def process_entries(entry_queue, output_queue, match_callback):
stopped = False
total_processed = 0
while not stopped:
count, entry = entry_queue.get()
if entry == _STOP_WORKER:
stopped = True
# Each worker signals when they've picked up their
# "STOP_WORKER" message.
output_queue.put(QueueMessage(
_WORKER_STOPPED,
certificates_scanned=total_processed))
else:
entry_response = client_pb2.EntryResponse()
entry_response.ParseFromString(entry)
parsed_entry = entry_decoder.decode_entry(entry_response)
ts_entry = parsed_entry.merkle_leaf.timestamped_entry
total_processed += 1
c = None
if ts_entry.entry_type == client_pb2.X509_ENTRY:
der_cert = ts_entry.asn1_cert
else:
# The original, signed precertificate.
der_cert = (parsed_entry.extra_data.precert_chain_entry.pre_certificate)
try:
c = cert.Certificate(der_cert)
except error.Error as e:
try:
c = cert.Certificate(der_cert, strict_der=False)
except error.Error as e:
output_queue.put(QueueMessage(
_ERROR_PARSING_ENTRY,
"Error parsing entry %d:\n%s" %
(count, e)))
else:
output_queue.put(QueueMessage(
_ERROR_PARSING_ENTRY,
"Entry %d failed strict parsing:\n%s" %
(count, c)))
except Exception as e:
print "Unknown parsing failure for entry %d:\n%s" % (
count, e)
traceback.print_exc()
output_queue.put(QueueMessage(
_ERROR_PARSING_ENTRY,
"Entry %d failed parsing with an unknown error:\n%s" %
(count, e)))
if c:
match_result = match_callback(
c, ts_entry.entry_type, parsed_entry.extra_data, count)
if match_result:
output_queue.put(QueueMessage(
_ENTRY_MATCHING,
"Entry %d:\n%s" % (count, c),
matcher_output=match_result))
if not total_processed % _BATCH_SIZE:
output_queue.put(QueueMessage(
_PROGRESS_REPORT,
"Scanned %d entries" % total_processed,
certificates_scanned=_BATCH_SIZE))
def _scan_entries(self, entries):
"""Passes entries to certificate report.
Args:
entries: array of (entry_index, entry_response) tuples.
"""
der_certs = []
for entry_index, entry in entries:
parsed_entry = entry_decoder.decode_entry(entry)
ts_entry = parsed_entry.merkle_leaf.timestamped_entry
if ts_entry.entry_type == client_pb2.X509_ENTRY:
der_cert = ts_entry.asn1_cert
else:
der_cert = (
parsed_entry.extra_data.precert_chain_entry.pre_certificate)
der_certs.append((entry_index, der_cert))
self.__report.scan_der_certs(der_certs)
def _scan_entries(self, entries):
"""Passes entries to certificate report.
Args:
entries: array of (entry_index, entry_response) tuples.
"""
der_certs = []
for entry_index, entry in entries:
parsed_entry = entry_decoder.decode_entry(entry)
ts_entry = parsed_entry.merkle_leaf.timestamped_entry
if ts_entry.entry_type == client_pb2.X509_ENTRY:
der_cert = ts_entry.asn1_cert
der_chain = parsed_entry.extra_data.certificate_chain
else:
der_cert = (parsed_entry.extra_data.precert_chain_entry.
pre_certificate)
der_chain = (parsed_entry.extra_data.precert_chain_entry.
precertificate_chain)
der_chain = der_chain[:]
der_certs.append((entry_index, der_cert, der_chain))
self.__report.scan_der_certs(der_certs)
