def show_signature_verbose(signature):
'''Print out signature as hex string to logger.verbose.
Args:
signature(bytes)
'''
sig_offset = 0
while sig_offset < len(signature):
if len(signature) - sig_offset > 16:
bytes_to_read = 16
else:
bytes_to_read = len(signature) - sig_offset
sig_bytes = struct.unpack_from(flo('!{bytes_to_read}s'), signature,
sig_offset)[0]
if sig_offset == 0:
logger.verbose('Signature : %s' % to_hex(sig_bytes))
else:
logger.verbose(' %s' % to_hex(sig_bytes))
sig_offset = sig_offset + bytes_to_read
def show_verification(verification):
'''
Args:
verification(ctutlz.sct.verification.SctVerificationResult)
'''
sct = verification.sct
sct_log_id1, sct_log_id2 = [
to_hex(val) for val in struct.unpack("!16s16s", sct.log_id.tdf)
]
logger.info('```')
logger.verbose('=' * 59)
logger.verbose(flo('Version : {sct.version_hex}'))
logger.verbose(flo('LogID : {sct_log_id1}'))
logger.verbose(flo(' {sct_log_id2}'))
logger.info(flo('LogID b64 : {sct.log_id_b64}'))
logger.verbose(flo('Timestamp : {sct.timestamp} ({sct.timestamp_hex})'))
logger.verbose(
flo('Extensions: {sct.extensions_len} ({sct.extensions_len_hex})'))
logger.verbose(
flo('Algorithms: {sct.signature_alg_hash_hex}/'
'{sct.signature_algorithm_signature} (hash/sign)'))
show_signature_verbose(sct.signature)
prefix = 'Sign. b64 : '
logger.info(prefix + text_with_newlines(sct.signature_b64,
line_length=16 * 3,
newline='\n' + ' ' * len(prefix)))
logger.verbose(
'--') # visual gap between sct infos and verification result
log = verification.log
if log is None:
logger.info('Log not found\n')
else:
logger.info(flo('Log found : {log.description}'))
logger.verbose('Operator : %s' % log.operated_by['name'])
logger.info('Chrome : %s' % log.scts_accepted_by_chrome)
if verification.verified:
logger.info(flo('Result : Verified OK'))
else:
logger.info(flo('Result : Verification Failure'))
logger.info('```\n')
# digitally-signed struct
# https://tools.ietf.org/html/rfc5246#section-4.7
'signature_algorithm_hash':
lambda self: int(self._parse['signature_alg_hash']),
'signature_algorithm_signature':
lambda self: int(self._parse['signature_alg_sign']),
'signature_len':
lambda self: int(self._parse['signature_len']),
'signature':
lambda self: bytes(self._parse['signature']),
'log_id':
lambda self: self.id,
'log_id_b64':
lambda self: encode_to_b64(self.log_id.tdf), # type: str
'version_hex':
lambda self: to_hex(self.version.tdf),
'timestamp_hex':
lambda self: to_hex(self.timestamp),
'extensions_len':
lambda self: self.extensions.len,
'extensions_len_hex':
lambda self: to_hex(self.extensions_len),
'signature_alg_hash_hex':
lambda self: to_hex(self.signature_algorithm_hash),
'signature_alg_sign_hex':
lambda self: to_hex(self.signature_algorithm_sign),
'signature_b64':
lambda self: encode_to_b64(self.signature), # str
'b64':
lambda self: encode_to_b64(self.tdf) # str
})