Commit 273f536d authored by Nick Mathewson's avatar Nick Mathewson 🥔
Browse files

Merge branch 'bug10884_squashed'

parents 043329ee 886d4be1
Loading
Loading
Loading
Loading

changes/bug10884

0 → 100644
+5 −0
Original line number Diff line number Diff line
  o Minor features:
    - Bridges write the SHA1 digest of their identity key fingerprint to
      notice-level logs and to hashed-fingerprint, so that bridge
      operators can look up their bridge in Globe and similar tools.
+4 −0
Original line number Diff line number Diff line
@@ -2305,6 +2305,10 @@ __DataDirectory__**/keys/***::
__DataDirectory__**/fingerprint**::
    Only used by servers. Holds the fingerprint of the server's identity key.

__DataDirectory__**/hashed-fingerprint**::
    Only used by bridges. Holds the hashed fingerprint of the bridge's
    identity key. (That is, the hash of the hash of the identity key.)

__DataDirectory__**/approved-routers**::
    Only for naming authoritative directory servers (see
    **NamingAuthoritativeDirectory**). This file lists nickname to identity
+22 −0
Original line number Diff line number Diff line
@@ -1374,6 +1374,28 @@ crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out, int add_space)
  return 0;
}

/** Given a private or public key <b>pk</b>, put a hashed fingerprint of
 * the public key into <b>fp_out</b> (must have at least FINGERPRINT_LEN+1
 * bytes of space).  Return 0 on success, -1 on failure.
 *
 * Hashed fingerprints are computed as the SHA1 digest of the SHA1 digest
 * of the ASN.1 encoding of the public key, converted to hexadecimal, in
 * upper case.
 */
int
crypto_pk_get_hashed_fingerprint(crypto_pk_t *pk, char *fp_out)
{
  char digest[DIGEST_LEN], hashed_digest[DIGEST_LEN];
  if (crypto_pk_get_digest(pk, digest)) {
    return -1;
  }
  if (crypto_digest(hashed_digest, digest, DIGEST_LEN)) {
    return -1;
  }
  base16_encode(fp_out, FINGERPRINT_LEN + 1, hashed_digest, DIGEST_LEN);
  return 0;
}

/* symmetric crypto */

/** Return a pointer to the key set for the cipher in <b>env</b>.
+1 −0
Original line number Diff line number Diff line
@@ -182,6 +182,7 @@ crypto_pk_t *crypto_pk_asn1_decode(const char *str, size_t len);
int crypto_pk_get_digest(crypto_pk_t *pk, char *digest_out);
int crypto_pk_get_all_digests(crypto_pk_t *pk, digests_t *digests_out);
int crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out,int add_space);
int crypto_pk_get_hashed_fingerprint(crypto_pk_t *pk, char *fp_out);

/* symmetric crypto */
const char *crypto_cipher_get_key(crypto_cipher_t *env);
+2 −0
Original line number Diff line number Diff line
@@ -2764,6 +2764,8 @@ sandbox_init_filter(void)
        get_datadir_fname2("keys", "secret_id_key.tmp"), 1,
        get_datadir_fname("fingerprint"), 1,
        get_datadir_fname("fingerprint.tmp"), 1,
        get_datadir_fname("hashed-fingerprint"), 1,
        get_datadir_fname("hashed-fingerprint.tmp"), 1,
        get_datadir_fname("cached-consensus"), 1,
        get_datadir_fname("cached-consensus.tmp"), 1,
        "/etc/resolv.conf", 0,
Loading