diff options
Diffstat (limited to 'tools/josef_experimental_auditor.py')
-rwxr-xr-x | tools/josef_experimental_auditor.py | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/tools/josef_experimental_auditor.py b/tools/josef_experimental_auditor.py index 1a5b669..57ef9cb 100755 --- a/tools/josef_experimental_auditor.py +++ b/tools/josef_experimental_auditor.py @@ -27,16 +27,16 @@ base_urls = [ # "https://ctlog.api.venafi.com/", ] -logkeys = {} -logkeys["https://plausible.ct.nordu.net/"] = get_public_key_from_file("../../plausible-logkey.pem") -logkeys["https://ct.googleapis.com/rocketeer/"] = get_public_key_from_file("../../rocketeer-logkey.pem") -logkeys["https://ct.googleapis.com/aviator/"] = get_public_key_from_file("../../aviator-logkey.pem") -logkeys["https://ct.googleapis.com/pilot/"] = get_public_key_from_file("../../pilot-logkey.pem") -logkeys["https://log.certly.io/"] = get_public_key_from_file("../../certly-logkey.pem") -logkeys["https://ct.izenpe.com/"] = get_public_key_from_file("../../izenpe-logkey.pem") -logkeys["https://ct.ws.symantec.com/"] = get_public_key_from_file("../../symantec-logkey.pem") -logkeys["https://ctlog.api.venafi.com/"] = get_public_key_from_file("../../venafi-logkey.pem") -logkeys["https://ct1.digicert-ct.com/log/"] = get_public_key_from_file("../../digicert-logkey.pem") +# logkeys = {} +# logkeys["https://plausible.ct.nordu.net/"] = get_public_key_from_file("../../plausible-logkey.pem") +# logkeys["https://ct.googleapis.com/rocketeer/"] = get_public_key_from_file("../../rocketeer-logkey.pem") +# logkeys["https://ct.googleapis.com/aviator/"] = get_public_key_from_file("../../aviator-logkey.pem") +# logkeys["https://ct.googleapis.com/pilot/"] = get_public_key_from_file("../../pilot-logkey.pem") +# logkeys["https://log.certly.io/"] = get_public_key_from_file("../../certly-logkey.pem") +# logkeys["https://ct.izenpe.com/"] = get_public_key_from_file("../../izenpe-logkey.pem") +# logkeys["https://ct.ws.symantec.com/"] = get_public_key_from_file("../../symantec-logkey.pem") +# logkeys["https://ctlog.api.venafi.com/"] = get_public_key_from_file("../../venafi-logkey.pem") +# logkeys["https://ct1.digicert-ct.com/log/"] = get_public_key_from_file("../../digicert-logkey.pem") parser = argparse.ArgumentParser(description="") parser.add_argument('--audit', action='store_true', help="run lightweight auditor verifying consistency in STH") @@ -112,7 +112,8 @@ def fetch_all_sth(): # Check signature on the STH try: - check_sth_signature(base_url, sths[base_url], logkeys[base_url]) + # check_sth_signature(base_url, sths[base_url], logkeys[base_url]) + check_sth_signature(base_url, sths[base_url], None) except: error_str = time.strftime('%H:%M:%S') + " ERROR: Could not verify signature from " + base_url print error_str @@ -439,7 +440,7 @@ def main(args): # Check signature on the STH try: - check_sth_signature(base_url, tmp_sth, logkeys[base_url]) + check_sth_signature(base_url, tmp_sth, None) write_file("plausible-sth.json", tmp_sth) except: error_str = time.strftime('%H:%M:%S') + " ERROR: Could not verify signature from " + base_url |