security-and-privacy/uts-server
security-and-privacy/uts-server
1
0
Fork 0
mirror of https://github.com/kakwa/uts-server synced 2024-06-20 10:43:02 +02:00
Code Issues Releases Wiki Activity
236 Commits 2 Branches 15 Tags 500 KiB
C 76.4%
Shell 12.4%
CMake 6.5%
HTML 3.7%
Python 1%
822b97a035
Go to file
kakwa 822b97a035 add handling of NULL strings in logs 
replace NULL char * by const char * "<undef>" in log messages
as printf("%s", NULL) behavior is not formalized.
2017-04-22 01:42:58 +02:00
cmake remove cmake warning + better comment 2017-04-21 08:59:20 +02:00
conf more secure cryptographic algorithm in example configuration 2016-09-12 22:43:00 +02:00
docs fix option and documentation + changelog 2017-01-31 01:26:51 +01:00
goodies make the generation of the parameters completely automatic 2016-09-23 22:35:34 +02:00
inc add handling of NULL strings in logs 2017-04-22 01:42:58 +02:00
src add handling of NULL strings in logs 2017-04-22 01:42:58 +02:00
tests revert change in stress.py test script 2017-01-29 19:58:14 +01:00
.gitignore adding the configure.rst file in gitignore 2016-09-23 22:39:26 +02:00
.gitmodules remove submodule for civetweb 2016-09-07 20:56:02 +02:00
.travis.yml cleaning the travis.yml file 2016-12-04 14:10:30 +01:00
ChangeLog.rst add changelog entry and version bump 2017-04-21 09:10:39 +02:00
CMakeLists.txt add changelog entry and version bump 2017-04-21 09:10:39 +02:00
LICENSE Initial commit 2015-12-16 22:13:06 +01:00
README.rst explicitly mention BUNDLE_CIVETWEB has a developpment/testing option 2017-01-30 19:21:58 +01:00

README.rst

uts-server

image

image

Documentation Status

Micro RFC 3161 Time-Stamp server written in C.

Doc

Uts-Server documentation on ReadTheDoc

Dev

Uts-Server source code on GitHub

License

MIT

Author

Pierre-Francois Carpentier - copyright © 2016

License

Released under the MIT Public License

What is RFC 3161?

An RFC 3161 time-stamp is basically a cryptographic signature with a date attached.

Roughly, it works as follow:

  1. A client application sends an hash of the data it wants to time-stamp to a Time-Stamp authority server.
  2. The Time-Stamp authority server retrieves the current date, concatenates it with the hash and uses its private key to create the time-stamp (kind of like a signature).
  3. The Time-Stamp authority server returns the generated time-stamp to the client application.

Then a client can verify the piece of data with the time-stamp using the Certificate Authority of the time-stamp key pair (X509 certificates).

It gives a cryptographic proof of a piece of data content, like a file, at a given time.

Some use cases:

  • time-stamp log files at rotation time.
  • time-stamp file at upload to prove it was delivered in due time or not.

Quick (and dirty) Testing

Here a few steps to quickly trying out uts-server, for production setup, please compile civetweb externally and create proper CA and certificates:

# Building with civetweb embedded (will recover civetweb from github).
# Note: the BUNDLE_CIVETWEB option is only here for fast testing purpose
# The recommended way to deploy uts-server in production is to build civetweb
# separatly and to link against it.
$ cmake . -DBUNDLE_CIVETWEB=ON
$ make

# Create some test certificates.
$ ./tests/cfg/pki/create_tsa_certs

# Launching the time-stamp server with test configuration in debug mode.
$ ./uts-server -c tests/cfg/uts-server.cnf -D

# In another shell, launching a time-stamp script on the README.md file.
$ ./goodies/timestamp-file.sh -i README.rst -u http://localhost:2020 -r -O "-cert";

# Verify the time-stamp.
$ openssl ts -verify -in README.rst.tsr -data README.rst -CAfile ./tests/cfg/pki/tsaca.pem

# Display the time-stamp content.
$ openssl ts -reply -in README.rst.tsr -text

Powered by

image

image