Merge branch 'genauthkeys'

1 files changed, 4 insertions, 11 deletions

diff --git a/tools/fetchallcerts.py b/tools/fetchallcerts.py
index 398c563..395fe69 100755
--- a/tools/fetchallcerts.py
+++ b/tools/fetchallcerts.py
@@ -22,18 +22,9 @@ parser = argparse.ArgumentParser(description='')
 parser.add_argument('baseurl', help="Base URL for CT server")
 parser.add_argument('--store', default=None, metavar="dir", help='Store certificates in directory dir')
 parser.add_argument('--write-sth', action='store_true', help='Write STH')
+parser.add_argument('--publickey', default=None, metavar="file", help='Public key for the CT log')
 args = parser.parse_args()
 
-def extract_original_entry(entry):
-    leaf_input =  base64.decodestring(entry["leaf_input"])
-    (leaf_cert, timestamp, issuer_key_hash) = unpack_mtl(leaf_input)
-    extra_data = base64.decodestring(entry["extra_data"])
-    if issuer_key_hash != None:
-        (precert, extra_data) = extract_precertificate(extra_data)
-        leaf_cert = precert
-    certchain = decode_certificate_chain(extra_data)
-    return ([leaf_cert] + certchain, timestamp, issuer_key_hash)
-
 def get_entries_wrapper(baseurl, start, end):
     fetched_entries = 0
     while start + fetched_entries < (end + 1):
@@ -49,8 +40,10 @@ def print_layer(layer):
     for entry in layer:
         print base64.b16encode(entry)
 
+logpublickey = get_public_key_from_file(args.publickey) if args.publickey else None
+
 sth = get_sth(args.baseurl)
-check_sth_signature(args.baseurl, sth)
+check_sth_signature(args.baseurl, sth, publickey=logpublickey)
 tree_size = sth["tree_size"]
 root_hash = base64.decodestring(sth["sha256_root_hash"])