TSA fixes

Signed-off-by: Janos SUTO <sj@acts.hu>
This commit is contained in:
Janos SUTO 2020-10-17 20:03:07 +02:00
parent 39fd0899b0
commit 4a131f3058
2 changed files with 55 additions and 48 deletions

View File

@ -1,11 +1,11 @@
<?php
define(COUNT, 'count');
define(HASH_VALUE, 'hash_value');
define(RESPONSE_STRING, 'response_string');
define(RESPONSE_TIME, 'response_time');
define(START_ID, 'start_id');
define(STOP_ID, 'stop_id');
define('COUNT', 'count');
define('HASH_VALUE', 'hash_value');
define('RESPONSE_STRING', 'response_string');
define('RESPONSE_TIME', 'response_time');
define('START_ID', 'start_id');
define('STOP_ID', 'stop_id');
ini_set("session.save_path", "/tmp");
@ -136,12 +136,12 @@ function get_hash_values() {
if(MODE == 'time') { $stop_id = $start_id + $count - 1; }
return array(
START_ID => $start_id,
STOP_ID => $stop_id,
COUNT => $count,
HASH_VALUE => sha1($s)
);
return [
START_ID => $start_id,
STOP_ID => $stop_id,
COUNT => $count,
HASH_VALUE => sha1($s)
];
}

View File

@ -167,14 +167,23 @@ class TrustedTimestamps
*
* every other case (Certificate not found / invalid / openssl is not installed / ts command not known)
* are being handled the same way -> retcode 1 + any retarray NOT containing "message imprint mismatch"
*
* For openssl 1.1.x it's 2 lines actually:
*
* Using configuration from /usr/lib/ssl/openssl.cnf
* Verification: OK
*
*/
if ($retcode === 0 && strtolower(trim($retarray[0])) == "verification: ok")
{
if (self::getTimestampFromAnswer ($base64_response_string) != $response_time)
throw new Exception("The responsetime of the request was changed");
if ($retcode === 0) {
foreach ($retarray as $line) {
if(strtolower(trim($line)) == "verification: ok") {
if (self::getTimestampFromAnswer ($base64_response_string) != $response_time)
throw new Exception("The responsetime of the request was changed");
return true;
return true;
}
}
}
foreach ($retarray as $retline)
@ -205,5 +214,3 @@ class TrustedTimestamps
return $tempfilename;
}
}
?>