sct signature validation working

author: Josef Gustafsson <josef.gson@gmail.com> 2015-09-23 17:21:42 +0200
committer: Josef Gustafsson <josef.gson@gmail.com> 2015-09-23 17:21:42 +0200
commit: a503084f23a35de24ce09b2c9a60cbfafcefa9df (patch)
tree: 08ce73eecdf357f96d5c64e6362f207b774f688a /monitor
parent: e2de391a1f385da19bb4d22bfd90472841260630 (diff)
4 files changed, 78 insertions, 28 deletions
diff --git a/monitor/josef_experimental.py b/monitor/josef_experimental.py
index 97ea876..1119a22 100755
--- a/monitor/josef_experimental.py
+++ b/monitor/josef_experimental.py
@@ -105,8 +105,31 @@ def update_roots(log):
 
 if __name__ == '__main__':
 
-    for log in ctlogs:
-        update_roots(log)
+    # for log in ctlogs:
+    #     update_roots(log)
+
+    submission = ['MIIE1jCCA76gAwIBAgISESGwNq1DK/7r1wGrSndrRcJ9MA0GCSqGSIb3DQEBBQUAMC4xETAPBgNVBAoTCEFscGhhU1NMMRkwFwYDVQQDExBBbHBoYVNTTCBDQSAtIEcyMB4XDTE0MDYwNjEwMTYyNVoXDTE1MDYwNTEyMTE0NVowVTELMAkGA1UEBhMCR0IxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEjMCEGA1UEAwwad3d3LnNwZWNpYWxpc3QtdGFwZXMuY28udWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcGP5Pur9sf7kX0hVCAxydmUoke6quqcFjV1f+FsnOOTfliCxFn15Ezg1sbq0fFPK9tL8CWlewJO8vA0AIYAYTDyyWhaeNfHVdOR0Emus5u61NOibG24juB/KePrPy4KsCyYHeO9I4eaDgEJ4ha06RTusr49+UeQ04sKhSZLZbqIsAPUdUZrm+SwjHt0yBDrJGmQC0JueF6eGzcUwFG9Rdn++zi0si0n7j84JFjvzNXxsgHdiO0vGmeLsfizOC/cbU/4NYFDVML/Do6oimeleanTQDPj0Xt1DpAqC2cSI4C6IEBpy/kIo7Yy6qlC8c0qpVg8lAB8wDdx2qAr1Mq5i9AgMBAAGjggHFMIIBwTAOBgNVHQ8BAf8EBAMCBaAwSQYDVR0gBEIwQDA+BgZngQwBAgEwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wPQYDVR0RBDYwNIIad3d3LnNwZWNpYWxpc3QtdGFwZXMuY28udWuCFnNwZWNpYWxpc3QtdGFwZXMuY28udWswCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDIuYWxwaGFzc2wuY29tL2dzL2dzYWxwaGFnMi5jcmwwfwYIKwYBBQUHAQEEczBxMDwGCCsGAQUFBzAChjBodHRwOi8vc2VjdXJlMi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFnMi5jcnQwMQYIKwYBBQUHMAGGJWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhZzIwHQYDVR0OBBYEFPNVIQa7tlmkqxbVnJ+vcaz/7PQdMB8GA1UdIwQYMBaAFBTqGVXwDg0yxh90M7eOZhpMEjEeMA0GCSqGSIb3DQEBBQUAA4IBAQB4PzM03rndHWb3a02GzAZF3kLw6d0OkRM4PSIIwAT9KX1PgTAncD1JPGFCU1OQ0xyDCV/+iT8kKuGxW9fjEC/KiVSxJxZGfE3OiA6auquMOQB5X5GN0GW5uDocqKJE2i51Fj3zEqiJ3uIur+0Nk2TVUF1Q+5+/N8qEjmecb0mcLr75Lxa6IOAFYHmMdAt2gAjHegkcH7w53teM+QZw3usekqSeKiQKXUgrW8HWnr2+fumfuZeevtx3mcRBiHadj/UV+1PvCsxfSia/8Sw4CWWwWUCKYGdm1YBxCN1qK6yyOgS6guXPFnyKBHyQTV9AfLDW68tWGadmUiFQIEaLz0m5', 