Skip to content
Switch branches/tags
Go to file
Cannot retrieve contributors at this time
#!/usr/bin/env python
"""Extracts all Precertificates from the log."""
from __future__ import print_function
import os
import sys
from absl import flags as gflags
from ct.client import scanner
from ct.proto import client_pb2
FLAGS = gflags.FLAGS
gflags.DEFINE_integer("multi", 2, "Number of cert fetching and parsing "
"processes to use, in addition to the main process.")
gflags.DEFINE_string("output_directory", None,
"Output directory for individual Precertificates.")
gflags.DEFINE_integer("start_entry", 0, "Log entry to start from.")
def _precert_matches(certificate, entry_type, extra_data, certificate_index):
"""Matcher function for the scanner. Returns a filename and certificate in
PEM format if it's a precertificate, None otherwise."""
if entry_type == client_pb2.PRECERT_ENTRY:
return ("precert_%d.pem" % certificate_index, certificate.to_pem())
return None
def write_matched_certificate(matcher_output):
output_file, der_data = matcher_output
with open(os.path.join(FLAGS.output_directory, output_file), "wb") as f:
def run():
if not FLAGS.output_directory:
raise Exception("Certificates output directory must be specified.")
res = scanner.scan_log(
_precert_matches, "", FLAGS.multi,
print("Scanned %d, %d matched and %d failed strict or partial parsing" % (, res.matches, res.errors))
if __name__ == "__main__":
sys.argv = FLAGS(sys.argv)