2 files changed, 43 insertions, 36 deletions

diff --git a/monitor/josef_experimental.py b/monitor/josef_experimental.py
index a306d11..46e4b2e 100755
--- a/monitor/josef_experimental.py
+++ b/monitor/josef_experimental.py
@@ -11,36 +11,41 @@ from datetime import datetime as dt
 
 
 
-# parser = argparse.ArgumentParser(description="")
-# parser.add_argument('--domain', default=None, help="RTFM")
-# parser.add_argument('--log', default=None, help="RTFM")
-# parser.add_argument('--exclude-expired', action='store_true', help="RTFM")
-
-# args = parser.parse_args()
-
-monitored_domains = [
-    "google.com",
-    "preishelden.de",
-    "liu.se",
-    "nordu.net",
-    "symantec.com",
-]
-
-
-# db = db_open("./tmpdatabase")
-
-# db_add_domain_2(db, "www.cox.a.com", "{dummydata}")
-# print db_lookup_domain(db, "www.cox.a.com")
-# db_add_domain_2(db, "www.cox.b.com", "{dummydata}")
-# print db_lookup_domain(db, "www.cox.b.com")
-# print db.Get("www.cox.b.com")
-db_add_domain_2("./tmpdb/", "www.cox.a.com", "{'leaf_hash':'123456'}")
-# db_add_domain_2("./tmpdatabase/", "www.ct.nordu.net", "{dummydata1}")
-print db_lookup_domain("./tmpdb/", "www.cox.a.com")
-# print db.Get("com")
-# print db.Get("a.com")
-# print db.Get("cox.a.com")
-# print db.Get("www.cox.a.com")
-
-
-
+f = open("sct_example")
+s = f.read()
+sctentry = json.loads(s)
+sct = sctentry["sct"]
+# print sct
+
+baseurl = None
+logpublickey = get_public_key_from_file("sct_example_logkey.pem")
+# print key
+# print base64.b64encode(key)
+# keyhash = hashlib.sha256(key).digest()
+# print base64.b64encode(keyhash)
+
+# print check_sct_signature(None, sctentry, sct, False, key)
+
+
+timing = timing_point()
+
+leafcert = base64.b64decode(sctentry["leafcert"])
+if "issuer_key_hash" in sctentry:
+    issuer_key_hash = base64.b64decode(sctentry["issuer_key_hash"])
+else:
+    issuer_key_hash = None
+try:
+    if issuer_key_hash:
+        signed_entry = pack_precert(leafcert, issuer_key_hash)
+    else:
+        signed_entry = pack_cert(leafcert)
+    check_sct_signature(baseurl, signed_entry, sctentry["sct"], precert=issuer_key_hash, publickey=logpublickey)
+    timing_point(timing, "checksig")
+except AssertionError, e:
+    print "ERROR:", e
+except urllib2.HTTPError, e:
+    print "ERROR:", e
+except ecdsa.keys.BadSignatureError, e:
+    print "ERROR: bad signature"
+
+# print sctentry
diff --git a/monitor/josef_lib.py b/monitor/josef_lib.py
index 7eca306..f886b6d 100644
--- a/monitor/josef_lib.py
+++ b/monitor/josef_lib.py
@@ -447,11 +447,13 @@ def check_sct_signature(baseurl, signed_entry, sct, precert=False, publickey=Non
     if publickey == None:
         publickey = base64.decodestring(publickeys[baseurl])
     calculated_logid = hashlib.sha256(publickey).digest()
-    received_logid = base64.decodestring(sct["id"])
+    received_logid = base64.b64decode(sct["id"])
     assert calculated_logid == received_logid, \
         "log id is incorrect:\n  should be %s\n        got %s" % \
-        (calculated_logid.encode("hex_codec"),
-         received_logid.encode("hex_codec"))
+        (base64.b64encode(calculated_logid),
+         base64.b64encode(received_logid))
+        # (calculated_logid.encode("hex_codec"),
+        #  received_logid.encode("hex_codec"))
 
     signature = base64.decodestring(sct["signature"])