'MIIELzCCAxegAwIBAgILBAAAAAABL07hNwIwDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xMTA0MTMxMDAwMDBaFw0yMjA0MTMxMDAwMDBaMC4xETAPBgNVBAoTCEFscGhhU1NMMRkwFwYDVQQDExBBbHBoYVNTTCBDQSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/BliN8b3caChy/JC7pUxmM/RnWsSxQfmHKLHBD/CalSbi9l32WEP1+BstjxT9fwWrvJr9Ax3SZGKpme2KmjtrgHxMlx95WE79LqH1Sg5b7kQSFWMRBkfR5jjpxxXDygLt5n3MiaIPB1yLC2J4Hrlw3uIkWlwi80J+zgWRJRsx4F5Tgg0mlZelkXvhpLOQgSeTObZGj+WIHdiAxqulm0ryRPYeDK/Bda0jxyq6dMt7nqLeP0P5miTcgdWPh/UzWO1yKIt2F2CBMTaWawV1kTMQpwgiuT1/biQBXQHQFyxxNYalrsGYkWPODIjYYq+jfwNTLd7OX+gI73BWe0i0J1NQIDAQABo4IBIzCCAR8wDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFBTqGVXwDg0yxh90M7eOZhpMEjEeMEUGA1UdIAQ+MDwwOgYEVR0gADAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3dy5hbHBoYXNzbC5jb20vcmVwb3NpdG9yeS8wMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nbG9iYWxzaWduLm5ldC9yb290LmNybDA9BggrBgEFBQcBAQQxMC8wLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL3Jvb3RyMTAfBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQUFAAOCAQEABjBCm89JAn6J6fWDWj0C87yyRt5KUO65mpBz2qBcJsqCrA6ts5T6KC6y5kk/UHcOlS9o82U8nxTyaGCStvwEDfakGKFpYA3jnWhbvJ4LOFmNIdoj+pmKCbkfpy61VWxH50Hs5uJ/r1VEOeCsdO5l0/qrUUgw8T53be3kD0CY7kd/jbZYJ82Sb2AjzAKbWSh4olGd0Eqc5ZNemI/L7z/K/uCvpMlbbkBYpZItvV1lVcW/fARB2aS1gOmUYAIQOGoICNdTHC2Tr8kTe9RsxDrE+4CsuzpOVHrNTrM+7fH8EU6f9fMUvLmxMc72qi+l+MPpZqmyIJ3E+LgDYqeF0RhjWw==', 'MIIDdTCCAl2gAwIBAgILAgAAAAAA1ni3lAUwDQYJKoZIhvcNAQEEBQAwVzELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAwMDBaFw0xNDAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZjc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N89iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIABjAdBgNVHQ4EFgQUYHtmGkUNl8qJUC99BM00qP/8/UswDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEArqqf/LfSyx9fOSkoGJ40yWxPbxrwZKJwSk8ThptgKJ7ogUmYfQq75bCdPTbbjwVR/wkxKh/diXeeDy5slQTthsu0AD+EAk2AaioteAuubyuig0SDH81Qgkwkr733pbTIWg/050deSY43lv6aiAU62cDbKYfmGZZHpzqmjIs8d/5GY6dT2iHRrH5Jokvmw2dZL7OKDrssvamqQnw1wdh/1acxOk5jQzmvCLBhNIzTmKlDNPYPhyk7ncJWWJh3w/cbrPad+D6qp1RF8PX51TFl/mtYnHGzHtdS6jIX/EBgHcl5JLL2bP2oZg6C3ZjL2sJETy6ge/L3ayx2EYRGinij4w==']
+    leaf = base64.b64decode(submission[0])
+    # print leaf
+    # print base64.b64decode(submission[0])
