3 files changed, 95 insertions, 46 deletions

diff --git a/tools/certtools.py b/tools/certtools.py
index 6dd97c4..beb2812 100644
--- a/tools/certtools.py
+++ b/tools/certtools.py
@@ -18,6 +18,10 @@ import zipfile
 import shutil
 from certkeys import publickeys
 
+from Crypto.Hash import SHA256
+import Crypto.PublicKey.RSA as RSA
+from Crypto.Signature import PKCS1_v1_5
+
 def get_cert_info(s):
     p = subprocess.Popen(
         ["openssl", "x509", "-noout", "-subject", "-issuer", "-inform", "der"],
@@ -257,12 +261,19 @@ def check_signature(baseurl, signature, data, publickey=None):
     (hash_alg, signature_alg, unpacked_signature) = decode_signature(signature)
     assert hash_alg == 4, \
         "hash_alg is %d, expected 4" % (hash_alg,) # sha256
-    assert signature_alg == 3, \
-        "signature_alg is %d, expected 3" % (signature_alg,) # ecdsa
+    assert (signature_alg == 3 or signature_alg == 1), \
+        "signature_alg is %d, expected 1 or 3" % (signature_alg,) # ecdsa
 
-    vk = ecdsa.VerifyingKey.from_der(publickey)
-    vk.verify(unpacked_signature, data, hashfunc=hashlib.sha256,
+    if signature_alg == 3:
+        vk = ecdsa.VerifyingKey.from_der(publickey)
+        vk.verify(unpacked_signature, data, hashfunc=hashlib.sha256,
               sigdecode=ecdsa.util.sigdecode_der)
+    else:
+        h = SHA256.new(data)
+        rsa_key = RSA.importKey(publickey)
+        verifier = PKCS1_v1_5.new(rsa_key)
+        assert verifier.verify(h, unpacked_signature), \
+            "could not verify RSA signature"
 
 def parse_auth_header(authheader):
     splittedheader = authheader.split(";")
diff --git a/tools/josef_experimental.py b/tools/josef_experimental.py
index 7f79788..4377b8b 100755
--- a/tools/josef_experimental.py
+++ b/tools/josef_experimental.py
@@ -1,5 +1,5 @@
 #!/usr/bin/python
-# -*- coding: utf-8 -*-		
+# -*- coding: utf-8 -*-     
 
 import time
 import base64
@@ -8,46 +8,47 @@ import urllib2
 import sys
 # from pympler.asizeof import asizeof
 from certtools import *
+from Crypto.Signature import PKCS1_v1_5 
 
 def reduce_leafs_to_root(layer0):
-	if len(layer0) == 0:
-		return [[hashlib.sha256().digest()]]
-	current_layer = layer0
-	while len(current_layer) > 1:
-		current_layer = next_merkle_layer(current_layer)
-	return current_layer
+    if len(layer0) == 0:
+        return [[hashlib.sha256().digest()]]
+    current_layer = layer0
+    while len(current_layer) > 1:
+        current_layer = next_merkle_layer(current_layer)
+    return current_layer
 
 def reduce_layer(layer):
-	new_layer = []
-	while len(layer) > 1:
-		e1 = layer.pop(0)
-		e2 = layer.pop(0)
-		new_layer.append(internal_hash((e1,e2)))
-	return new_layer
+    new_layer = []
+    while len(layer) > 1:
+        e1 = layer.pop(0)
+        e2 = layer.pop(0)
+        new_layer.append(internal_hash((e1,e2)))
+    return new_layer
 
 def reduce_tree(entries, layers):
-	if len(entries) == 0 and layers is []:
-		return [[hashlib.sha256().digest()]]
+    if len(entries) == 0 and layers is []:
+        return [[hashlib.sha256().digest()]]
   
-	layer_idx = 0
-	layers[layer_idx] += entries
+    layer_idx = 0
+    layers[layer_idx] += entries
 
-	while len(layers[layer_idx]) > 1:
-		if len(layers) == layer_idx + 1:
-			layers.append([])
+    while len(layers[layer_idx]) > 1:
+        if len(layers) == layer_idx + 1:
+            layers.append([])
 
-		layers[layer_idx + 1] += reduce_layer(layers[layer_idx]) 
-		layer_idx += 1
-	return layers
+        layers[layer_idx + 1] += reduce_layer(layers[layer_idx]) 
+        layer_idx += 1
+    return layers
 
 def reduce_subtree_to_root(layers):
-	while len(layers) > 1:
-		layers[1] += next_merkle_layer(layers[0])
-		del layers[0]
+    while len(layers) > 1:
+        layers[1] += next_merkle_layer(layers[0])
+        del layers[0]
 
-	if len(layers[0]) > 1:
-		return next_merkle_layer(layers[0])
-	return layers[0]
+    if len(layers[0]) > 1:
+        return next_merkle_layer(layers[0])
+    return layers[0]
 
 def get_proof_by_index(baseurl, index, tree_size):
     try:
@@ -62,14 +63,14 @@ def get_proof_by_index(baseurl, index, tree_size):
 
 
 base_urls = ["https://plausible.ct.nordu.net/",
-			"https://ct1.digicert-ct.com/log/", 
-			"https://ct.izenpe.com/",
-			"https://log.certly.io/", 
-			"https://ctlog.api.venafi.com/",
-			"https://ct.googleapis.com/aviator/", 
-			"https://ct.googleapis.com/pilot/",
-			"https://ct.googleapis.com/rocketeer/",
-			]
+            "https://ct1.digicert-ct.com/log/", 
+            "https://ct.izenpe.com/",
+            "https://log.certly.io/", 
+            "https://ctlog.api.venafi.com/",
+            "https://ct.googleapis.com/aviator/", 
+            "https://ct.googleapis.com/pilot/",
+            "https://ct.googleapis.com/rocketeer/",
+            ]
 
 logkeys = {}
 logkeys["https://plausible.ct.nordu.net/"] = get_public_key_from_file("../../plausible-logkey.pem")
@@ -82,9 +83,46 @@ logkeys["https://ct1.digicert-ct.com/log/"] = get_public_key_from_file("../../di
 logkeys["https://ctlog.api.venafi.com/"] = get_public_key_from_file("../../venafi-logkey.pem")
 
 
-from Crypto import Signature
+import Crypto.PublicKey.RSA as RSA
+from Crypto.Hash import SHA256
 
-sth = get_sth(base_urls[4])
+for url in base_urls:
+    sth = get_sth(url)
+    signature = base64.b64decode(sth["tree_head_signature"])
+    key = logkeys[url]
+    root_hash = base64.b64decode(sth["sha256_root_hash"])
 
-print sth
+    hash_alg, signature_alg, unpacked_signature = decode_signature(signature)
+    if signature_alg == 1:
 
+        # rsa_key = RSA.importKey(key)
+        # verifier = PKCS1_v1_5.new(rsa_key)
+        
+        # version = struct.pack(">b", 0)
+        # signature_type = struct.pack(">b", 1)
+        # timestamp = struct.pack(">Q", sth["timestamp"])
+        # tree_size = struct.pack(">Q", sth["tree_size"])
+        # hash = base64.decodestring(sth["sha256_root_hash"])
+
+        # tree_head = version + signature_type + timestamp + tree_size + hash
+        # h = SHA256.new(tree_head)
+
+        # print verifier
+        # print verifier.verify(h, unpacked_signature)
+        print "RSA Signature from " + url
+        check_sth_signature(url, sth, key)
+
+
+
+    elif signature_alg == 3:
+        print "ECDSA signature from " + url
+        check_sth_signature(url, sth, key)
+    else:
+        print "Unknown signature algorithm from " + url
+
+# print sth
+# print "\n\n" + signature
+# print "\n\n" + key
+# print rsa_key
+
+# print "\n\n" + rsa_key.verify(root_hash, signature)
\ No newline at end of file
diff --git a/tools/josef_nagios_auditor.py b/tools/josef_nagios_auditor.py
index 6e36568..74cc522 100755
--- a/tools/josef_nagios_auditor.py
+++ b/tools/josef_nagios_auditor.py
@@ -79,7 +79,7 @@ def get_and_verify_sth(url, key):
         check_sth_signature(url, sth, key)
         # write_file("plausible-sth.json", tmp_sth)
     except:
-        error_str = time.strftime('%H:%M:%S') + " ERROR: Could not verify signature from " + base_url
+        error_str = time.strftime('%H:%M:%S') + " ERROR: Could not verify signature from " + url
         print error_str
         sys.exit(NAGIOS_CRIT)
     return sth
@@ -317,7 +317,7 @@ def main(args):
     try:
         log_key = get_public_key_from_file(args.keyfile)
     except:
-        print time.strftime('%H:%M:%S') + " ERROR: Failed to load keyfile " + args.logkey
+        print time.strftime('%H:%M:%S') + " ERROR: Failed to load keyfile " + args.keyfile
         sys.exit(NAGIOS_WARN)
 
     old_sth = read_sth(args.sthfile)