summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--tools/certtools.py18
-rwxr-xr-xtools/merge.py35
2 files changed, 28 insertions, 25 deletions
diff --git a/tools/certtools.py b/tools/certtools.py
index 2fb1492..ad90e5c 100644
--- a/tools/certtools.py
+++ b/tools/certtools.py
@@ -6,6 +6,7 @@ import json
import base64
import urllib
import urllib2
+import urlparse
import struct
import sys
import hashlib
@@ -182,6 +183,23 @@ def check_signature(baseurl, signature, data):
vk.verify(unpacked_signature, data, hashfunc=hashlib.sha256,
sigdecode=ecdsa.util.sigdecode_der)
+def http_request(url, data=None, key=None):
+ req = urllib2.Request(url, data)
+ (keyname, keyfile) = key
+ privatekey = get_eckey_from_file(keyfile)
+ sk = ecdsa.SigningKey.from_der(privatekey)
+ parsed_url = urlparse.urlparse(url)
+ if data == None:
+ data = parsed_url.query
+ method = "GET"
+ else:
+ method = "POST"
+ signature = sk.sign("%s\0%s\0%s" % (method, parsed_url.path, data), hashfunc=hashlib.sha256,
+ sigencode=ecdsa.util.sigencode_der)
+ req.add_header('X-Catlfish-Auth', base64.b64encode(signature) + ";key=" + keyname)
+ result = urllib2.urlopen(req).read()
+ return result
+
def create_signature(privatekey, data):
sk = ecdsa.SigningKey.from_der(privatekey)
unpacked_signature = sk.sign(data, hashfunc=hashlib.sha256,
diff --git a/tools/merge.py b/tools/merge.py
index 6becf7e..c9f99af 100755
--- a/tools/merge.py
+++ b/tools/merge.py
@@ -14,7 +14,7 @@ import time
import ecdsa
import hashlib
import urlparse
-from certtools import build_merkle_tree, create_sth_signature, check_sth_signature, get_eckey_from_file, timing_point
+from certtools import build_merkle_tree, create_sth_signature, check_sth_signature, get_eckey_from_file, timing_point, http_request
parser = argparse.ArgumentParser(description="")
parser.add_argument("--baseurl", metavar="url", help="Base URL for CT server", required=True)
@@ -34,6 +34,8 @@ storagenodes = args.storage
chainsdir = args.mergedb + "/chains"
logorderfile = args.mergedb + "/logorder"
+own_key = (args.own_keyname, args.own_keyfile)
+
def parselogrow(row):
return base64.b16decode(row)
@@ -57,26 +59,9 @@ def add_to_logorder(key):
f.write(base64.b16encode(key) + "\n")
f.close()
-def http_request(url, data=None):
- req = urllib2.Request(url, data)
- keyname = args.own_keyname
- privatekey = get_eckey_from_file(args.own_keyfile)
- sk = ecdsa.SigningKey.from_der(privatekey)
- parsed_url = urlparse.urlparse(url)
- if data == None:
- data = parsed_url.query
- method = "GET"
- else:
- method = "POST"
- signature = sk.sign("%s\0%s\0%s" % (method, parsed_url.path, data), hashfunc=hashlib.sha256,
- sigencode=ecdsa.util.sigencode_der)
- req.add_header('X-Catlfish-Auth', base64.b64encode(signature) + ";key=" + keyname)
- result = urllib2.urlopen(req).read()
- return result
-
def get_new_entries(baseurl):
try:
- result = http_request(baseurl + "ct/storage/fetchnewentries")
+ result = http_request(baseurl + "ct/storage/fetchnewentries", key=own_key)
parsed_result = json.loads(result)
if parsed_result.get(u"result") == u"ok":
return [base64.b64decode(entry) for entry in parsed_result[u"entries"]]
@@ -89,7 +74,7 @@ def get_new_entries(baseurl):
def get_entries(baseurl, hashes):
try:
params = urllib.urlencode({"hash":[base64.b64encode(hash) for hash in hashes]}, doseq=True)
- result = http_request(baseurl + "ct/storage/getentry?" + params)
+ result = http_request(baseurl + "ct/storage/getentry?" + params, key=own_key)
parsed_result = json.loads(result)
if parsed_result.get(u"result") == u"ok":
entries = dict([(base64.b64decode(entry["hash"]), base64.b64decode(entry["entry"])) for entry in parsed_result[u"entries"]])
@@ -104,7 +89,7 @@ def get_entries(baseurl, hashes):
def get_curpos(baseurl):
try:
- result = http_request(baseurl + "ct/frontend/currentposition")
+ result = http_request(baseurl + "ct/frontend/currentposition", key=own_key)
parsed_result = json.loads(result)
if parsed_result.get(u"result") == u"ok":
return parsed_result[u"position"]
@@ -117,7 +102,7 @@ def get_curpos(baseurl):
def sendlog(baseurl, submission):
try:
result = http_request(baseurl + "ct/frontend/sendlog",
- json.dumps(submission))
+ json.dumps(submission), key=own_key)
return json.loads(result)
except urllib2.HTTPError, e:
print "ERROR: sendlog", e.read()
@@ -133,7 +118,7 @@ def sendlog(baseurl, submission):
def sendentry(baseurl, entry, hash):
try:
result = http_request(baseurl + "ct/frontend/sendentry",
- json.dumps({"entry":base64.b64encode(entry), "treeleafhash":base64.b64encode(hash)}))
+ json.dumps({"entry":base64.b64encode(entry), "treeleafhash":base64.b64encode(hash)}), key=own_key)
return json.loads(result)
except urllib2.HTTPError, e:
print "ERROR: sendentry", e.read()
@@ -149,7 +134,7 @@ def sendentry(baseurl, entry, hash):
def sendsth(baseurl, submission):
try:
result = http_request(baseurl + "ct/frontend/sendsth",
- json.dumps(submission))
+ json.dumps(submission), key=own_key)
return json.loads(result)
except urllib2.HTTPError, e:
print "ERROR: sendsth", e.read()
@@ -164,7 +149,7 @@ def sendsth(baseurl, submission):
def get_missingentries(baseurl):
try:
- result = http_request(baseurl + "ct/frontend/missingentries")
+ result = http_request(baseurl + "ct/frontend/missingentries", key=own_key)
parsed_result = json.loads(result)
if parsed_result.get(u"result") == u"ok":
return parsed_result[u"entries"]