1
Policy OID: 1.3.6.1.4.1.6105.3.1.999999999
Hash Algorithm: sha256
Message data:
    0000 - 3c 5e 09 ca fc 25 5e ec-52 75 f3 42 48 7e bf 6c   <^...%^.Ru.BH~.l
    0010 - a5 bc 7b fa 06 54 97 a4-6c 12 24 94 13 99 6b f1   ..{..T..l.$...k.
Serial number: 0x017C55E1C4FF5B56084D00000000000059A9
Time stamp: Feb  3 11:12:52 2022 GMT
Accuracy: unspecified
Ordering: no
Nonce: unspecified
TSA: unspecified
Extensions:

Validation:

openssl ts -verify -in response.tsr -queryfile request.tsq -CAfile xyz.server.bundle.pem
TAGS: CURL, DEV, OPENSSL, RFC3161, TSA