commit 0a4f56277290d4736db3b15dc4c2071000f7883f Author: Nick Mathewson nickm@torproject.org Date: Thu Sep 22 10:18:17 2011 -0400
Functions to get a public RSA key from a cert --- src/common/tortls.c | 34 ++++++++++++++++++++++++++++++++++ src/common/tortls.h | 2 ++ 2 files changed, 36 insertions(+), 0 deletions(-)
diff --git a/src/common/tortls.c b/src/common/tortls.c index 332d784..5d36fd0 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -838,6 +838,40 @@ tor_tls_get_my_certs(int server, return 0; }
+/** + * Return the authentication key that we use to authenticate ourselves as a + * client in the V3 in-protocol handshake. + */ +crypto_pk_env_t * +tor_tls_get_my_client_auth_key(void) +{ + if (! client_tls_context) + return NULL; + return client_tls_context->auth_key; +} + +/** + * Return the public key that a cetificate certifies. Return NULL if the + * cert's key is not RSA. + */ +crypto_pk_env_t * +tor_tls_cert_get_key(tor_cert_t *cert) +{ + crypto_pk_env_t *result = NULL; + EVP_PKEY *pkey = X509_get_pubkey(cert->cert); + RSA *rsa; + if (!pkey) + return NULL; + rsa = EVP_PKEY_get1_RSA(pkey); + if (!rsa) { + EVP_PKEY_free(pkey); + return NULL; + } + result = _crypto_new_pk_env_rsa(rsa); + EVP_PKEY_free(pkey); + return result; +} + /** Return true iff <b>a</b> and <b>b</b> represent the same public key. */ static int pkey_eq(EVP_PKEY *a, EVP_PKEY *b) diff --git a/src/common/tortls.h b/src/common/tortls.h index 70d24a5..b522dd1 100644 --- a/src/common/tortls.h +++ b/src/common/tortls.h @@ -118,6 +118,8 @@ const digests_t *tor_cert_get_cert_digests(const tor_cert_t *cert); int tor_tls_get_my_certs(int server, const tor_cert_t **link_cert_out, const tor_cert_t **id_cert_out); +crypto_pk_env_t *tor_tls_get_my_client_auth_key(void); +crypto_pk_env_t *tor_tls_cert_get_key(tor_cert_t *cert); int tor_tls_cert_matches_key(const tor_tls_t *tls, const tor_cert_t *cert); int tor_tls_cert_is_valid(const tor_cert_t *cert, const tor_cert_t *signing_cert);