For me the blog is this odd mix of diary and technical notes, this time I guess the post is more of a technical note — here is a quick guide on how to generate RFC 3161 time-stamps using OpenSSL and curl.
1. Create the file you will want to timestamp
copy con inputfile.txt
This is my test file.
^Z
2. Generate a timestamp request
openssl ts -query -data inputfile.txt -cert -sha256 -no_nonce -out request.tsq
3. Send the request to your timestamp server
curl -k -H “Content-Type: application/timestamp-query” -H Host:timestamp.globalsign.com –data-binary @request.tsq “http://timestamp.globalsign.com” >inputfile.txt.tsr
4. Verify the timestamp response
openssl ts -reply -in inputfile.txt.tsr -text
This is going to give you some output that looks something like this:
Using configuration from C:\OpenSSL-Win64\bin\openssl.cfg
Status info:
Status: Granted.
Status description: unspecified
Failure info: unspecified
TST info:
Version: 1
Policy OID: 1.3.6.1.4.1.4146.2.2
Hash Algorithm: sha256
Message data:
0000 – 58 df 63 8c 5b bf ff ca-ad 13 c9 6e 93 96 cd 25 X.c.[……n…%
0010 – 66 5e f1 eb ba 8e 7f 74-6d 65 04 3c 5d ea e4 35 f^…..tme.<]..5
Serial number: 0x2487F5EA8A5A085844ED68A8A7426E07E692E1BD
Time stamp: Sep 17 05:08:38 2013 GMT
Accuracy: unspecified
Ordering: no
Nonce: unspecified
TSA: DirName:/C=SG/O=GMO GlobalSign Pte Ltd/CN=GlobalSign TSA for Standard – G1
Extensions:
It’s that easy.
With CURL, can use tsa url http://tsa.tecxoft.com/test. RFC 3161 standard based tsa, also offer free test timestamps.
Looks like: http://tsa.tecxoft.com/test is no longer up.