[openssl-users] Extracting certificate from RFC3161 time stamp response

Jakob Bohm jb-openssl at wisemo.com
Tue Mar 8 06:46:57 UTC 2016

On 07/03/2016 16:05, Anton Wuerfel wrote:
> Hello,
> for an university project I am implementing RFC3161 time stamps into git.
> when creating a TSQ it is possible to force the TSA server to include
> its signing certificate in the TSR. However, I was wondering how to
> extract this certificate at the client side, as neither 'openssl ts
> -reply' nor 'openssl ts -verify' seemed to offer an appropriate
> functionality. As the TSA field in TST_INFO is optional according to
> RFC3161 and might be unspecified, it is not a reliable way to
> determine the issuer of the timestamp signature. I would like to
> display the issuers name to the user if verification of the timestamp
> failed or the corresponding public key was not found in the user's
> certificate store.
> Is there any built-in way to extract the issuer's certificate from a TSR?
> Regards,
> Anton Wuerfel
IMHO that extra copy of the TSA server cert inside the TSR
is a complete and utter waste of bandwidth, not just for
the TSA communication, but for all the places where the
complete timestamp is subsequently carried around and/or
stored (in this case, the ever-growing git repository).

The obvious way to find this info is to not look inside
the TSR structure, but to look at the surrounding
SignedData (PKCS#7/CMS) structure.  This is the same as
for most other CMS signatures and includes signer
identification and certificate chain in the usual way.

Of cause, if a git repository contains many RFC3161 time
stamps from the same TSAs, it may pay off to define the
format as storing a (reversibly) transformed form where
all the common stuff is in a separate part of the file
format.  The sizes are large enough that a method such
as deflate/zip/gzip/zlib will have trouble eliminating
the redundancy efficiently on its own, while larger
size algorithms such as bzip2 or lzma should handle it
nicely if the time stamps are stored close together.

Another option, if the git format has a binary delta
algorithm already is to store the timestamps as
patches/deltas from prior timestamps, and letting the
delta algorithm recognize the large sequences of identical


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list