mirror of
https://github.com/kakwa/uts-server
synced 2024-11-14 13:38:54 +01:00
62c9b56584
* implement a -r switch to force removal of an existing tsr * implement a way to kind of check is the response looks like a TSR
128 lines
3.9 KiB
Bash
Executable File
128 lines
3.9 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
RCol='\33[0m' # Text Reset
|
|
|
|
# Regular Bold Underline High Intensity BoldHigh Intens
|
|
Bla='\33[0;30m'; BBla='\33[1;30m'; UBla='\33[4;30m'; IBla='\33[0;90m'; BIBla='\33[1;90m';
|
|
Red='\33[0;31m'; BRed='\33[1;31m'; URed='\33[4;31m'; IRed='\33[0;91m'; BIRed='\33[1;91m';
|
|
Gre='\33[0;32m'; BGre='\33[1;32m'; UGre='\33[4;32m'; IGre='\33[0;92m'; BIGre='\33[1;92m';
|
|
Yel='\33[0;33m'; BYel='\33[1;33m'; UYel='\33[4;33m'; IYel='\33[0;93m'; BIYel='\33[1;93m';
|
|
Blu='\33[0;34m'; BBlu='\33[1;34m'; UBlu='\33[4;34m'; IBlu='\33[0;94m'; BIBlu='\33[1;94m';
|
|
Pur='\33[0;35m'; BPur='\33[1;35m'; UPur='\33[4;35m'; IPur='\33[0;95m'; BIPur='\33[1;95m';
|
|
Cya='\33[0;36m'; BCya='\33[1;36m'; UCya='\33[4;36m'; ICya='\33[0;96m'; BICya='\33[1;96m';
|
|
Whi='\33[0;37m'; BWhi='\33[1;37m'; UWhi='\33[4;37m'; IWhi='\33[0;97m'; BIWhi='\33[1;97m';
|
|
|
|
SYSLOG=1
|
|
|
|
help(){
|
|
cat <<EOF
|
|
|
|
usage: `basename $0` -i <input file> -u <ts server url> \\
|
|
-o <output ts file> -O <openssl options> -C <curl options>
|
|
|
|
HTTP timestamping client using openssl and curl (RFC 3161)
|
|
|
|
arguments:
|
|
|
|
* mandatory:
|
|
-i <input file>: the input file to timestamp
|
|
-u <ts server url>: the timestamp server url
|
|
|
|
* optionnal:
|
|
-l : enable logging to syslog
|
|
-o <output ts file>: output timestamp file name (default: <input file>.ts)
|
|
-O <openssl options>: openssl additionnal options (man ts for more details)
|
|
-C <curl options>: curl additionnal options (man curl for more details)
|
|
|
|
EOF
|
|
exit 1
|
|
}
|
|
|
|
simple_logger(){
|
|
[ $SYSLOG -eq 0 ] && logger -t `basename $0` -p user.$1 $2
|
|
}
|
|
|
|
clean(){
|
|
rm -f -- "$TMPREQ"
|
|
}
|
|
|
|
clean_exit(){
|
|
clean
|
|
exit 1
|
|
}
|
|
|
|
exit_error(){
|
|
msg=$1
|
|
simple_logger err "error, $msg"
|
|
printf "${BIRed}[ERROR] ${IYel}%s${RCol}\n" "$msg"
|
|
clean_exit
|
|
}
|
|
|
|
info(){
|
|
msg=$1
|
|
simple_logger debug "$msg"
|
|
printf "${BIBlu}[INFO] ${RCol}%s${RCol}\n" "$msg"
|
|
}
|
|
|
|
success(){
|
|
msg=$1
|
|
simple_logger info "$msg"
|
|
printf "${BIGre}[SUCCESS] ${RCol}%s${RCol}\n" "$msg"
|
|
}
|
|
|
|
trap clean_exit HUP INT TERM
|
|
TMPREQ=`mktemp`
|
|
|
|
REMOVE_TS=0
|
|
|
|
while getopts ":lhru:i:o:O:C:" opt; do
|
|
case $opt in
|
|
h) help;;
|
|
l) SYSLOG=0;;
|
|
u) TS_URL="$OPTARG";;
|
|
i) INPUT_FILE="`readlink -f $OPTARG`";;
|
|
o) OUTPUT_FILE="`readlink -f $OPTARG`";;
|
|
O) OPENSSL_OPTS="$OPTARG";;
|
|
C) CURL_OPTS="$OPTARG";;
|
|
r) REMOVE_TS=1;;
|
|
\?) echo "Invalid option: -$OPTARG" >&2; help; exit 1;;
|
|
:) echo "Option -$OPTARG requires an argument." >&2; help; exit 1;;
|
|
esac
|
|
done
|
|
|
|
# If no output file specified, output to <input file>.ts
|
|
[ -z "$OUTPUT_FILE" ] && OUTPUT_FILE="${INPUT_FILE}.tsr"
|
|
|
|
# Check that input file exists
|
|
[ -f "$INPUT_FILE" ] || exit_error "Input file '$INPUT_FILE' doesn't exist"
|
|
# Check that output file doesn't exit
|
|
if [ $REMOVE_TS -eq 1 ]
|
|
then
|
|
[ -f "$OUTPUT_FILE" ] && rm -f "$OUTPUT_FILE"
|
|
else
|
|
! [ -f "$OUTPUT_FILE" ] || exit_error "Output timestamp file '$OUTPUT_FILE' already exists"
|
|
fi
|
|
# Check that url is not empty
|
|
! [ -z "$TS_URL" ] || exit_error "Missing timestamp server url"
|
|
|
|
info "Generating timestamp on file '$INPUT_FILE', to '$OUTPUT_FILE', using server '$TS_URL'"
|
|
|
|
# Building the timestamp request with openssl
|
|
openssl ts $OPENSSL_OPTS \
|
|
-query -data "$INPUT_FILE" \
|
|
-out "$TMPREQ" || exit_error "Request generation failed"
|
|
|
|
# Submitting the timestamp request to the RFC 3161 server with curl
|
|
curl "$TS_URL" $CURL_OPTS \
|
|
-H "Content-Type: application/timestamp-query" \
|
|
-f -g \
|
|
--data-binary @$TMPREQ \
|
|
-o "$OUTPUT_FILE" 2>/dev/null || exit_error "Timestamp query failed"
|
|
|
|
openssl ts -verify -data "$INPUT_FILE" -in "$OUTPUT_FILE" 2>&1 | grep -q "asn1 encoding routines" && exit_error \
|
|
"Reponse doesn't appear to be a timestamp response"
|
|
|
|
success "Timestamp of file '$INPUT_FILE' using server '$TS_URL' succeed, ts written to '$OUTPUT_FILE'"
|
|
|
|
clean
|