JankariTechUG/GitTrustedTimestamps
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Updated documentation.

Browse Source 
Improved script verbosity.
Locally added second TSA so that commits in this repository will contain
two timestamps as an example.
This commit is contained in:
Matthias Bühlmann
2021-02-16 19:54:19 +01:00
parent e3789a3e3e
commit 86c39dc7c4
3 changed files with 28 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
hooks/timestamping
View File

@@ -51,6 +51,7 @@ exit_trap() {
trap "exit_trap" EXIT
OUT_STREAM=/dev/null
#uncomment for verbose output
#OUT_STREAM=/dev/stdout
#echo red text
@@ -186,22 +187,32 @@ request_token() {
local REQ_FILE="$TMP_DIR"/token_req.tsq
if [ "$REQUEST_CERTS" = true ]; then
if ! openssl ts -query -cert -digest "$DIGEST" -"$ALGO" -out "$REQ_FILE" &> "$OUT_STREAM"; then
echo "Failed to create token query"
echo "Error: Failed to create token query"
return 1
fi
else
if ! openssl ts -query -digest "$DIGEST" -"$ALGO" -out "$REQ_FILE" &> "$OUT_STREAM"; then
echo "Failed to create token query"
echo "Error: Failed to create token query"
return 1
fi
fi
local RESPONSE_FILE="$TMP_DIR"/response.tsr
if ! curl "$TSA_URL" -H "$CONTENT_TYPE" -H "$ACCEPT_TYPE" --data-binary @"$REQ_FILE" --output "$RESPONSE_FILE" &> "$OUT_STREAM"; then
echo "Failed to get response from $TSA_URL"
echo "Error: Failed to get response from $TSA_URL"
return 1
fi
local RESPONSE_STATUS=$(openssl ts -reply -in "$RESPONSE_FILE" -text 2> "$OUT_STREAM" | awk '/Status: /{print; exit}' | sed 's/Status: //' | sed 's/\.//')
if [ "$RESPONSE_STATUS" != "Granted" ]; then
echo "Error: Token request was not granted."
local STATUS_INFO=$(openssl ts -reply -in "$RESPONSE_FILE" -text 2> "$OUT_STREAM" | awk '/Status info:/{f=1} f {print} /Failure info: /{exit}')
echo "$STATUS_INFO"
echo "Note: If rejection reason is unrecognized or unsupported algorithm, then this tsa cannot be used for this repository, since it uses --object-format=$ALGO"
echo "The token request was:"
openssl ts -query -in "$REQ_FILE" -text 2> "$OUT_STREAM"
return 1
fi
if ! openssl ts -reply -in "$RESPONSE_FILE" -token_out -out "$OUTPUT_FILE" &> "$OUT_STREAM"; then
echo "Not a valid TSA response in file $RESPONSE_FILE"
echo "Error: Not a valid TSA response in file $RESPONSE_FILE"
return 1
fi
return 0