1 files changed, 74 insertions, 0 deletions

diff --git a/tools/certtools.py b/tools/certtools.py
new file mode 100644
index 0000000..9d24c36
--- /dev/null
+++ b/tools/certtools.py
@@ -0,0 +1,74 @@
+import subprocess
+import json
+import base64
+import urllib
+import urllib2
+import struct
+
+def get_cert_info(s):
+    p = subprocess.Popen(["openssl", "x509", "-noout", "-subject", "-issuer", "-inform", "der"],
+                         stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    parsed = p.communicate(s)
+    if parsed[1]:
+        print "error:", parsed[1]
+    result = {}
+    for line in parsed[0].split("\n"):
+        (key, sep, value) = line.partition("=")
+        if sep == "=":
+            result[key] = value
+    return result
+
+def get_certs_from_file(certfile):
+    certs = []
+    cert = ""
+    incert = False
+    
+    for line in open(certfile):
+        line = line.strip()
+        if line == "-----BEGIN CERTIFICATE-----":
+            cert = ""
+            incert = True
+        elif line == "-----END CERTIFICATE-----":
+            certs.append(cert)
+            incert = False
+        elif incert:
+            cert += line
+    return certs
+
+def get_root_cert(issuer):
+    accepted_certs = json.loads(open("googlelog-accepted-certs.txt").read())["certificates"]
+    
+    root_cert = None
+
+    for accepted_cert in accepted_certs:
+        subject = get_cert_info(base64.decodestring(accepted_cert))["subject"]
+        if subject == issuer:
+            print "found root cert"
+            root_cert = base64.decodestring(accepted_cert)
+
+    return root_cert
+
+def get_sth(baseurl):
+    result = urllib2.urlopen(baseurl + "ct/v1/get-sth").read()
+    return json.loads(result)
+
+def get_proof_by_hash(baseurl, hash, tree_size):
+    try:
+        params = urllib.urlencode({"hash":base64.b64encode(hash), "tree_size":tree_size})
+        print params
+        result = urllib2.urlopen(baseurl + "ct/v1/get-proof-by-hash?" + params).read()
+        return result
+    except urllib2.HTTPError, e:
+        print e.read()
+        sys.exit(1)
+
+def tls_array(data, length_len):
+    length_bytes = struct.pack(">Q", len(data))[-length_len:]
+    return length_bytes + data
+
+def add_chain(baseurl, submission):
+    try:
+        return json.loads(urllib2.urlopen(baseurl + "ct/v1/add-chain", json.dumps(submission)).read())
+    except urllib2.HTTPError, e:
+        print e.read()
+        sys.exit(1)