[or-cvs] Implement (temporarily) a base64-encoded-DER format for RSA...
Nick Mathewson
nickm at seul.org
Wed Oct 6 13:26:13 UTC 2004
Update of /home/or/cvsroot/src/common
In directory moria.mit.edu:/tmp/cvs-serv24538/src/common
Modified Files:
crypto.c crypto.h
Log Message:
Implement (temporarily) a base64-encoded-DER format for RSA keys; make it easier to generate fingerprints with no space
Index: crypto.c
===================================================================
RCS file: /home/or/cvsroot/src/common/crypto.c,v
retrieving revision 1.104
retrieving revision 1.105
diff -u -d -r1.104 -r1.105
--- crypto.c 21 Sep 2004 04:55:43 -0000 1.104
+++ crypto.c 6 Oct 2004 13:26:10 -0000 1.105
@@ -463,6 +463,50 @@
return r;
}
+int crypto_pk_DER64_encode_key(crypto_pk_env_t *env, char **out)
+{
+ int len;
+ char *s, *sp;
+ tor_assert(env && out);
+ len = i2d_RSAPublicKey(env->key, NULL);
+ if (len < 0) {
+ return -1;
+ }
+ s = sp = tor_malloc(len+1);
+ i2d_RSAPublicKey(env->key, &sp); /* modifies sp */
+ *out = tor_malloc(len * 2); /* too long, but safe. */
+ if (base64_encode(*out, len*2, s, len) < 0) {
+ log_fn(LOG_WARN, "Error base64-encoding DER-encoded key");
+ tor_free(*out);
+ tor_free(s);
+ return -1;
+ }
+ tor_free(s);
+ return len;
+}
+
+int crypto_pk_DER64_decode_key(crypto_pk_env_t *env, const char *in)
+{
+ char *buf, *bufp;
+ RSA *rsa;
+ int len;
+ tor_assert(env && in);
+ len = strlen(in);
+ buf = bufp = tor_malloc(len+1);
+ if (base64_decode(buf, len+1, in, len)<0) {
+ tor_free(buf);
+ log_fn(LOG_WARN,"Error base-64 decoding key");
+ return -1;
+ }
+ rsa = d2i_RSAPublicKey(NULL, &bufp, strlen(buf));
+ tor_free(buf);
+ if (!rsa)
+ return -1;
+ if (env->key) RSA_free(env->key);
+ env->key = rsa;
+ return 0;
+}
+
/** Return true iff <b>env</b> has a valid key.
*/
int crypto_pk_check_key(crypto_pk_env_t *env)
@@ -837,14 +881,16 @@
/** Given a private or public key <b>pk</b>, put a fingerprint of the
* public key into <b>fp_out</b> (must have at least FINGERPRINT_LEN+1 bytes of
- * space).
+ * space).
*
* Fingerprints are computed as the SHA1 digest of the ASN.1 encoding
* of the public key, converted to hexadecimal, in upper case, with a
* space after every four digits.
+ *
+ * If <b>add_space</b> is false, omit the spaces.
*/
int
-crypto_pk_get_fingerprint(crypto_pk_env_t *pk, char *fp_out)
+crypto_pk_get_fingerprint(crypto_pk_env_t *pk, char *fp_out, int add_space)
{
unsigned char *bufp;
unsigned char digest[DIGEST_LEN];
@@ -857,13 +903,17 @@
for (i = 0; i < DIGEST_LEN; ++i) {
sprintf(bufp,"%02X",digest[i]);
bufp += 2;
- if (i%2 && i != 19) {
- *bufp++ = ' ';
+ if (add_space) {
+ if (i%2 && i != 19) {
+ *bufp++ = ' ';
+ }
}
}
*bufp = '\0';
- tor_assert(strlen(buf) == FINGERPRINT_LEN);
- tor_assert(crypto_pk_check_fingerprint_syntax(buf));
+ if (add_space) {
+ tor_assert(strlen(buf) == FINGERPRINT_LEN);
+ tor_assert(crypto_pk_check_fingerprint_syntax(buf));
+ }
strcpy(fp_out, buf);
return 0;
}
Index: crypto.h
===================================================================
RCS file: /home/or/cvsroot/src/common/crypto.h,v
retrieving revision 1.50
retrieving revision 1.51
diff -u -d -r1.50 -r1.51
--- crypto.h 22 Jul 2004 08:29:07 -0000 1.50
+++ crypto.h 6 Oct 2004 13:26:10 -0000 1.51
@@ -86,7 +86,7 @@
int crypto_pk_asn1_encode(crypto_pk_env_t *pk, char *dest, int dest_len);
crypto_pk_env_t *crypto_pk_asn1_decode(const char *str, int len);
int crypto_pk_get_digest(crypto_pk_env_t *pk, char *digest_out);
-int crypto_pk_get_fingerprint(crypto_pk_env_t *pk, char *fp_out);
+int crypto_pk_get_fingerprint(crypto_pk_env_t *pk, char *fp_out,int add_space);
int crypto_pk_check_fingerprint_syntax(const char *s);
int base64_encode(char *dest, int destlen, const char *src, int srclen);
More information about the tor-commits
mailing list