Python implementation of the RFC3161 specification, using pyasn1
Project description
A simple client library for cryptographic timestamping service implementing the protocol from RFC3161.
This started as a fork of https://dev.entrouvert.org/projects/python-rfc3161 and has some additional patches such as Python3 support.
The latest version of this library is available from https://github.com/trbs/rfc3161ng/ .
Public providers
There are several timestamping services around. Here is a list of publicly available services you can try:
Example
>>> import rfc3161ng >>> certificate = open('data/certum_certificate.crt', 'rb').read() >>> rt = rfc3161ng.RemoteTimestamper('http://time.certum.pl', certificate=certificate) >>> tst = rt.timestamp(data=b'John Doe') >>> rt.check(tst, data=b'John Doe') True >>> rfc3161ng.get_timestamp(tst) datetime.datetime(2017, 8, 31, 15, 42, 58, tzinfo=tzutc())
Example for a server that insist on SHA256:
>> import rfc3161ng >> timestamper = rfc3161ng.RemoteTimestamper(’https://interop.redwax.eu/test/timestamp’, hashname=’sha256’) >> tsr = timestamper(data=b’The RedWax Project’, return_tsr=True) >> print(‘{}’.format(tsr))
Verifying timestamp using OpenSSL
One can verify the timestamp returned by the timeserver by using OpenSSL. For example with:
$ openssl ts -verify -data data_file.txt -in data_file.tsr -CAfile cacert.pem -untrusted tsa.crt
To save the tsr you can use code similar to:
>>> from pyasn1.codec.der import encoder >>> import rfc3161ng >>> ... >>> timestamper = rfc3161ng.RemoteTimestamper('http://freetsa.org/tsr', certificate=certificate_data) >>> tsr = timestamper(data=data_file.read(), return_tsr=True) >>> with open("data_file.tsr", "wb") as f: >>> f.write(encoder.encode(tsr))
Alternatively you can just save the raw response.content returned from the certification server.
There is a test which also covers this in test_verify_timestamp_response_with_openssl.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for rfc3161ng-2.1.3-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 81fe7e4488f523c758b1206bf5e72ba2066b78f2812107b1b7bb16a7596e524b |
|
MD5 | 7d54c9751072f9cb36e77b36259d477f |
|
BLAKE2b-256 | 6c66cf13725b4ad06527ca482c99202a683ca3b35586eec9bad5f9e19efb43b9 |