+    # entry = json.loads('{"extra_data": "AAeyAAQzMIIELzCCAxegAwIBAgILBAAAAAABL07hNwIwDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xMTA0MTMxMDAwMDBaFw0yMjA0MTMxMDAwMDBaMC4xETAPBgNVBAoTCEFscGhhU1NMMRkwFwYDVQQDExBBbHBoYVNTTCBDQSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/BliN8b3caChy/JC7pUxmM/RnWsSxQfmHKLHBD/CalSbi9l32WEP1+BstjxT9fwWrvJr9Ax3SZGKpme2KmjtrgHxMlx95WE79LqH1Sg5b7kQSFWMRBkfR5jjpxxXDygLt5n3MiaIPB1yLC2J4Hrlw3uIkWlwi80J+zgWRJRsx4F5Tgg0mlZelkXvhpLOQgSeTObZGj+WIHdiAxqulm0ryRPYeDK/Bda0jxyq6dMt7nqLeP0P5miTcgdWPh/UzWO1yKIt2F2CBMTaWawV1kTMQpwgiuT1/biQBXQHQFyxxNYalrsGYkWPODIjYYq+jfwNTLd7OX+gI73BWe0i0J1NQIDAQABo4IBIzCCAR8wDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFBTqGVXwDg0yxh90M7eOZhpMEjEeMEUGA1UdIAQ+MDwwOgYEVR0gADAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3dy5hbHBoYXNzbC5jb20vcmVwb3NpdG9yeS8wMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nbG9iYWxzaWduLm5ldC9yb290LmNybDA9BggrBgEFBQcBAQQxMC8wLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL3Jvb3RyMTAfBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQUFAAOCAQEABjBCm89JAn6J6fWDWj0C87yyRt5KUO65mpBz2qBcJsqCrA6ts5T6KC6y5kk/UHcOlS9o82U8nxTyaGCStvwEDfakGKFpYA3jnWhbvJ4LOFmNIdoj+pmKCbkfpy61VWxH50Hs5uJ/r1VEOeCsdO5l0/qrUUgw8T53be3kD0CY7kd/jbZYJ82Sb2AjzAKbWSh4olGd0Eqc5ZNemI/L7z/K/uCvpMlbbkBYpZItvV1lVcW/fARB2aS1gOmUYAIQOGoICNdTHC2Tr8kTe9RsxDrE+4CsuzpOVHrNTrM+7fH8EU6f9fMUvLmxMc72qi+l+MPpZqmyIJ3E+LgDYqeF0RhjWwADeTCCA3UwggJdoAMCAQICCwIAAAAAANZ4t5QFMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwHhcNOTgwOTAxMTIwMDAwWhcNMTQwMTI4MTIwMDAwWjBXMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UECxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2g7mmY3Oo+NPin778YuDJWvqSB/xKrC5lREEvfBj0eJnZs8c3c8bSCvujYmOmq8pgGWr6cctEsurHExwB6E9CjDNFY1P+N3UjFAVHO9Q7sQu9/zpUvKRfeBt1TUwjl5Dc/JB6dVq47KJOlY5OG8GPIhpWypNxadUuGyJzJv5PMrl/Yn1EjySeJbW3HRuk0Rh0Y3HRrJ1DoboGYrVbWzVeBaVounICjjr8iQTT3NUkxOFOhu8HjS1iwWMuXeLsdsfIJGrCVNukM57N3S5cEeRIlFjFnmusa5BJgjIGSvRRqpI1mQq14M0/ywqwWwZQ0oHhefTfPYhaO/q8lKff5OQzwIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAAYwHQYDVR0OBBYEFGB7ZhpFDZfKiVAvfQTNNKj//P1LMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADggEBAK6qn/y30ssfXzkpKBieNMlsT28a8GSicEpPE4abYCie6IFJmH0Ku+WwnT02248FUf8JMSof3Yl3ng8ubJUE7YbLtAA/hAJNgGoqLXgLrm8rooNEgx/NUIJMJK+996W0yFoP9OdHXkmON5b+mogFOtnA2ymH5hmWR6c6poyLPHf+RmOnU9oh0ax+SaJL5sNnWS+zig67LL2pqkJ8NcHYf9WnMTpOY0M5rwiwYTSM05ipQzT2D4cpO53CVliYd8P3G6z2nfg+qqdURfD1+dUxZf5rWJxxsx7XUuoyF/xAYB3JeSSy9mz9qGYOgt2Yy9rCRE8uoHvy92ssdhGERop4o+M=", "leaf_input": "AAAAAAFNYSr/0QAAAATaMIIE1jCCA76gAwIBAgISESGwNq1DK/7r1wGrSndrRcJ9MA0GCSqGSIb3DQEBBQUAMC4xETAPBgNVBAoTCEFscGhhU1NMMRkwFwYDVQQDExBBbHBoYVNTTCBDQSAtIEcyMB4XDTE0MDYwNjEwMTYyNVoXDTE1MDYwNTEyMTE0NVowVTELMAkGA1UEBhMCR0IxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEjMCEGA1UEAwwad3d3LnNwZWNpYWxpc3QtdGFwZXMuY28udWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcGP5Pur9sf7kX0hVCAxydmUoke6quqcFjV1f+FsnOOTfliCxFn15Ezg1sbq0fFPK9tL8CWlewJO8vA0AIYAYTDyyWhaeNfHVdOR0Emus5u61NOibG24juB/KePrPy4KsCyYHeO9I4eaDgEJ4ha06RTusr49+UeQ04sKhSZLZbqIsAPUdUZrm+SwjHt0yBDrJGmQC0JueF6eGzcUwFG9Rdn++zi0si0n7j84JFjvzNXxsgHdiO0vGmeLsfizOC/cbU/4NYFDVML/Do6oimeleanTQDPj0Xt1DpAqC2cSI4C6IEBpy/kIo7Yy6qlC8c0qpVg8lAB8wDdx2qAr1Mq5i9AgMBAAGjggHFMIIBwTAOBgNVHQ8BAf8EBAMCBaAwSQYDVR0gBEIwQDA+BgZngQwBAgEwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wPQYDVR0RBDYwNIIad3d3LnNwZWNpYWxpc3QtdGFwZXMuY28udWuCFnNwZWNpYWxpc3QtdGFwZXMuY28udWswCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDIuYWxwaGFzc2wuY29tL2dzL2dzYWxwaGFnMi5jcmwwfwYIKwYBBQUHAQEEczBxMDwGCCsGAQUFBzAChjBodHRwOi8vc2VjdXJlMi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFnMi5jcnQwMQYIKwYBBQUHMAGGJWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhZzIwHQYDVR0OBBYEFPNVIQa7tlmkqxbVnJ+vcaz/7PQdMB8GA1UdIwQYMBaAFBTqGVXwDg0yxh90M7eOZhpMEjEeMA0GCSqGSIb3DQEBBQUAA4IBAQB4PzM03rndHWb3a02GzAZF3kLw6d0OkRM4PSIIwAT9KX1PgTAncD1JPGFCU1OQ0xyDCV/+iT8kKuGxW9fjEC/KiVSxJxZGfE3OiA6auquMOQB5X5GN0GW5uDocqKJE2i51Fj3zEqiJ3uIur+0Nk2TVUF1Q+5+/N8qEjmecb0mcLr75Lxa6IOAFYHmMdAt2gAjHegkcH7w53teM+QZw3usekqSeKiQKXUgrW8HWnr2+fumfuZeevtx3mcRBiHadj/UV+1PvCsxfSia/8Sw4CWWwWUCKYGdm1YBxCN1qK6yyOgS6guXPFnyKBHyQTV9AfLDW68tWGadmUiFQIEaLz0m5AAA="}')
+    # print my_get_all_cert_info(leaf)
+    precert = False
+
+    # if issuer_key_hash:
+    #         signed_entry = pack_precert(leaf, issuer_key_hash)
+    #     else:
+    signed_entry = pack_cert(leaf)
+
+    log = {
+    "name" : "pilot",
+    "url" : "https://ct.googleapis.com/pilot/",
+    "key" : "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfahLEimAoz2t01p3uMziiLOl/fHTDM0YDOhBRuiBARsV4UvxG2LdNgoIGLrtCzWE0J5APC2em4JlvR8EEEFMoA==",
+    "id" : "pLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BA="}
+    
+
 
