summaryrefslogtreecommitdiff
path: root/tools
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordberg.se>2015-03-25 09:55:03 +0100
committerLinus Nordberg <linus@nordberg.se>2015-03-25 09:55:03 +0100
commit94282d502072f894f3168ef8c2c7527fe4a69e52 (patch)
tree0ae1b630221867acf3f56f08a042cbf94df3943a /tools
parent575d810afbcfcca99f701f3ea42de79bf6e283d1 (diff)
Add tools/fetchacert.py, fetching exactly one chain from a log.
Also move a piece of common code from fetchallcerts.py to certtools.py.
Diffstat (limited to 'tools')
-rw-r--r--tools/certtools.py10
-rwxr-xr-xtools/fetchacert.py22
-rwxr-xr-xtools/fetchallcerts.py10
3 files changed, 32 insertions, 10 deletions
diff --git a/tools/certtools.py b/tools/certtools.py
index 0e639f2..ffd631c 100644
--- a/tools/certtools.py
+++ b/tools/certtools.py
@@ -588,3 +588,13 @@ def verify_inclusion_proof(inclusion_proof, index, treesize, leafhash):
chain = zip([(index, 0)] + nodes_for_index(index, treesize), [leafhash] + inclusion_proof)
(_, hash) = reduce(lambda e1, e2: combine_two_hashes(e1, e2, treesize), chain)
return hash
+
+def extract_original_entry(entry):
+ leaf_input = base64.decodestring(entry["leaf_input"])
+ (leaf_cert, timestamp, issuer_key_hash) = unpack_mtl(leaf_input)
+ extra_data = base64.decodestring(entry["extra_data"])
+ if issuer_key_hash != None:
+ (precert, extra_data) = extract_precertificate(extra_data)
+ leaf_cert = precert
+ certchain = decode_certificate_chain(extra_data)
+ return ([leaf_cert] + certchain, timestamp, issuer_key_hash)
diff --git a/tools/fetchacert.py b/tools/fetchacert.py
new file mode 100755
index 0000000..82ea7c1
--- /dev/null
+++ b/tools/fetchacert.py
@@ -0,0 +1,22 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+import argparse
+import base64
+from certtools import *
+
+parser = argparse.ArgumentParser(description='')
+parser.add_argument('baseurl', help="Base URL for CT server")
+parser.add_argument('index', type=int, help="Index for entry to fetch")
+args = parser.parse_args()
+
+rawentries = get_entries(args.baseurl, args.index, args.index)["entries"]
+entry = extract_original_entry(rawentries[0])
+(chain, _timestamp, _issuer_key_hash) = entry
+s = ""
+for cert in chain:
+ s += "-----BEGIN CERTIFICATE-----\n"
+ s += base64.encodestring(cert).rstrip() + "\n"
+ s += "-----END CERTIFICATE-----\n"
+ s += "\n"
+print s
diff --git a/tools/fetchallcerts.py b/tools/fetchallcerts.py
index 398c563..e0ea92f 100755
--- a/tools/fetchallcerts.py
+++ b/tools/fetchallcerts.py
@@ -24,16 +24,6 @@ parser.add_argument('--store', default=None, metavar="dir", help='Store certific
parser.add_argument('--write-sth', action='store_true', help='Write STH')
args = parser.parse_args()
-def extract_original_entry(entry):
- leaf_input = base64.decodestring(entry["leaf_input"])
- (leaf_cert, timestamp, issuer_key_hash) = unpack_mtl(leaf_input)
- extra_data = base64.decodestring(entry["extra_data"])
- if issuer_key_hash != None:
- (precert, extra_data) = extract_precertificate(extra_data)
- leaf_cert = precert
- certchain = decode_certificate_chain(extra_data)
- return ([leaf_cert] + certchain, timestamp, issuer_key_hash)
-
def get_entries_wrapper(baseurl, start, end):
fetched_entries = 0
while start + fetched_entries < (end + 1):