def verify_decode(self, test_vector, test_message): serialized = "".join(test_vector).decode("hex") message = test_message_pb2.TestMessage() tls_message.decode(serialized, message) self.assertEqual(test_message, message, msg = "%s vs %s" % (test_message, message))
def run(): """Fetch the proof for the supplied certificate.""" #TODO(eranm): Attempt fetching the SCT for this chain if none was given. if FLAGS.sct: cert_sct = client_pb2.SignedCertificateTimestamp() sct_data = open(FLAGS.sct, 'rb').read() if FLAGS.binary_sct: tls_message.decode(sct_data, cert_sct) else: cert_sct.ParseFromString(sct_data) sct_timestamp = cert_sct.timestamp print 'SCT for cert:', cert_sct else: sct_timestamp = FLAGS.timestamp constructed_leaf = construct_leaf_from_file(FLAGS.cert, sct_timestamp) leaf_hash = merkle.TreeHasher().hash_leaf(constructed_leaf) if FLAGS.verbose: print "Leaf hash: %s" % (leaf_hash.encode("hex")) (sth, proof) = fetch_single_proof(leaf_hash, FLAGS.log_url); if FLAGS.verbose: print "Leaf index in tree is %d, proof has %d hashes" % ( proof.leaf_index, len(proof.audit_path)) print "Audit path: %s" % ([t.encode('hex') for t in proof.audit_path]) verifier = merkle.MerkleVerifier() if verifier.verify_leaf_inclusion(constructed_leaf, proof.leaf_index, proof.audit_path, sth): print 'Proof verifies OK.'
def run(): """Fetch the proof for the supplied certificate.""" #TODO(eranm): Attempt fetching the SCT for this chain if none was given. if FLAGS.sct: cert_sct = client_pb2.SignedCertificateTimestamp() sct_data = open(FLAGS.sct, 'rb').read() if FLAGS.binary_sct: tls_message.decode(sct_data, cert_sct) else: cert_sct.ParseFromString(sct_data) sct_timestamp = cert_sct.timestamp print 'SCT for cert:', cert_sct else: sct_timestamp = FLAGS.timestamp constructed_leaf = construct_leaf_from_file(FLAGS.cert, sct_timestamp) leaf_hash = merkle.TreeHasher().hash_leaf(constructed_leaf) if FLAGS.verbose: print "Leaf hash: %s" % (leaf_hash.encode("hex")) (sth, proof) = fetch_single_proof(leaf_hash, FLAGS.log_url) if FLAGS.verbose: print "Leaf index in tree is %d, proof has %d hashes" % ( proof.leaf_index, len(proof.audit_path)) print "Audit path: %s" % ([t.encode('hex') for t in proof.audit_path]) verifier = merkle.MerkleVerifier() if verifier.verify_leaf_inclusion(constructed_leaf, proof.leaf_index, proof.audit_path, sth): print 'Proof verifies OK.'
def decode_entry(entry): parsed_entry = client_pb2.ParsedEntry() tls_message.decode(entry.leaf_input, parsed_entry.merkle_leaf) parsed_entry.extra_data.entry_type = (parsed_entry.merkle_leaf. timestamped_entry.entry_type) tls_message.decode(entry.extra_data, parsed_entry.extra_data) return parsed_entry
def _decode_entry(serialized_entry): entry = client_pb2.EntryResponse() entry.ParseFromString(serialized_entry) parsed_entry = client_pb2.ParsedEntry() tls_message.decode(entry.leaf_input, parsed_entry.merkle_leaf) parsed_entry.extra_data.entry_type = ( parsed_entry.merkle_leaf.timestamped_entry.entry_type) tls_message.decode(entry.extra_data, parsed_entry.extra_data) return parsed_entry
def decode_entry(serialized_entry): entry = client_pb2.EntryResponse() entry.ParseFromString(serialized_entry) parsed_entry = client_pb2.ParsedEntry() tls_message.decode(entry.leaf_input, parsed_entry.merkle_leaf) parsed_entry.extra_data.entry_type = (parsed_entry.merkle_leaf. timestamped_entry.entry_type) tls_message.decode(entry.extra_data, parsed_entry.extra_data) return parsed_entry