#!/usr/bin/python
# -*- coding: utf-8 -*-     

import sys
from josef_lib import *
import leveldb
import argparse
import json
from josef_leveldb import *
from datetime import datetime as dt
from josef_monitor import verify_inclusion_by_hash


def verify_sct(baseurl, sctentry, key, sth_in=None):
    if sth_in is None:
        if baseurl:
            sth = get_sth(baseurl)
        else:
            print "No sth provided!"
    else:
        sth = sth_in

    # Verify signature
    leafcert = base64.b64decode(sctentry["leafcert"])
    if "issuer_key_hash" in sctentry:
        issuer_key_hash = base64.b64decode(sctentry["issuer_key_hash"])
    else:
        issuer_key_hash = None
    try:
        if issuer_key_hash:
            signed_entry = pack_precert(leafcert, issuer_key_hash)
        else:
            signed_entry = pack_cert(leafcert)
        check_sct_signature(baseurl, signed_entry, sctentry["sct"], precert=issuer_key_hash, publickey=key)
        print "Signature OK"
    except AssertionError, e:
        print "ERROR:", e
    except urllib2.HTTPError, e:
        print "ERROR:", e
    except ecdsa.keys.BadSignatureError, e:
        print "ERROR: bad signature"
    
    # Verify inclusion
    h = get_leaf_hash(base64.b64decode(sctentry["leafcert"]))
    
    verify_inclusion_by_hash("https://localhost:8080/", h)





if __name__ == '__main__':
    f = open("sct_example")
    s = f.read()
    sctentry = json.loads(s)

    logpublickey = get_public_key_from_file("sct_example_logkey.pem")
    if "sth" in sctentry:
        print "found sth in sct"
        sth = sctentry["sth"]
    else:
        sth = None


    verify_sct(None, sctentry, logpublickey, sth)


    # print sctentry
    # print base64.b64decode(sctentry["leafcert"])
    # print base64.b64decode(get_entries("https://plausible.ct.nordu.net:/", 1234,1234)["entries"][0]["leaf_input"])