/** Set <b>out</b> to the hex-encoded fingerprint of <b>pkey</b>. */
static int
get_fingerprint(EVP_PKEY *pkey, char *out)
{
int r = 1;
crypto_pk_t *pk = _crypto_new_pk_from_rsa(EVP_PKEY_get1_RSA(pkey));
if (pk) {
r = crypto_pk_get_fingerprint(pk, out, 0);
crypto_pk_free(pk);
}
return r;
}
static void
test_routerkeys_write_fingerprint(void *arg)
{
crypto_pk_t *key = pk_generate(2);
or_options_t *options = get_options_mutable();
const char *ddir = get_fname("write_fingerprint");
char *cp = NULL, *cp2 = NULL;
char fp[FINGERPRINT_LEN+1];
(void)arg;
tt_assert(key);
options->ORPort_set = 1; /* So that we can get the server ID key */
tor_free(options->DataDirectory);
options->DataDirectory = tor_strdup(ddir);
options->Nickname = tor_strdup("haflinger");
set_server_identity_key(key);
set_client_identity_key(crypto_pk_dup_key(key));
tt_int_op(0, OP_EQ, check_private_dir(ddir, CPD_CREATE, NULL));
tt_int_op(crypto_pk_cmp_keys(get_server_identity_key(),key),OP_EQ,0);
/* Write fingerprint file */
tt_int_op(0, OP_EQ, router_write_fingerprint(0));
cp = read_file_to_str(get_fname("write_fingerprint/fingerprint"),
0, NULL);
crypto_pk_get_fingerprint(key, fp, 0);
tor_asprintf(&cp2, "haflinger %s\n", fp);
tt_str_op(cp, OP_EQ, cp2);
tor_free(cp);
tor_free(cp2);
/* Write hashed-fingerprint file */
tt_int_op(0, OP_EQ, router_write_fingerprint(1));
cp = read_file_to_str(get_fname("write_fingerprint/hashed-fingerprint"),
0, NULL);
crypto_pk_get_hashed_fingerprint(key, fp);
tor_asprintf(&cp2, "haflinger %s\n", fp);
tt_str_op(cp, OP_EQ, cp2);
tor_free(cp);
tor_free(cp2);
/* Replace outdated file */
write_str_to_file(get_fname("write_fingerprint/hashed-fingerprint"),
"junk goes here", 0);
tt_int_op(0, OP_EQ, router_write_fingerprint(1));
cp = read_file_to_str(get_fname("write_fingerprint/hashed-fingerprint"),
0, NULL);
crypto_pk_get_hashed_fingerprint(key, fp);
tor_asprintf(&cp2, "haflinger %s\n", fp);
tt_str_op(cp, OP_EQ, cp2);
tor_free(cp);
tor_free(cp2);
done:
crypto_pk_free(key);
set_client_identity_key(NULL);
tor_free(cp);
tor_free(cp2);
}
int
main(int c, char **v)
{
crypto_pk_t *env;
char *str;
RSA *rsa;
int wantdigest=0;
int fname_idx;
char *fname=NULL;
init_logging();
if (c < 2) {
fprintf(stderr, "Hi. I'm tor-checkkey. Tell me a filename that "
"has a PEM-encoded RSA public key (like in a cert) and I'll "
"dump the modulus. Use the --digest option too and I'll "
"dump the digest.\n");
return 1;
}
if (crypto_global_init(0, NULL, NULL)) {
fprintf(stderr, "Couldn't initialize crypto library.\n");
return 1;
}
if (!strcmp(v[1], "--digest")) {
wantdigest = 1;
fname_idx = 2;
if (c<3) {
fprintf(stderr, "too few arguments");
return 1;
}
} else {
wantdigest = 0;
fname_idx = 1;
}
fname = expand_filename(v[fname_idx]);
str = read_file_to_str(fname, 0, NULL);
tor_free(fname);
if (!str) {
fprintf(stderr, "Couldn't read %s\n", v[fname_idx]);
return 1;
}
env = crypto_pk_new();
if (crypto_pk_read_public_key_from_string(env, str, strlen(str))<0) {
fprintf(stderr, "Couldn't parse key.\n");
return 1;
}
tor_free(str);
if (wantdigest) {
char digest[HEX_DIGEST_LEN+1];
if (crypto_pk_get_fingerprint(env, digest, 0)<0)
return 1;
printf("%s\n",digest);
} else {
rsa = crypto_pk_get_rsa_(env);
str = BN_bn2hex(rsa->n);
printf("%s\n", str);
}
return 0;
}
