Guardtime log signature doesn't verify/dumps errors

This is the place for developers to discuss bugs, new features and everything else about code changes.

Google Ads


Guardtime log signature doesn't verify/dumps errors

Postby mkrutz » Wed Mar 19, 2014 7:31 pm

I've installed rsyslog version 7.6.0 and built with the options to get both guardtime and the user tools configured and installed. My /etc/rsyslog.conf entry looks like this:local2.info
Code: Select all
action(type="omfile" file="/var/log/local2.log" sig.provider="gt"
        sig.keepTreeHashes="on"
        sig.keepRecordHashes="on")


I'm successfully generating log messages clearly visible in /var/log/local2.log. I also see a local2.gtsig and local2.gtstate file, right where I'd expect them (/var/log). To make sure the gtsig file is complete, I do a 'killall -HUP rsyslogd' to make sure it closes the file it has been writing to for the signature.

For my particular test, local2.log is no longer being written to when I do the HUP signal, and it's not being written to while I verify. However, when I run: 'rsgtutil -t /var/log/local2.log', I get the following errors:

/var/log/local2.log.gtsig[1:1989:1989]: error[17]: RFC3161 timestamp invalid
Block Start Record.: 'Mar 19 14:11:57 localhost.localdomain [akka.actor.default-dispatcher-6] Logger started'
Record in Question.: 'Mar 19 14:12:37 localhost.localdomain [Thread-5] testapp 2014-03-19 14:12:37: MODIFIED: /home/guest/DEMO/javadoc/resources/inherit.gif.gtsig'
Publication Server.: http://verify.guardtime.com/gt-controlpublications.bin
GT Verify Timestamp: [517]Invalid signature
error 17 (RFC3161 timestamp invalid) 4 processing file /var/log/local2.log

I am unsure why this signature is not verifying correctly. This is about as basic a test for signing logs as I could come up with. Any suggestions would be appreciated.
mkrutz
New
 
Posts: 3
Joined: Wed Mar 19, 2014 7:20 pm

Urgent Question?

  • Pulling out your Hair?
  • Wasting Time and Money?
  • Deadline Approaching?

Google Ads


Return to Developer's Corner

Who is online

Users browsing this forum: No registered users and 0 guests

cron