OpenSSL:如何从 RFC3161 时间戳回复中提取证书和令牌状态?
OpenSSL: how to extract certificates and token status from RFC3161 timestamping reply?
使用 openssl ts (https://www.openssl.org/docs/man1.1.0/man1/openssl-ts.html) I can create TS queries, replies, extract tokens from replies and verify tokens (if I have the signing certificate in DER format) of the RFC3161 format as specified here: https://www.ietf.org/rfc/rfc3161.txt
要获得令牌,我可以这样做:
openssl ts -query -digest 899ba3d9f777e2a74bdd34302bc06cb3f7a46ac1f565ee128f79fd5dab99d68b -sha256 \
| curl -s -H "Content-Type: application/timestamp-query" -H "Accept: application/timestamp-reply" --data-binary @- https://freetsa.org/tsr > response.tsr
openssl ts -reply -in response.tsr -token_out -out token.tk
我还可以使用人类可读的形式打印响应
openssl ts -reply -in response.tsr -text
为了验证令牌,我需要提供参数
-CAfile trusted_certs.pem
The name of the file containing a set of trusted self-signed CA certificates in PEM format.
The file should contain one or more certificates in PEM format.
问题 1:
为什么这只需要信任锚(=自签名)证书而不需要整个链到 TSA 证书(或者 -verify 仅适用于证书链已包含在代币)?
问题二:
-cert
The TSA is expected to include its signing certificate in the response.
如果我在第一个 openssl 调用中指定了 -cert 参数,那么 token.tk 会更长并且还包含用于签署它的证书。如何从 token.tk 中提取该证书?
问题 3:
令我惊讶的是,当我请求包含证书的响应时 token.tk 变长了(我本以为只有 response.tsr 变长,而不是令牌本身),因为规范像这样指定 TimeStampToken:
A TimeStampToken is as follows. It is defined as a ContentInfo
([CMS]) and SHALL encapsulate a signed data content type.
TimeStampToken ::= ContentInfo
-- contentType is id-signedData ([CMS])
-- content is SignedData ([CMS])
The fields of type EncapsulatedContentInfo of the SignedData
construct have the following meanings:
eContentType is an object identifier that uniquely specifies the
content type. For a time-stamp token it is defined as:
id-ct-TSTInfo OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 4}
eContent is the content itself, carried as an octet string.
The eContent SHALL be the DER-encoded value of TSTInfo.
TSTInfo ::= SEQUENCE {
version INTEGER { v1(1) },
policy TSAPolicyId,
messageImprint MessageImprint,
-- MUST have the same value as the similar field in
-- TimeStampReq
serialNumber INTEGER,
-- Time-Stamping users MUST be ready to accommodate integers
-- up to 160 bits.
genTime GeneralizedTime,
accuracy Accuracy OPTIONAL,
ordering BOOLEAN DEFAULT FALSE,
nonce INTEGER OPTIONAL,
-- MUST be present if the similar field was present
-- in TimeStampReq. In that case it MUST have the same value.
tsa [0] GeneralName OPTIONAL,
extensions [1] IMPLICIT Extensions OPTIONAL }
那么,签名证书存储在哪里?是扩展名吗?或者它是 ContentType 标识符的一部分?
问题四:
如果我确实指定了 -cert 参数,我如何从 token.tk 中提取文件 token_stripped.tk,以便 token_stripped.tk 与我创建请求时的效果相同没有 -cert 参数?
问题 5:
如何从 response.tsr 中提取 PKIStatus(如链接规范中指定的那样)(最好不要先将其转换为人类可读的形式)?
回答我自己的问题:
Question 1:
Why does this only require the trust-anchor (=self-signed) certificate
and not the whole chain down to the TSA certificate (or does -verify
only work with tokens for which the certificate chain has been
included in the token)?
它实际上确实需要它,但如果令牌已经包含嵌入的整个信任链,则不需要它。否则必须使用 -untrusted 参数
提供
Question 2:
-cert
The TSA is expected to include its signing certificate in the response.
If I specify the -cert parameter in the first openssl call, then token.tk will be longer and also contain the certificate that was
used to sign it. How can I extract that certificate from token.tk?
以下调用提取嵌入式证书:
penssl pkcs7 -inform DER -in tokenfile.tst -print_certs -outform PEM -out certificatechain.pem
Question 3:
I'm surprised that token.tk gets longer when I request the response to
include the certificates (I would have assumed only response.tsr to
get longer, not the token itself
TstInfo 实际上保持相同的长度,但时间戳令牌不是 TstInfo 而是包装 CMS ContentInfo,并且证书(符合规范)作为签名属性嵌入到该 ContentInfo 对象中。
Question 4:
If I did specify the -cert parameter, how can I extract a file
token_stripped.tk from token.tk, so that token_stripped.tk is the same
as if I would have created the request without the -cert argument?
由于证书嵌入在签名属性中而不是未签名属性中,因此不可能从包含证书链的令牌中生成有效的剥离令牌。
Question 5:
How can I extract the PKIStatus (as specified in the linked
specification) from response.tsr (optimally without first converting
it to human readable form)?
