diff options
author | Magnus Ahltorp <map@kth.se> | 2014-09-23 02:48:07 +0200 |
---|---|---|
committer | Magnus Ahltorp <map@kth.se> | 2014-09-23 02:48:07 +0200 |
commit | 560bcebb4cf64aea915331a55013b21696bfce5d (patch) | |
tree | 6f33b897fa1d95361fe7795cfc9e0c17d82a7e53 /tools/certtools.py | |
parent | b9918d56ad4ae409e2bbf7cf71cb94b42b3ccee9 (diff) |
Added submitcert.py
Diffstat (limited to 'tools/certtools.py')
-rw-r--r-- | tools/certtools.py | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/tools/certtools.py b/tools/certtools.py new file mode 100644 index 0000000..9d24c36 --- /dev/null +++ b/tools/certtools.py @@ -0,0 +1,74 @@ +import subprocess +import json +import base64 +import urllib +import urllib2 +import struct + +def get_cert_info(s): + p = subprocess.Popen(["openssl", "x509", "-noout", "-subject", "-issuer", "-inform", "der"], + stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE) + parsed = p.communicate(s) + if parsed[1]: + print "error:", parsed[1] + result = {} + for line in parsed[0].split("\n"): + (key, sep, value) = line.partition("=") + if sep == "=": + result[key] = value + return result + +def get_certs_from_file(certfile): + certs = [] + cert = "" + incert = False + + for line in open(certfile): + line = line.strip() + if line == "-----BEGIN CERTIFICATE-----": + cert = "" + incert = True + elif line == "-----END CERTIFICATE-----": + certs.append(cert) + incert = False + elif incert: + cert += line + return certs + +def get_root_cert(issuer): + accepted_certs = json.loads(open("googlelog-accepted-certs.txt").read())["certificates"] + + root_cert = None + + for accepted_cert in accepted_certs: + subject = get_cert_info(base64.decodestring(accepted_cert))["subject"] + if subject == issuer: + print "found root cert" + root_cert = base64.decodestring(accepted_cert) + + return root_cert + +def get_sth(baseurl): + result = urllib2.urlopen(baseurl + "ct/v1/get-sth").read() + return json.loads(result) + +def get_proof_by_hash(baseurl, hash, tree_size): + try: + params = urllib.urlencode({"hash":base64.b64encode(hash), "tree_size":tree_size}) + print params + result = urllib2.urlopen(baseurl + "ct/v1/get-proof-by-hash?" + params).read() + return result + except urllib2.HTTPError, e: + print e.read() + sys.exit(1) + +def tls_array(data, length_len): + length_bytes = struct.pack(">Q", len(data))[-length_len:] + return length_bytes + data + +def add_chain(baseurl, submission): + try: + return json.loads(urllib2.urlopen(baseurl + "ct/v1/add-chain", json.dumps(submission)).read()) + except urllib2.HTTPError, e: + print e.read() + sys.exit(1) |