summaryrefslogtreecommitdiff
path: root/tools/initlog.py
blob: e2e8dd13fa29f0e8e407ad7260b64a3670d5de1c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#!/usr/bin/env python
# -*- coding: utf-8 -*-
#
# Copyright (c) 2017, NORDUnet A/S.
# See LICENSE for licensing information.
#
# Initialise a new CT log.
#

import sys
import os
import argparse
import yaml
import errno
from time import time
from base64 import b64encode
from certtools import build_merkle_tree, generate_tree_head_signature, \
     write_file
from mergetools import get_sth, perm, get_logorder

def parse_args():
    parser = argparse.ArgumentParser(description="")
    parser.add_argument('--config', help="System configuration",
                        required=True)
    parser.add_argument('--localconfig', help="Local configuration",
                        required=True)

    args = parser.parse_args()
    config = yaml.load(open(args.config))
    localconfig = yaml.load(open(args.localconfig))

    return (args, config, localconfig)

def main():
    """
    Initialise a log by creating
    - sth file
      - must not exist before
      - consulting 'logorder' if it exists
    - perm database if it doesn't exist
    """
    args, config, localconfig = parse_args()
    signingnodes = config["signingnodes"]
    paths = localconfig["paths"]
    own_key = (localconfig["nodename"],
               "%s/%s-private.pem" % (paths["privatekeys"],
                                      localconfig["nodename"]))
    mergedb = paths["mergedb"]
    logorderfile = mergedb + "/logorder"
    sthfile = mergedb + "/sth"

    # Don't do anything if there's already an sth file.
    sth = get_sth(sthfile)
    if sth['tree_size'] >= 0:
        print >>sys.stderr, \
          "This log has an STH file with tree size %s." % sth['tree_size']
        print >>sys.stderr, "I refuse to destroy this log."
        return 1

    # Ensure that we can find our keyfile.
    try:
        os.stat(own_key[1])
    except OSError, e:
        if e.errno == errno.ENOENT:
            print >>sys.stderr, "Unable to open keyfile: %s" % own_key[1]
            return 1
        raise

    # Create a chains database.
    chainsdb = perm(localconfig.get("dbbackend", "filedb"), mergedb + "/chains")

    return 0

if __name__ == '__main__':
    sys.exit(main())