 
+    sct = json.loads('{"timestamp": 1419573511033, "signature": "BAMARzBFAiAz6UTsDV6PcHdW/iZ1JqeF91KbjrpG2ubRVW0z5trPIwIhANtReTFlwkxDfVIvGscTdDk5monwBL702DkYd0oKM0xE", "sct_version": 0, "id": "pLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BA=", "extensions": ""}')
 
+    check_sct_signature(log["url"], signed_entry, sct, precert, base64.b64decode(log["key"]))
diff --git a/monitor/josef_mover.py b/monitor/josef_mover.py
index 5fb22da..bc7f4a0 100755
--- a/monitor/josef_mover.py
+++ b/monitor/josef_mover.py
@@ -7,6 +7,7 @@ import datetime
 import os
 import json
 
+from precerttools import cleanprecert
 from monitor_conf import *
 from josef_lib import *
 
@@ -14,7 +15,8 @@ def print_reply(rep, entry, precert):
     t = datetime.datetime.fromtimestamp(rep['timestamp'] / 1000, UTC()).strftime("%Y-%m-%d %H:%M:%S")
     log_id = rep["id"]
 
-    # print res
+    # print json.dumps(rep)
+    # print entry
 
     print "Time:", t
 
@@ -27,17 +29,30 @@ def print_reply(rep, entry, precert):
     
     print "Log:", l["name"]
 
-    # check_sct_signature(log["url"], entry, rep, precert, log["key"])
+    if precert:
+        print "Type: Precert"
+        print base64.b64encode(entry[2])
+        signed_entry = pack_precert(cleanprecert(entry[0][0]), entry[2])
+    else:
+        print "Type: Cert"
+        signed_entry = pack_cert(entry[0][0])
+
+    key = base64.b64decode(log["key"])
 
-    # print "Signature: CHECKING NOT IMPLEMENTED YET!"
-    # print ""
+    # try:
+    check_sct_signature(log["url"], signed_entry, rep, precert, key)
+    print "Signature: OK"
+    # except:
+    #     print "Could not verify signature!"
 
+    print ""
 
-source = ctlogs[0]
-dests = [ctlogs[1]]
 
-first = 153357
-last = 154357
+source = ctlogs[1]
+dests = [ctlogs[0]]
+
+first = 153363
+last = 153365
 
 entries = get_entries(source["url"], first, last)["entries"]
 
@@ -46,7 +61,9 @@ entries = get_entries(source["url"], first, last)["entries"]
 for log in dests:
     for item in entries:
         try:
+            # print item
             entry = extract_original_entry(item)
+            # print entry[2]
             if entry[2]:
                 precert = True
             else:
@@ -60,13 +77,14 @@ for log in dests:
                 res = add_prechain(log["url"], {"chain" : submission})
             else:
                 res = add_chain(log["url"], {"chain" : submission})
-
+            print res
+            # print submission
             print_reply(res, entry, precert)
-            time.sleep(5)
+            # time.sleep(5)
         except KeyboardInterrupt:
             break
-        except:
-            print "FAILED!"
+        # except:
+        #     print "FAILED!"
 
 
 
diff --git a/monitor/monitor_conf.py b/monitor/monitor_conf.py
index 57a245f..ffdb1bf 100644
--- a/monitor/monitor_conf.py
+++ b/monitor/monitor_conf.py
@@ -11,6 +11,7 @@ OUTPUT_DIR = "output/"
 DEFAULT_CERT_FILE = None
 # DEFAULT_CERT_FILE = OUTPUT_DIR + "cert_data.json"
 
+# Set to None to disable database writing
 DOMAINS_FILE = OUTPUT_DIR + "domains.json"
 
