tools/submitcert.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

#!/usr/bin/python                                                               

import urllib2
import urllib
import json
import base64
import sys
import struct
import hashlib
from certtools import *

baseurl = sys.argv[1]
certfile = sys.argv[2]

lookup_in_log = True

certs = get_certs_from_file(certfile)

result = add_chain(baseurl, {"chain":certs})

print result

for cert in certs:
    print get_cert_info(base64.decodestring(cert))

if lookup_in_log:
    last_issuer = get_cert_info(base64.decodestring(certs[-1]))["issuer"]
    last_subject = get_cert_info(base64.decodestring(certs[-1]))["subject"]

    entry_type = struct.pack(">H", 0)

    extensions = ""

    timestamped_entry = struct.pack(">Q", result["timestamp"]) + entry_type + tls_array(base64.decodestring(certs[0]), 3) + tls_array(extensions, 2)
    version = struct.pack(">b", 0)
    leaf_type = struct.pack(">b", 0)
    merkle_tree_leaf = version + leaf_type + timestamped_entry

    leaf_hash = hashlib.sha256()
    leaf_hash.update(struct.pack(">b", 0))
    leaf_hash.update(merkle_tree_leaf)

    print base64.b64encode(leaf_hash.digest())

    sth = get_sth(baseurl)
    print sth

    proof = get_proof_by_hash(baseurl, leaf_hash.digest(), sth["tree_size"])

    print proof