diff options
| author | Magnus Ahltorp <map@kth.se> | 2015-02-19 16:23:25 +0100 |
|---|---|---|
| committer | Linus Nordberg <linus@nordberg.se> | 2015-02-20 14:12:48 +0100 |
| commit | 74a4460cba73877830b73742be76cd2bf0d5f47b (patch) | |
| tree | 22390bef22901593afe2424165e481609457b1b3 /tools/fetchallcerts.py | |
| parent | 4cf7413cb55f66fc2875560c88a6ea8318499d9f (diff) | |
Added verification of consistency proofs
Diffstat (limited to 'tools/fetchallcerts.py')
| -rwxr-xr-x | tools/fetchallcerts.py | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/tools/fetchallcerts.py b/tools/fetchallcerts.py index 866bb43..39ffd64 100755 --- a/tools/fetchallcerts.py +++ b/tools/fetchallcerts.py @@ -168,6 +168,12 @@ else: print "calculated root hash", base64.b16encode(calculated_root_hash) +if oldsth and oldsth["tree_size"] > 0 and oldsth["tree_size"] != tree_size: + consistency_proof = [base64.decodestring(entry) for entry in get_consistency_proof(args.baseurl, oldsth["tree_size"], tree_size)] + (old_treehead, new_treehead) = verify_consistency_proof(consistency_proof, oldsth["tree_size"], tree_size) + assert old_treehead == base64.b64decode(oldsth["sha256_root_hash"]) + assert new_treehead == base64.b64decode(sth["sha256_root_hash"]) + if calculated_root_hash != root_hash: print "fetched root hash and calculated root hash different" sys.exit(1) |