 # Set to None to disable database output
@@ -29,20 +30,20 @@ MONITORED_DOMAINS = [
 
 # CT logs and associated keys
 ctlogs = [
-    # {"name" : "pilot",
-    # "url" : "https://ct.googleapis.com/pilot/",
-    # "key" : "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfahLEimAoz2t01p3uMziiLOl/fHTDM0YDOhBRuiBARsV4UvxG2LdNgoIGLrtCzWE0J5APC2em4JlvR8EEEFMoA==",
-    # "id" : "pLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BA="},
-
-    # {"name" : "plausible",
-    # "url" : "https://plausible.ct.nordu.net/",
-    # "key" : "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE9UV9+jO2MCTzkabodO2F7LM03MUBc8MrdAtkcW6v6GA9taTTw9QJqofm0BbdAsbtJL/unyEf0zIkRgXjjzaYqQ==",
-    # "id" : "qucLfzy41WbIbC8Wl5yfRF9pqw60U1WJsvd6AwEE880="},
-
-    # {"name" : "digicert",
-    # "url" : "https://ct1.digicert-ct.com/log/",
-    # "key" : "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAkbFvhu7gkAW6MHSrBlpE1n4+HCFRkC5OLAjgqhkTH+/uzSfSl8ois8ZxAD2NgaTZe1M9akhYlrYkes4JECs6A==",
-    # "id" : "VhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0="},
+    {"name" : "pilot",
+    "url" : "https://ct.googleapis.com/pilot/",
+    "key" : "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfahLEimAoz2t01p3uMziiLOl/fHTDM0YDOhBRuiBARsV4UvxG2LdNgoIGLrtCzWE0J5APC2em4JlvR8EEEFMoA==",
+    "id" : "pLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BA="},
+
+    {"name" : "plausible",
+    "url" : "https://plausible.ct.nordu.net/",
+    "key" : "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE9UV9+jO2MCTzkabodO2F7LM03MUBc8MrdAtkcW6v6GA9taTTw9QJqofm0BbdAsbtJL/unyEf0zIkRgXjjzaYqQ==",
+    "id" : "qucLfzy41WbIbC8Wl5yfRF9pqw60U1WJsvd6AwEE880="},
+
+    {"name" : "digicert",
+    "url" : "https://ct1.digicert-ct.com/log/",
+    "key" : "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAkbFvhu7gkAW6MHSrBlpE1n4+HCFRkC5OLAjgqhkTH+/uzSfSl8ois8ZxAD2NgaTZe1M9akhYlrYkes4JECs6A==",
+    "id" : "VhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0="},
 
     {"name" : "izenpe",
     "url" : "https://ct.izenpe.com/",
diff --git a/monitor/verify_sct.py b/monitor/verify_sct.py
index 54b08c7..e9bac19 100755
--- a/monitor/verify_sct.py
+++ b/monitor/verify_sct.py
@@ -217,6 +217,14 @@ def ReadSCT( SCT ):
     File.write( SCTSignature )
     File.close()
 
+    # from josef_lib import check_sct_signature
+    # k = PubKey.replace('\n','').split('-')[10]
+    # print "\n\n START-------------"
+    # print base64.b64encode(SCTSignature)
+    # print base64.b64encode(Data)
+    # sct = {"id":Base64LogID, "signature":base64.b64encode(SCTSignature), "sct_version":0, "timestamp":SCTTimestamp,"extensions":""}
+    # print check_sct_signature(None, base64.b64encode(Data), sct, True, base64.b64decode(k))
+
     Args = [ OPENSSL_PATH ] 
     Args.extend( [ "dgst", "-sha256", "-verify", "tmp-pubkey.pem", "-signature", "tmp-signature.bin", "tmp-signeddata.bin" ] )
author	Josef Gustafsson <josef.gson@gmail.com>	2015-09-23 17:21:42 +0200
committer	Josef Gustafsson <josef.gson@gmail.com>	2015-09-23 17:21:42 +0200
commit	a503084f23a35de24ce09b2c9a60cbfafcefa9df (patch)
tree	08ce73eecdf357f96d5c64e6362f207b774f688a /monitor
parent	e2de391a1f385da19bb4d22bfd90472841260630 (diff)