1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
# Copyright (c) 2015, NORDUnet A/S.
# See LICENSE for licensing information.
import base64
import sys
import struct
from certtools import get_leaf_hash
def parselogrow(row):
return base64.b16decode(row, casefold=True)
def get_logorder(filename):
f = open(filename, "r")
return [parselogrow(row.rstrip()) for row in f]
def read_chain_open(chainsdir, filename):
path = chainsdir + "/" + filename[0:2] + "/" + filename[2:4] + "/" + filename[4:6]
f = open(path + "/" + filename, "r")
return f
def read_chain(chainsdir, key):
filename = base64.b16encode(key).upper()
try:
f = read_chain_open(chainsdir, filename)
except IOError, e:
f = read_chain_open(chainsdir, filename.lower())
value = f.read()
f.close()
return value
def unpack_entry(entry):
pieces = []
while len(entry):
(length,) = struct.unpack(">I", entry[0:4])
type = entry[4:8]
data = entry[8:length]
entry = entry[length:]
pieces.append(data)
return pieces
def verify_entry(verifycert, entry, hash):
unpacked = unpack_entry(entry)
mtl = unpacked[0]
assert hash == get_leaf_hash(mtl)
s = struct.pack(">I", len(entry)) + entry
try:
verifycert.stdin.write(s)
except IOError, e:
sys.stderr.write("merge: unable to write to verifycert process: ")
while 1:
line = verifycert.stdout.readline()
if line:
sys.stderr.write(line)
else:
sys.exit(1)
result_length_packed = verifycert.stdout.read(4)
(result_length,) = struct.unpack(">I", result_length_packed)
result = verifycert.stdout.read(result_length)
assert len(result) == result_length
(error_code,) = struct.unpack("B", result[0:1])
if error_code != 0:
print >>sys.stderr, result[1:]
sys.exit(1)
|