diff options
author | Magnus Ahltorp <map@kth.se> | 2015-08-17 17:46:46 +0200 |
---|---|---|
committer | Linus Nordberg <linus@nordu.net> | 2015-08-19 16:26:07 +0200 |
commit | aa703d32d55717b4934c91cf187f0ed165196fd0 (patch) | |
tree | fcf5bb88410aab1eda0767cd00dd41cc8cb10acc /tools/mergetools.py | |
parent | 3464a089a9ccbac1a8bc92c8dfba402e7e307733 (diff) |
Wrap entries in plop wrapper
Diffstat (limited to 'tools/mergetools.py')
-rw-r--r-- | tools/mergetools.py | 43 |
1 files changed, 31 insertions, 12 deletions
diff --git a/tools/mergetools.py b/tools/mergetools.py index 9f5feee..c3e9688 100644 --- a/tools/mergetools.py +++ b/tools/mergetools.py @@ -1,6 +1,7 @@ # Copyright (c) 2015, NORDUnet A/S. # See LICENSE for licensing information. import base64 +import hashlib import sys import struct from certtools import get_leaf_hash @@ -27,21 +28,39 @@ def read_chain(chainsdir, key): f.close() return value -def unpack_entry(entry): - pieces = [] - while len(entry): - (length,) = struct.unpack(">I", entry[0:4]) - type = entry[4:8] - data = entry[8:length] - entry = entry[length:] - pieces.append(data) - return pieces +def tlv_decode(data): + (length,) = struct.unpack(">I", data[0:4]) + type = data[4:8] + value = data[8:length] + rest = data[length:] + return (type, value, rest) + +def tlv_decodelist(data): + l = [] + while len(data): + (type, value, rest) = tlv_decode(data) + l.append((type, value)) + data = rest + return l + +def unwrap_entry(entry): + ploplevel = tlv_decodelist(entry) + assert(len(ploplevel) == 2) + (ploptype, plopdata) = ploplevel[0] + (plopchecksumtype, plopchecksum) = ploplevel[1] + assert(ploptype == "PLOP") + assert(plopchecksumtype == "S256") + computedchecksum = hashlib.sha256(plopdata).digest() + assert(computedchecksum == plopchecksum) + return plopdata def verify_entry(verifycert, entry, hash): - unpacked = unpack_entry(entry) - mtl = unpacked[0] + packed = unwrap_entry(entry) + unpacked = tlv_decodelist(packed) + (mtltype, mtl) = unpacked[0] assert hash == get_leaf_hash(mtl) - s = struct.pack(">I", len(entry)) + entry + assert mtltype == "MTL1" + s = struct.pack(">I", len(packed)) + packed try: verifycert.stdin.write(s) except IOError, e: |