除了使用 openssl cli 解析人类可读的形式外,我没有找到其他方法
使用 openssl ts (https://www.openssl.org/docs/man1.1.0/man1/openssl-ts.html) I can create TS queries, replies, extract tokens from replies and verify tokens (if I have the signing certificate in DER format) of the RFC3161 format as specified here: https://www.ietf.org/rfc/rfc3161.txt
要获得令牌,我可以这样做:
openssl ts -query -digest 899ba3d9f777e2a74bdd34302bc06cb3f7a46ac1f565ee128f79fd5dab99d68b -sha256 \
| curl -s -H "Content-Type: application/timestamp-query" -H "Accept: application/timestamp-reply" --data-binary @- https://freetsa.org/tsr > response.tsr
openssl ts -reply -in response.tsr -token_out -out token.tk
我还可以使用人类可读的形式打印响应 openssl ts -reply -in response.tsr -text
为了验证令牌,我需要提供参数
-CAfile trusted_certs.pem
The name of the file containing a set of trusted self-signed CA certificates in PEM format.
The file should contain one or more certificates in PEM format.
问题 1:
为什么这只需要信任锚(=自签名)证书而不需要整个链到 TSA 证书(或者 -verify 仅适用于证书链已包含在代币)?
问题二:
-cert
The TSA is expected to include its signing certificate in the response.
如果我在第一个 openssl 调用中指定了 -cert 参数,那么 token.tk 会更长并且还包含用于签署它的证书。如何从 token.tk 中提取该证书?
问题 3:
令我惊讶的是,当我请求包含证书的响应时 token.tk 变长了(我本以为只有 response.tsr 变长,而不是令牌本身),因为规范像这样指定 TimeStampToken:
A TimeStampToken is as follows. It is defined as a ContentInfo
([CMS]) and SHALL encapsulate a signed data content type.
TimeStampToken ::= ContentInfo
-- contentType is id-signedData ([CMS])
-- content is SignedData ([CMS])
The fields of type EncapsulatedContentInfo of the SignedData
construct have the following meanings:
eContentType is an object identifier that uniquely specifies the
content type. For a time-stamp token it is defined as:
id-ct-TSTInfo OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 4}
eContent is the content itself, carried as an octet string.
The eContent SHALL be the DER-encoded value of TSTInfo.
TSTInfo ::= SEQUENCE {
version INTEGER { v1(1) },
policy TSAPolicyId,
messageImprint MessageImprint,
-- MUST have the same value as the similar field in
-- TimeStampReq
serialNumber INTEGER,
-- Time-Stamping users MUST be ready to accommodate integers
-- up to 160 bits.
genTime GeneralizedTime,
accuracy Accuracy OPTIONAL,
ordering BOOLEAN DEFAULT FALSE,
nonce INTEGER OPTIONAL,
-- MUST be present if the similar field was present
-- in TimeStampReq. In that case it MUST have the same value.
tsa [0] GeneralName OPTIONAL,
extensions [1] IMPLICIT Extensions OPTIONAL }
那么,签名证书存储在哪里?是扩展名吗?或者它是 ContentType 标识符的一部分?
问题四:
如果我确实指定了 -cert 参数,我如何从 token.tk 中提取文件 token_stripped.tk,以便 token_stripped.tk 与我创建请求时的效果相同没有 -cert 参数?
问题 5:
如何从 response.tsr 中提取 PKIStatus(如链接规范中指定的那样)(最好不要先将其转换为人类可读的形式)?
回答我自己的问题:
Question 1:
Why does this only require the trust-anchor (=self-signed) certificate and not the whole chain down to the TSA certificate (or does -verify only work with tokens for which the certificate chain has been included in the token)?
它实际上确实需要它,但如果令牌已经包含嵌入的整个信任链,则不需要它。否则必须使用 -untrusted 参数
提供Question 2:
-cert The TSA is expected to include its signing certificate in the response.
If I specify the -cert parameter in the first openssl call, then token.tk will be longer and also contain the certificate that was used to sign it. How can I extract that certificate from token.tk?
以下调用提取嵌入式证书:
penssl pkcs7 -inform DER -in tokenfile.tst -print_certs -outform PEM -out certificatechain.pem
Question 3:
I'm surprised that token.tk gets longer when I request the response to include the certificates (I would have assumed only response.tsr to get longer, not the token itself
TstInfo 实际上保持相同的长度,但时间戳令牌不是 TstInfo 而是包装 CMS ContentInfo,并且证书(符合规范)作为签名属性嵌入到该 ContentInfo 对象中。
Question 4:
If I did specify the -cert parameter, how can I extract a file token_stripped.tk from token.tk, so that token_stripped.tk is the same as if I would have created the request without the -cert argument?
由于证书嵌入在签名属性中而不是未签名属性中,因此不可能从包含证书链的令牌中生成有效的剥离令牌。
Question 5:
How can I extract the PKIStatus (as specified in the linked specification) from response.tsr (optimally without first converting it to human readable form)?
除了使用 openssl cli 解析人类可读的形式外,我没有找到其他方法