Merge pull request #397 from skalenetwork/sgx-certs-script

add doc and script to check certificates

Merge pull request #397 from skalenetwork/sgx-certs-script
add doc and script to check certificates
ff91ee2e · Ganna Kulikova · GitHub · 6e018429 · 102d0784 · ff91ee2e
Unverified Commit ff91ee2e authored Aug 16, 2022 by Ganna Kulikova Committed by GitHub Aug 16, 2022
Show whitespace changes
Inline Side-by-side

Showing with 50 additions and 0 deletions

grep-certificates.md docs/grep-certificates.md +7 -0

grep_certificates.py scripts/grep_certificates.py +43 -0

No files found.
--- a/docs/grep-certificates.md
+++ b/docs/grep-certificates.md
+# How to check when the certificates stored on sgxwallet were created
+- Download file `scripts/grep_certificates.py` from the sgxwallet repository and put it in sgxwallet repository directory on your machine.
+- Go to sgxwallet repository directory.
+- Run `python3 grep_certificates.py PATH_TO_SGXWALLET_DB_FOLDER`. PATH_TO_SGXWALLET_DB_FOLDER - path (either absolute or relative) to the `sgx_data` directory where sgxwallet db is stored. For example, `/root/sgxwallet/run_sgx/sgx_data` or `run_sgx/sgx_data`
+- The script will output the dates when every certificate was created.
+- Go to skale-node and run `cat .skale/node_data/sgx_certs/sgx.crt | grep "Not Before"`.
+- Ensure that the output of the last command exists in the list from step 3 and it is the latest certificate there! 
\ No newline at end of file
--- a/scripts/grep_certificates.py
+++ b/scripts/grep_certificates.py
+import os
+import re
+import sys
+
+def main():
+    if len(sys.argv) != 2:
+        print("Wrong number of command line arguments: need exactly one")
+        exit(1)
+
+    path = sys.argv[1]
+    if not os.path.exists(path):
+        print("No such file or directory: ", path)
+        exit(2)
+    
+    certs_path = os.path.join(path, "cert_data", "new_certs")
+    if not os.path.exists(certs_path):
+        print("No such file or directory: ", certs_path)
+        exit(3)
+
+    if len(os.listdir(certs_path)) == 0:
+        print("Empty certificates directory. Nothing to review.")
+        return
+    
+    print("Total number of elements in folder:", len(os.listdir(certs_path)))
+    for entity in os.listdir(certs_path):
+        print("Reviewing", entity)
+        entity_path = os.path.join(certs_path, entity)
+        if not os.path.isfile(entity_path):
+            print("Not a regular file. Skipping.")
+            continue
+        _, extension = os.path.splitext(entity_path)
+        if extension != '.pem':
+            print("Not a ssl certificate file. Skipping.")
+            continue
+        with open(entity_path,"r") as file_one:
+            pattern = "Not Before"
+            for line in file_one:
+                if re.search(pattern, line):
+                    print(line)
+                    break
+
+if __name__ == '__main__':
+    main()
\ No newline at end of file