From cc06b25e43deeee70418a1ee9f6271ed9fed0c83 Mon Sep 17 00:00:00 2001
From: josef <josef.gson@gmail.com>
Date: Mon, 19 Oct 2015 12:08:03 +0200
Subject: adding script for inclusion checking by submitting to all logs and
 checking timestamp age

---
 monitor/josef_mover.py | 134 +++++++++++++++++++++++++++++++++++--------------
 1 file changed, 96 insertions(+), 38 deletions(-)

(limited to 'monitor/josef_mover.py')

diff --git a/monitor/josef_mover.py b/monitor/josef_mover.py
index 34680d8..436e6b4 100755
--- a/monitor/josef_mover.py
+++ b/monitor/josef_mover.py
@@ -16,14 +16,19 @@ def print_reply(rep, entry):
     log_id = rep["id"]
 
 
-    for log in ctlogs:
+    for log in CTLOGS:
         if str(log_id) == log["id"]:
             l = log
             break
     else:
         l = {"name" : "Log not found" + log_id}
     
-    print "Time:", t
+    s = "Time:", t
+    if is_new_timestamp(rep["timestamp"]):
+        print s, "(NEW)"
+    else:
+        print s, "(OLD)"
+
 
     if entry[2]:
         print "Type: Precert"
@@ -42,43 +47,96 @@ def print_reply(rep, entry):
 
     print ""
 
+def is_new_timestamp(ts):
+    MAX_TIMEDIFF = 300 # 5 min, allows for some clock skew
+    ts_time = datetime.datetime.fromtimestamp(ts / 1000, UTC()).strftime('%Y-%m-%d %H:%M:%S')
+    cur_time = datetime.datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S')
+    delta_time = datetime.datetime.strptime(cur_time, '%Y-%m-%d %H:%M:%S') - datetime.datetime.strptime(ts_time, '%Y-%m-%d %H:%M:%S')
+    # print delta_time.seconds
+    if delta_time.seconds > MAX_TIMEDIFF:
+        return False
+    else:
+        return True
+
+def check_inclusion_all(first, last, source, dest):
+    for s_log in source:
+        url = s_log["url"]
+        entries = []
+        while len(entries) + first != last + 1:
+            entries += get_entries(url, str(first + len(entries)), last)["entries"]
+            # print "Got " + str(len(entries)) + " entries..."
+
+        for e in entries:
+            inclusions = []
+            print base64.b64decode(e["leaf_input"])
+            h = get_leaf_hash(base64.b64decode(e["leaf_input"]))
+            for log in dest:
+                url = log["url"]
+                if verify_inclusion_by_hash(url, h):
+                    inclusions.append(log["name"])
+            print "Entry found in " + str(len(inclusions)) + " logs: ", inclusions
+                    # success = False
+
+            # if success:
+            #     print time.strftime("%H:%M:%S") + " Verifying inclusion for " + str(len(entries)) + " new entries in " + url + " ...OK"
+            # else:
+            #     print time.strftime('%H:%M:%S') + " ERROR: Failed to prove inclusion of all new entries in " + url
+            #     errors.append(time.strftime('%H:%M:%S') + " ERROR: Failed to prove inclusion of all new entries in " + url)
+    # except:
+    #     print time.strftime('%H:%M:%S') + " ERROR: Failed to prove inclusion of all new entries in " + url
+
+def move_entry(first, last, source, dest):
+    # print entries
+    for s_log in source:
+        entries = get_entries(s_log["url"], first, last)["entries"]
+        print "\n\nSource: " + s_log["name"] + "\n"
+        for i in range(len(entries)):
+        # for item in entries:
+            item = entries[i]
+            inclusions = []
+            for d_log in dests:
+                print "Log: " + d_log["name"]
+                try:
+                    entry = extract_original_entry(item)
+                    if entry[2]:
+                        precert = True
+                    else:
+                        precert = False
+                    submission = []
+
+                    for e in entry[0]:
+                        submission.append(base64.b64encode(e))
+
+                    if entry[2]:
+                        res = add_prechain(d_log["url"], {"chain" : submission})
+                    else:
+                        res = add_chain(d_log["url"], {"chain" : submission})
+                    print_reply(res, entry)
+
+                    if not is_new_timestamp(res["timestamp"]):
+                        inclusions.append(d_log["name"])
+
+                    # time.sleep(5)
+                except KeyboardInterrupt:
+                    sys.exit()
+                except:
+                    print "FAILED!\n"
+            print s_log["name"] + "[" + str(first + i) + "] found in " + str(len(inclusions)) + " logs: ", inclusions
+
+
+if __name__ == "__main__":
+    source = [CTLOGS[0]]
+    dests = CTLOGS
+    # source = ctlogs
+    # dests = ctlogs
+
+    first = 100
+    last = 101
+
+    move_entry(first, last, source,dests)
+    # check_inclusion_all(first,last,source, dests)
+
 
-source = [ctlogs[0]]
-dests = [ctlogs[0]]
-# source = ctlogs
-# dests = ctlogs
-
-first = 0
-last = 1
-
-# print entries
-for s_log in source:
-    entries = get_entries(s_log["url"], first, last)["entries"]
-    print "\n\nSource: " + s_log["name"] + "\n"
-    for d_log in dests:
-        for item in entries:
-            print "Log: " + d_log["name"]
-            try:
-                entry = extract_original_entry(item)
-                if entry[2]:
-                    precert = True
-                else:
-                    precert = False
-                submission = []
-
-                for e in entry[0]:
-                    submission.append(base64.b64encode(e))
-
-                if entry[2]:
-                    res = add_prechain(d_log["url"], {"chain" : submission})
-                else:
-                    res = add_chain(d_log["url"], {"chain" : submission})
-                print_reply(res, entry)
-                # time.sleep(5)
-            except KeyboardInterrupt:
-                sys.exit()
-            except:
-                print "FAILED!\n"
 
 
 
-- 
cgit v1.1