summaryrefslogtreecommitdiff
path: root/tools
diff options
context:
space:
mode:
authorMagnus Ahltorp <map@kth.se>2015-05-22 16:23:13 +0200
committerMagnus Ahltorp <map@kth.se>2015-05-22 16:23:13 +0200
commitb3cf7d7737f1fb32bff222e184ae62a3b44f736f (patch)
tree2b4a0d21b48a692ad58412b63bfb29d4df8db2e0 /tools
parent0fe29c04e47b6660cf816f615537a61028c4deb9 (diff)
Don't require --publickey, but print better error message.check-sth3
Diffstat (limited to 'tools')
-rw-r--r--tools/certtools.py7
-rwxr-xr-xtools/check-sth.py2
2 files changed, 7 insertions, 2 deletions
diff --git a/tools/certtools.py b/tools/certtools.py
index 405aabd..ccbc76e 100644
--- a/tools/certtools.py
+++ b/tools/certtools.py
@@ -219,7 +219,12 @@ def encode_signature(hash_alg, signature_alg, unpacked_signature):
def check_signature(baseurl, signature, data, publickey=None):
if publickey == None:
- publickey = base64.decodestring(publickeys[baseurl])
+ if baseurl in publickeys:
+ publickey = base64.decodestring(publickeys[baseurl])
+ else:
+ print >>sys.stderr, "Public key for", baseurl, \
+ "not found, specify key file with --publickey"
+ sys.exit(1)
(hash_alg, signature_alg, unpacked_signature) = decode_signature(signature)
assert hash_alg == 4, \
"hash_alg is %d, expected 4" % (hash_alg,) # sha256
diff --git a/tools/check-sth.py b/tools/check-sth.py
index 0cdc031..dacd8e6 100755
--- a/tools/check-sth.py
+++ b/tools/check-sth.py
@@ -26,8 +26,8 @@ parser.add_argument('--cur-sth',
metavar='file',
default=DEFAULT_CUR_FILE,
help="File containing current STH (default=%s)" % DEFAULT_CUR_FILE)
-parser.add_argument('publickey', help='File containing the public key for the CT log')
parser.add_argument('baseurl', help="Base URL for CT log")
+parser.add_argument('--publickey', default=None, metavar='file', help='Public key for the CT log')
parser.add_argument('--cafile', default=None, metavar='file', help='File containing the CA cert')
parser.add_argument('--allow-lag', action='store_true', help='Allow node to lag behind previous STH')
parser.add_argument('--quiet-ok', action='store_true', help="Don't print status if OK")
generated by cgit v1.1 at 2024-10-06 10:35:34 +0000