1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
#!/usr/bin/python
# -*- coding: utf-8 -*-
import time
import base64
import urllib
import urllib2
import sys
# from pympler.asizeof import asizeof
from certtools import *
def reduce_leafs_to_root(layer0):
if len(layer0) == 0:
return [[hashlib.sha256().digest()]]
current_layer = layer0
while len(current_layer) > 1:
current_layer = next_merkle_layer(current_layer)
return current_layer
def reduce_layer(layer):
new_layer = []
while len(layer) > 1:
e1 = layer.pop(0)
e2 = layer.pop(0)
new_layer.append(internal_hash((e1,e2)))
return new_layer
def reduce_tree(entries, layers):
if len(entries) == 0 and layers is []:
return [[hashlib.sha256().digest()]]
layer_idx = 0
layers[layer_idx] += entries
while len(layers[layer_idx]) > 1:
if len(layers) == layer_idx + 1:
layers.append([])
layers[layer_idx + 1] += reduce_layer(layers[layer_idx])
layer_idx += 1
return layers
def reduce_subtree_to_root(layers):
while len(layers) > 1:
layers[1] += next_merkle_layer(layers[0])
del layers[0]
if len(layers[0]) > 1:
return next_merkle_layer(layers[0])
return layers[0]
def get_proof_by_index(baseurl, index, tree_size):
try:
params = urllib.urlencode({"leaf_index":index,
"tree_size":tree_size})
result = \
urlopen(baseurl + "ct/v1/get-entry-and-proof?" + params).read()
return json.loads(result)
except urllib2.HTTPError, e:
print "ERROR:", e.read()
sys.exit(1)
base_urls = ["https://plausible.ct.nordu.net/",
"https://ct1.digicert-ct.com/log/",
"https://ct.izenpe.com/",
"https://log.certly.io/",
"https://ctlog.api.venafi.com/",
"https://ct.googleapis.com/aviator/",
"https://ct.googleapis.com/pilot/",
"https://ct.googleapis.com/rocketeer/",
]
logkeys = {}
logkeys["https://plausible.ct.nordu.net/"] = get_public_key_from_file("../../plausible-logkey.pem")
logkeys["https://ct.googleapis.com/rocketeer/"] = get_public_key_from_file("../../rocketeer-logkey.pem")
logkeys["https://ct.googleapis.com/aviator/"] = get_public_key_from_file("../../aviator-logkey.pem")
logkeys["https://ct.googleapis.com/pilot/"] = get_public_key_from_file("../../pilot-logkey.pem")
logkeys["https://log.certly.io/"] = get_public_key_from_file("../../certly-logkey.pem")
logkeys["https://ct.izenpe.com/"] = get_public_key_from_file("../../izenpe-logkey.pem")
logkeys["https://ct1.digicert-ct.com/log/"] = get_public_key_from_file("../../digicert-logkey.pem")
logkeys["https://ctlog.api.venafi.com/"] = get_public_key_from_file("../../venafi-logkey.pem")
from Crypto import Signature
sth = get_sth(base_urls[4])
print sth
|