summaryrefslogtreecommitdiff
path: root/tools
diff options
context:
space:
mode:
Diffstat (limited to 'tools')
-rw-r--r--tools/certtools.py30
-rwxr-xr-xtools/submitcert.py19
2 files changed, 48 insertions, 1 deletions
diff --git a/tools/certtools.py b/tools/certtools.py
index fa7f6ac..48e7b41 100644
--- a/tools/certtools.py
+++ b/tools/certtools.py
@@ -63,7 +63,7 @@ def get_proof_by_hash(baseurl, hash, tree_size):
print params
result = \
urllib2.urlopen(baseurl + "ct/v1/get-proof-by-hash?" + params).read()
- return result
+ return json.loads(result)
except urllib2.HTTPError, e:
print e.read()
sys.exit(1)
@@ -72,6 +72,15 @@ def tls_array(data, length_len):
length_bytes = struct.pack(">Q", len(data))[-length_len:]
return length_bytes + data
+def unpack_tls_array(packed_data, length_len):
+ padded_length = ["\x00"] * 8
+ padded_length[-length_len:] = packed_data[:length_len]
+ (length,) = struct.unpack(">Q", "".join(padded_length))
+ unpacked_data = packed_data[length_len:length_len+length]
+ assert len(unpacked_data) == length
+ rest_data = packed_data[length_len+length:]
+ return (unpacked_data, rest_data)
+
def add_chain(baseurl, submission):
try:
return json.loads(urllib2.urlopen(baseurl + "ct/v1/add-chain",
@@ -79,3 +88,22 @@ def add_chain(baseurl, submission):
except urllib2.HTTPError, e:
print e.read()
sys.exit(1)
+
+def get_entries(baseurl, start, end):
+ try:
+ params = urllib.urlencode({"start":start, "end":end})
+ result = urllib2.urlopen(baseurl + "ct/v1/get-entries?" + params).read()
+ return json.loads(result)
+ except urllib2.HTTPError, e:
+ print e.read()
+ sys.exit(1)
+
+def decode_certificate_chain(packed_certchain):
+ (unpacked_certchain, rest) = unpack_tls_array(packed_certchain, 3)
+ assert len(rest) == 0
+ certs = []
+ while len(unpacked_certchain):
+ (cert, rest) = unpack_tls_array(unpacked_certchain, 3)
+ certs.append(cert)
+ unpacked_certchain = rest
+ return certs
diff --git a/tools/submitcert.py b/tools/submitcert.py
index 229d36c..7844dda 100755
--- a/tools/submitcert.py
+++ b/tools/submitcert.py
@@ -36,6 +36,8 @@ if lookup_in_log:
leaf_type = struct.pack(">b", 0)
merkle_tree_leaf = version + leaf_type + timestamped_entry
+ print "merkle_tree_leaf:", base64.b64encode(merkle_tree_leaf)
+
leaf_hash = hashlib.sha256()
leaf_hash.update(struct.pack(">b", 0))
leaf_hash.update(merkle_tree_leaf)
@@ -48,3 +50,20 @@ if lookup_in_log:
proof = get_proof_by_hash(baseurl, leaf_hash.digest(), sth["tree_size"])
print proof
+
+ leaf_index = proof["leaf_index"]
+
+ entries = get_entries(baseurl, leaf_index, leaf_index)
+
+ fetched_entry = entries["entries"][0]
+
+ print fetched_entry
+
+ print "does the leaf_input of the fetched entry match what we calculated:", \
+ base64.decodestring(fetched_entry["leaf_input"]) == merkle_tree_leaf
+
+ extra_data = fetched_entry["extra_data"]
+
+ certchain = decode_certificate_chain(base64.decodestring(extra_data))
+
+ print [base64.b64encode(cert) for cert in certchain]