I'm trying to implement tsa server on python using twisted. Currently I'm using openssl binary to generate response, but this seems ugly to me, that's why I'm trying to figure out how to make response token with m2crypto.
Thanks in advance for help!
Maris.
EDITED:
how to achieve with m2crypto?:
openssl ts -reply -section tsa_config1 -queryfile query.tsq -out response.tsr
M2Crypto does not yet wrap those pieces of openssl, so you can't use M2Crypto for what you are using the openssl command line client for.
You can simply use the rfc3162ng module.
- download the certificate of your favorite TSA:
curl -o freetsa.crt https://freetsa.org/files/tsa.crt
- then use the method rfc3161ng.RemoteTimestamper to set a handler to the TSA service, and use the timestamp method to get the timestamp token as for rfc3161 specifications:
import rfc3161ng
certificate = open('tsa.crt', 'rb').read()
rt = rfc3161ng.RemoteTimestamper('https://freetsa.org/tsr', certificate=certificate)
tst = rt.timestamp(data=b'Data to timestamp')
- some other useful parameter for the RemoteTimestamper method:
hashname='sha256', timeout=10, username='me', password='secret'
If you are interested to deeply understand what is under the hood, I suggest reading this useful post written by Etienne Bouché.
You may be also interested in PyASN1 project, however, I should admit there's no adequate library to implement RFC3161 functionality in Python today. I would look towards Perl instead.
来源:https://stackoverflow.com/questions/2858282/timestamp-server-rfc3161-response-token-generation-in-python