diff options
Diffstat (limited to 'tools/storagegc.py')
| -rwxr-xr-x | tools/storagegc.py | 85 |
1 files changed, 0 insertions, 85 deletions
diff --git a/tools/storagegc.py b/tools/storagegc.py deleted file mode 100755 index a4f15b7..0000000 --- a/tools/storagegc.py +++ /dev/null @@ -1,85 +0,0 @@ -#!/usr/bin/env python - -# Copyright (c) 2015, NORDUnet A/S. -# See LICENSE for licensing information. - -import argparse -import urllib2 -import urllib -import json -import base64 -import sys -import yaml -from certtools import * - -parser = argparse.ArgumentParser(description='') -parser.add_argument('--config', help="System configuration", required=True) -parser.add_argument('--localconfig', help="Local configuration", required=True) -args = parser.parse_args() - -config = yaml.load(open(args.config)) -localconfig = yaml.load(open(args.localconfig)) - -paths = localconfig["paths"] -db_path = paths["db"] -create_ssl_context(cafile=paths.get("public_cacertfile", None)) - -baseurl = config["baseurl"] - -sth = get_sth(baseurl) - -def verifyleafhash(leaf_hash): - try: - proof = get_proof_by_hash(baseurl, leaf_hash, sth["tree_size"]) - except SystemExit: - return False - - leaf_index = proof["leaf_index"] - inclusion_proof = [base64.b64decode(e) for e in proof["audit_path"]] - - calc_root_hash = verify_inclusion_proof(inclusion_proof, leaf_index, sth["tree_size"], leaf_hash) - - root_hash = base64.b64decode(sth["sha256_root_hash"]) - if root_hash != calc_root_hash: - print "sth calculation incorrect:" - print base64.b16encode(root_hash) - print base64.b16encode(calc_root_hash) - sys.exit(1) - - return True - -starttime = datetime.datetime.now() - - -try: - lastverifiedstring = open(db_path + "lastverifiednewentry").read() - lastverified = json.loads(lastverifiedstring) -except IOError: - lastverified = {"index": -1, "hash": None} -print "starting at", lastverified - -newentriesfile = open(db_path + "newentries") -if lastverified["index"] >= 0: - newentriesfile.seek(lastverified["index"]*65) - assert(newentriesfile.read(64).lower() == lastverified["hash"]) -newentriesfile.seek((lastverified["index"]+1)*65) - -try: - i = lastverified["index"] + 1 - sincewritten = 0 - for line in newentriesfile: - leaf_hash = base64.b16decode(line.strip(), casefold=True) - result = verifyleafhash(leaf_hash) - if not result: - break - lastverified = {"index": i, "hash": base64.b16encode(leaf_hash).lower()} - i += 1 - sincewritten += 1 - if sincewritten > 1000: - write_file(db_path + "lastverifiednewentry", lastverified) - sincewritten = 0 - if lastverified["index"] >= 0: - write_file(db_path + "lastverifiednewentry", lastverified) - print "lastverified", lastverified -except KeyboardInterrupt: - pass |