Last active
March 18, 2019 17:35
-
-
Save hablutzel1/fa3c45d970ba3e6ba4b7758ed4b7474f to your computer and use it in GitHub Desktop.
check_roots_inclusion_in_ct_logs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# TODO receive these from the CLI. | |
declare -a wisroots=("OISTE WISeKey Global Root GA CA" "OISTE WISeKey Global Root GB CA" "OISTE WISeKey Global Root GC CA") | |
# TODO get the following list from its live location. | |
declare -a prod_logs=( | |
"https://ct.googleapis.com/pilot" | |
"https://ct.googleapis.com/aviator" | |
"https://ct1.digicert-ct.com/log/" | |
"https://ct.googleapis.com/rocketeer" | |
"https://ct.ws.symantec.com/" | |
"https://vega.ws.symantec.com/" | |
"https://ct.googleapis.com/skydiver/" | |
"https://ct.googleapis.com/icarus/" | |
"https://ctlog-gen2.api.venafi.com/" | |
"https://sabre.ct.comodo.com/" | |
"https://mammoth.ct.comodo.com/" | |
"https://ct2.digicert-ct.com/log/" | |
"https://sirius.ws.symantec.com/" | |
"https://ct.googleapis.com/logs/argon2018/" | |
"https://ct.googleapis.com/logs/argon2019/" | |
"https://ct.googleapis.com/logs/argon2020/" | |
"https://ct.googleapis.com/logs/argon2021/" | |
"https://ct.cloudflare.com/logs/nimbus2018/" | |
"https://ct.cloudflare.com/logs/nimbus2019/" | |
"https://ct.cloudflare.com/logs/nimbus2020/" | |
"https://ct.cloudflare.com/logs/nimbus2021/" | |
"https://yeti2018.ct.digicert.com/log/" | |
"https://yeti2019.ct.digicert.com/log/" | |
"https://yeti2020.ct.digicert.com/log/" | |
"https://yeti2021.ct.digicert.com/log/" | |
"https://yeti2022.ct.digicert.com/log/" | |
) | |
declare -a special_logs=( | |
"https://ct.googleapis.com/daedalus" | |
"https://ct.googleapis.com/submariner" | |
) | |
declare -a test_logs=( | |
"https://ct.googleapis.com/logs/crucible" | |
"https://ct.googleapis.com/logs/solera2018" | |
"https://ct.googleapis.com/logs/solera2019" | |
"https://ct.googleapis.com/logs/solera2020" | |
"https://ct.googleapis.com/logs/solera2021" | |
"https://ct.googleapis.com/logs/solera2022" | |
"https://ct.googleapis.com/testtube" | |
) | |
function scanLogs { | |
local -n logs=$2 | |
echo ">" | |
echo "> Checking $1" | |
echo ">" | |
echo | |
for root in "${wisroots[@]}" | |
do | |
echo ">> Looking for root in CT Logs: $root: " | |
echo | |
for log in "${logs[@]}" | |
do | |
# echo -n ">>> Scanning $log: " | |
echo -n "$log: " | |
STDOUT="$(go run development/certificate-transparency-go/client/ctclient/ctclient.go -log_uri $log getroots 2>&1)" | |
#go run development/certificate-transparency-go/client/ctclient/ctclient.go -log_uri $log getroots | |
exit_status=$? | |
if [ $exit_status -eq 0 ]; then | |
FOO=$(echo "$STDOUT" | grep "Subject: .*$root.*") | |
exit_status=$? | |
if [ $exit_status -eq 0 ]; then | |
echo "FOUND" | |
else | |
echo "NOT FOUND" | |
fi | |
else | |
echo "Connection failed!" | |
fi | |
done | |
echo | |
done | |
} | |
scanLogs "Production Logs" prod_logs | |
scanLogs "Special Purpose Logs" special_logs | |
scanLogs "Test Logs" test_logs | |
# test |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment