#!/usr/bin/python
# -*- coding: utf-8 -*-     

import sys
from josef_lib import *
import leveldb
import argparse
import json
from josef_leveldb import *
from datetime import datetime as dt
from josef_monitor import verify_inclusion_by_hash


def verify_sct(baseurl, sctentry, key, sth_in=None):
    if sth_in is None:
        if baseurl:
            sth = get_sth(baseurl)
        else:
            print "No sth provided!"
    else:
        sth = sth_in

    # Verify signature
    leafcert = base64.b64decode(sctentry["leafcert"])
    if "issuer_key_hash" in sctentry:
        issuer_key_hash = base64.b64decode(sctentry["issuer_key_hash"])
    else:
        issuer_key_hash = None
    try:
        if issuer_key_hash:
            signed_entry = pack_precert(leafcert, issuer_key_hash)
        else:
            signed_entry = pack_cert(leafcert)
        check_sct_signature(baseurl, signed_entry, sctentry["sct"], precert=issuer_key_hash, publickey=key)
        print "Signature OK"
    except AssertionError, e:
        print "ERROR:", e
    except urllib2.HTTPError, e:
        print "ERROR:", e
    except ecdsa.keys.BadSignatureError, e:
        print "ERROR: bad signature"
    
    # Verify inclusion
    h = get_leaf_hash(base64.b64decode(sctentry["leafcert"]))
    
    verify_inclusion_by_hash("https://localhost:8080/", h)





if __name__ == '__main__':