[tor-dev] generate relay fingerprint without tor given the datadir/keys folder?
nusenu
nusenu at openmailbox.org
Fri Feb 3 16:12:00 UTC 2017
Hi,
given the files within the datadir/keys folder (without the
datadir/fingerprint file), is there an easy way to generate the relay
fingerprint? (using openssl?)
According to the spec [1] the fingerprint is the SHA1 hash of the public
key. (I assume RSA pubkey)
According to the tor man page [2] the RSA public key should be in
keys/secret_id_key.
openssl rsa -in secret_id_key -pubout| ..? |sha1sum
thanks,
nusenu
[1]
> "fingerprint" fingerprint NL
>
> [At most once]
>
> A fingerprint (a HASH_LEN-byte of asn1 encoded public key, encoded in
> hex, with a single space after every 4 characters) for this router's
> identity key. A descriptor is considered invalid (and MUST be
> rejected) if the fingerprint line does not match the public key.
[2]
> DataDirectory/keys/secret_id_key
> A relay’s RSA1024 permanent identity key, including private and
> public components. Used to sign router descriptors, and to sign
> other keys.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20170203/4e49b59e/attachment.sig>
More information about the tor-dev
mailing list