bashclub/piler
1
0
Fork 0
mirror of https://bitbucket.org/jsuto/piler.git synced 2024-11-07 22:21:59 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fixed #1281 to support relaxed timestamp checking

Browse Source 
Signed-off-by: Janos SUTO <sj@acts.hu>
This commit is contained in:
Janos SUTO 2023-02-21 06:36:54 +01:00
parent 6c6e873043
commit d75ce865c4
2 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config.php.in
View File

@ -229,6 +229,7 @@ $config['TSA_PUBLIC_KEY_FILE'] = '';
$config['TSA_START_ID'] = 1;
$config['TSA_STAMP_REQUEST_UNIT_SIZE'] = 10000;
$config['TSA_VERIFY_CERTIFICATE'] = true;
$config['TSA_RELAXED_CHECK'] = false;
$config['DB_DRIVER'] = 'mysql';
$config['DB_PREFIX'] = '';

8
webui/system/helper/TrustedTimestamps.php
View File

@ -181,7 +181,13 @@ class TrustedTimestamps
$cmd = OPENSSL_BINARY . " ts -reply -in ".escapeshellarg($responsefile)." -token_out | " . OPENSSL_BINARY . " pkcs7 -inform DER -print_certs -out ".escapeshellarg($untrustedfile);
shell_exec($cmd);
$cmd = OPENSSL_BINARY . " ts -verify -digest ".escapeshellarg($hash)." -in ".escapeshellarg($responsefile)." -CAfile ".escapeshellarg($tsa_cert_file)." -untrusted ".escapeshellarg($untrustedfile);
if(TSA_RELAXED_CHECK) {
$relaxed_check = " -no_check_time ";
} else {
$relaxed_check = "";
}
$cmd = OPENSSL_BINARY . " ts -verify -digest " . escapeshellarg($hash) . $relaxed_check . " -in ".escapeshellarg($responsefile)." -CAfile ".escapeshellarg($tsa_cert_file)." -untrusted ".escapeshellarg($untrustedfile);
$retarray = array();
exec($cmd." 2>&1", $retarray, $retcode);