fetching full certs frmo hashes in reader

2 files changed, 56 insertions, 28 deletions

diff --git a/monitor/josef_lib.py b/monitor/josef_lib.py
index afa165b..45ca80f 100644
--- a/monitor/josef_lib.py
+++ b/monitor/josef_lib.py
@@ -98,6 +98,21 @@ def my_get_cert_info(s):
         prev = line
     return result
 
+def my_get_all_cert_info(s):
+    p = subprocess.Popen(
+        ["openssl", "x509", "-fingerprint", "-text", "-noout", "-inform", "der"],
+        stdin=subprocess.PIPE, stdout=subprocess.PIPE,
+        stderr=subprocess.PIPE)
+    parsed = p.communicate(s)
+    if parsed[1]:
+        print "ERROR:", parsed[1]
+        sys.exit(1)
+    result = []
+    for line in parsed[0].split("\n"):
+        result.append(line)
+    return result
+
+
 def get_pemlike(filename, marker):
     return get_pemlike_from_file(open(filename), marker)
 
diff --git a/monitor/josef_reader.py b/monitor/josef_reader.py
index 8a927d8..a100b0a 100755
--- a/monitor/josef_reader.py
+++ b/monitor/josef_reader.py
@@ -6,16 +6,20 @@ from josef_lib import *
 import leveldb
 import argparse
 import json
+import base64
+import subprocess
 from josef_leveldb import *
 from datetime import datetime as dt
 import ast
+from monitor_conf import DB_PATH
 
 
 
 parser = argparse.ArgumentParser(description="")
-parser.add_argument('--domain', default=None, help="RTFM")
-parser.add_argument('--log', default=None, help="RTFM")
-parser.add_argument('--exclude-invalid', action='store_true', help="RTFM")
+parser.add_argument('--domain', default=None)
+parser.add_argument('--log', default=None)
+parser.add_argument('--exclude-invalid', action='store_true')
+parser.add_argument('--get-cert', action='store_true')
 
 args = parser.parse_args()
 
@@ -27,10 +31,39 @@ monitored_domains = [
     "symantec.com",
 ]
 
-db = "./tmpdb/"
+
+def check_domain(raw_entry, log=None):
+    orig_entry = extract_original_entry(raw_entry)
+    try:
+        cert_info = my_get_all_cert_info(orig_entry[0][0])
+        if log:
+            cert_info["log"] = log[8:-1] # strip generic URL stuff
+        return cert_info
+    except IndexError:
+        return None
+
+
+def get_full_cert(entry):
+    try:
+        log = "https://" + entry["log"] + "/"
+        leaf_hash = entry["leaf_hash"]
+    except:
+        print "Could not get stats from entry."
+        return
+    # print log, leaf_hash
+    tree_size = 5000000
+    proof = get_proof_by_hash(log, base64.b64decode(leaf_hash), tree_size)
+    leaf_index = proof["leaf_index"]
+    raw_entry = get_entries(log, leaf_index, leaf_index)["entries"][0]
+    cert = check_domain(raw_entry)
+    for line in cert:
+        print line
+
+
+# db = "./tmpdb/"
+db = DB_PATH
 
 if args.domain:
-    # db = db_open()
     raw = db_lookup_domain(db, args.domain)
 else:
     print "No domain selected!"
@@ -42,12 +75,10 @@ count_expired = 0
 count_not_yet_valid = 0
 count_all = 0
 for item in raw:
-    # print item + '}', type(item)
     try:
         entry = ast.literal_eval(item)
     except:
         print (item + '}').replace("'", '"')
-    # print entry, type(entry)
     success = True
     not_after_time = dt.strptime(entry["not_after"], "%b %d %H:%M:%S %Y GMT")
     not_before_time = dt.strptime(entry["not_before"], "%b %d %H:%M:%S %Y GMT")
@@ -94,6 +125,9 @@ for item in raw:
         else:
             print "(NOT VALID) " + s
 
+        if args.get_cert:
+            get_full_cert(entry)
+
 
 print str(count_all) + " matches found. " \
 + str(count_valid) + " valid, " \
@@ -101,27 +135,6 @@ print str(count_all) + " matches found. " \
 + str(count_not_yet_valid) + " not yet valid."
 
 
-# print res
-# print "Found " + str(len(res)) + " results"
-# print db.Get("wush.net")
-# print db.Get("wush.net")
-
-# f = open("output/cert_data.json")
-# max_count  = 1
-# for line in f:
-#     # print max_count
-#     # try:
-#     tmp = json.loads(line)
-#     # print tmp
-#     # d  = tmp["subject"].split("CN=")[1]
-#     db_add_cert(tmp)
-#     # print d
-
-#     max_count -= 1
-#     if max_count == 0:
-#         break
-
-