Skip to content

Sabard/darwin #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
sabard wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Sabard/darwin #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
1feadf0
fix macos bugs
sabard Apr 2, 2025
a8a32b1
fix linux base64 command
sabard Apr 2, 2025
e20b376
use cut to parse substring
sabard Apr 2, 2025
e060a54
support variable number of ms in microsoft timestamp
sabard Apr 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 14 additions & 7 deletions trustedtimestamping/usr/local/bin/ttsPackJSON
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,13 @@ VERSION=0.0.2

DIGEST_SIZE=256

# check for Mac
if [ "$(uname)" = "Darwin" ]; then
CMD_BASE64="base64 -b 0"
else
CMD_BASE64="base64 -w 0"
fi

DIR_LOCAL_BIN=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
source $DIR_LOCAL_BIN/../../../etc/trustedts/tts.source

Expand All @@ -35,7 +42,7 @@ if compgen -G "$DIR_TS/*.sha$DIGEST_SIZE" > /dev/null; then
FILE_HASH=$(find $DIR_TS -name "*.sha$DIGEST_SIZE" -exec basename {} .sha$DIGEST_SIZE \;)

JSON=$(jq ".name = \"$FILE_HASH\"" <(printf '%s' "$JSON"))
JSON=$(jq ".hashfile = {\"filename\" : \"$FILE_HASH.sha$DIGEST_SIZE\", \"algorithm\" : \"SHA$DIGEST_SIZE\", \"contents\" : \"$(base64 -w 0 < <(<$DIR_TS/$FILE_HASH.sha$DIGEST_SIZE) )\"} " <(printf '%s' "$JSON"))
JSON=$(jq ".hashfile = {\"filename\" : \"$FILE_HASH.sha$DIGEST_SIZE\", \"algorithm\" : \"SHA$DIGEST_SIZE\", \"contents\" : \"$($CMD_BASE64 < <(<$DIR_TS/$FILE_HASH.sha$DIGEST_SIZE) )\"} " <(printf '%s' "$JSON"))
fi

# check if git hash file exists
Expand All @@ -51,19 +58,19 @@ for TSA_idx in $(seq 0 $((${#TSA_names[@]}-1)) ); do

CRLs=()
for crl in $DIR_TS/tsCRL_${TSA_names[$TSA_idx]}*.crl; do
CRLs+=($(base64 -w 0 < <(<$crl) ))
CRLs+=($($CMD_BASE64 < <(<$crl) ))
done
CRL_JSON=$(jq -n --arg array "${CRLs[*]}" '$array| split(" ")')

STR_TSREP=$(base64 -w 0 < <(<$DIR_TS/tsReply_${TSA_names[$TSA_idx]}.tsr) )
STR_CA=$(base64 -w 0 < <(<$DIR_CA/${TSA_names[$TSA_idx]}CA.pem) )
STR_TSREP=$($CMD_BASE64 < <(<$DIR_TS/tsReply_${TSA_names[$TSA_idx]}.tsr) )
STR_CA=$($CMD_BASE64 < <(<$DIR_CA/${TSA_names[$TSA_idx]}CA.pem) )

JSON=$(jq ".timestamps += [{ \"authority\" : \"${TSA_names[$TSA_idx]}\", \"url\" : \"${TSA_urls[$TSA_idx]}\", \"reply\" : \"$STR_TSREP\", \"ca\" : \"$STR_CA\", \"crls\" : $CRL_JSON }]" <(printf '%s' "$JSON"))
done

if [ -v FILE_HASH ]; then
FILE_SUFFIX="_$FILE_HASH"
else
if [ -n FILE_HASH ]; then
FILE_SUFFIX=""
else
FILE_SUFFIX="_$FILE_HASH"
fi
printf '%s' "$JSON" > timestamps$FILE_SUFFIX.json
13 changes: 10 additions & 3 deletions trustedtimestamping/usr/local/bin/ttsVerify
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,12 @@ DIGEST_SIZE=256

# check for Mac
if [ "$(uname)" = "Darwin" ]; then
CMD_CSPLIT=gcsplit
CMD_DATE=("date" "-jf" "%b %e %H:%M:%S %Y %Z")
CMD_SHA="shasum -a $DIGEST_SIZE"
else
CMD_CSPLIT=csplit
CMD_DATE=("date" "-d")
CMD_SHA="sha${DIGEST_SIZE}sum"
fi

Expand Down Expand Up @@ -101,7 +105,7 @@ fi
TSAs=()
for f in $DIR_TS/*.tsr; do
fbase=$(basename $f)
TSAs+=(${fbase:8:-4})
TSAs+=($(echo $fbase | cut -d'_' -f 2 | cut -d '.' -f 1))
done

V_STATUS=()
Expand All @@ -115,7 +119,10 @@ for TSA_idx in $(seq 0 $((${#TSAs[@]}-1)) ); do
2> >(grep -v "Using configuration from" >&2) )
TS_HASH_ALG+=($(printf "%s" "$TS_R" | grep "Hash Algorithm" | cut -c 17- | tr -d " \n" | tr "[:lower:]" "[:upper:]"))
TS_HASH_DIGEST+=($(printf "%s" "$TS_R" | grep "Message data" -A 2 | tail -2 | cut -c 12-58 | tr -d " \-\n"))
TS_EPOCH+=($(date -d "$(printf "%s" "$TS_R" | grep "Time stamp" | cut -c 12-)" +%s))
TS_TIME="$(printf "%s" "$TS_R" | grep "Time stamp" | cut -c 13-)"
# throw out milliseconds if present
TS_TIME=$(echo $TS_TIME | sed -E 's/([0-9]{2}:[0-9]{2}:[0-9]{2})\.[0-9]*/\1/g')
TS_EPOCH+=($("${CMD_DATE[@]}" "$TS_TIME" +%s))

printf 'Verifying %s: ' "${TSAs[$TSA_idx]}"

Expand All @@ -126,7 +133,7 @@ for TSA_idx in $(seq 0 $((${#TSAs[@]}-1)) ); do
# extract certificates from timestamp
$DIR_BIN/ttsRepCert $DIR_TS/tsReply_${TSAs[$TSA_idx]}.tsr
# split cert chain pem into individual certificates
csplit -s -f tsReply_${TSAs[$TSA_idx]} -b %02d.pem tsReply_${TSAs[$TSA_idx]}.pem /END\ CERTIFICATE/+2 {*}
$CMD_CSPLIT -s -f tsReply_${TSAs[$TSA_idx]} -b %02d.pem tsReply_${TSAs[$TSA_idx]}.pem /END\ CERTIFICATE/+2 {*}
# delete empty file
find $DIR_TMP -size 0 -delete
# delete cert chain pem
Expand Down