summaryrefslogtreecommitdiff
path: root/monitor/josef_experimental.py
diff options
context:
space:
mode:
Diffstat (limited to 'monitor/josef_experimental.py')
-rwxr-xr-xmonitor/josef_experimental.py71
1 files changed, 38 insertions, 33 deletions
diff --git a/monitor/josef_experimental.py b/monitor/josef_experimental.py
index a306d11..46e4b2e 100755
--- a/monitor/josef_experimental.py
+++ b/monitor/josef_experimental.py
@@ -11,36 +11,41 @@ from datetime import datetime as dt
-# parser = argparse.ArgumentParser(description="")
-# parser.add_argument('--domain', default=None, help="RTFM")
-# parser.add_argument('--log', default=None, help="RTFM")
-# parser.add_argument('--exclude-expired', action='store_true', help="RTFM")
-
-# args = parser.parse_args()
-
-monitored_domains = [
- "google.com",
- "preishelden.de",
- "liu.se",
- "nordu.net",
- "symantec.com",
-]
-
-
-# db = db_open("./tmpdatabase")
-
-# db_add_domain_2(db, "www.cox.a.com", "{dummydata}")
-# print db_lookup_domain(db, "www.cox.a.com")
-# db_add_domain_2(db, "www.cox.b.com", "{dummydata}")
-# print db_lookup_domain(db, "www.cox.b.com")
-# print db.Get("www.cox.b.com")
-db_add_domain_2("./tmpdb/", "www.cox.a.com", "{'leaf_hash':'123456'}")
-# db_add_domain_2("./tmpdatabase/", "www.ct.nordu.net", "{dummydata1}")
-print db_lookup_domain("./tmpdb/", "www.cox.a.com")
-# print db.Get("com")
-# print db.Get("a.com")
-# print db.Get("cox.a.com")
-# print db.Get("www.cox.a.com")
-
-
-
+f = open("sct_example")
+s = f.read()
+sctentry = json.loads(s)
+sct = sctentry["sct"]
+# print sct
+
+baseurl = None
+logpublickey = get_public_key_from_file("sct_example_logkey.pem")
+# print key
+# print base64.b64encode(key)
+# keyhash = hashlib.sha256(key).digest()
+# print base64.b64encode(keyhash)
+
+# print check_sct_signature(None, sctentry, sct, False, key)
+
+
+timing = timing_point()
+
+leafcert = base64.b64decode(sctentry["leafcert"])
+if "issuer_key_hash" in sctentry:
+ issuer_key_hash = base64.b64decode(sctentry["issuer_key_hash"])
+else:
+ issuer_key_hash = None
+try:
+ if issuer_key_hash:
+ signed_entry = pack_precert(leafcert, issuer_key_hash)
+ else:
+ signed_entry = pack_cert(leafcert)
+ check_sct_signature(baseurl, signed_entry, sctentry["sct"], precert=issuer_key_hash, publickey=logpublickey)
+ timing_point(timing, "checksig")
+except AssertionError, e:
+ print "ERROR:", e
+except urllib2.HTTPError, e:
+ print "ERROR:", e
+except ecdsa.keys.BadSignatureError, e:
+ print "ERROR: bad signature"
+
+# print sctentry
generated by cgit v1.1 at 2025-12-05 19:58:38 +0000