Loading changes/bug10884 0 → 100644 +5 −0 Original line number Diff line number Diff line o Minor features: - Bridges write the SHA1 digest of their identity key fingerprint to notice-level logs and to hashed-fingerprint, so that bridge operators can look up their bridge in Globe and similar tools. doc/tor.1.txt +4 −0 Original line number Diff line number Diff line Loading @@ -2305,6 +2305,10 @@ __DataDirectory__**/keys/***:: __DataDirectory__**/fingerprint**:: Only used by servers. Holds the fingerprint of the server's identity key. __DataDirectory__**/hashed-fingerprint**:: Only used by bridges. Holds the hashed fingerprint of the bridge's identity key. (That is, the hash of the hash of the identity key.) __DataDirectory__**/approved-routers**:: Only for naming authoritative directory servers (see **NamingAuthoritativeDirectory**). This file lists nickname to identity Loading src/common/crypto.c +22 −0 Original line number Diff line number Diff line Loading @@ -1374,6 +1374,28 @@ crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out, int add_space) return 0; } /** Given a private or public key <b>pk</b>, put a hashed fingerprint of * the public key into <b>fp_out</b> (must have at least FINGERPRINT_LEN+1 * bytes of space). Return 0 on success, -1 on failure. * * Hashed fingerprints are computed as the SHA1 digest of the SHA1 digest * of the ASN.1 encoding of the public key, converted to hexadecimal, in * upper case. */ int crypto_pk_get_hashed_fingerprint(crypto_pk_t *pk, char *fp_out) { char digest[DIGEST_LEN], hashed_digest[DIGEST_LEN]; if (crypto_pk_get_digest(pk, digest)) { return -1; } if (crypto_digest(hashed_digest, digest, DIGEST_LEN)) { return -1; } base16_encode(fp_out, FINGERPRINT_LEN + 1, hashed_digest, DIGEST_LEN); return 0; } /* symmetric crypto */ /** Return a pointer to the key set for the cipher in <b>env</b>. Loading src/common/crypto.h +1 −0 Original line number Diff line number Diff line Loading @@ -182,6 +182,7 @@ crypto_pk_t *crypto_pk_asn1_decode(const char *str, size_t len); int crypto_pk_get_digest(crypto_pk_t *pk, char *digest_out); int crypto_pk_get_all_digests(crypto_pk_t *pk, digests_t *digests_out); int crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out,int add_space); int crypto_pk_get_hashed_fingerprint(crypto_pk_t *pk, char *fp_out); /* symmetric crypto */ const char *crypto_cipher_get_key(crypto_cipher_t *env); Loading src/or/main.c +2 −0 Original line number Diff line number Diff line Loading @@ -2764,6 +2764,8 @@ sandbox_init_filter(void) get_datadir_fname2("keys", "secret_id_key.tmp"), 1, get_datadir_fname("fingerprint"), 1, get_datadir_fname("fingerprint.tmp"), 1, get_datadir_fname("hashed-fingerprint"), 1, get_datadir_fname("hashed-fingerprint.tmp"), 1, get_datadir_fname("cached-consensus"), 1, get_datadir_fname("cached-consensus.tmp"), 1, "/etc/resolv.conf", 0, Loading Loading
changes/bug10884 0 → 100644 +5 −0 Original line number Diff line number Diff line o Minor features: - Bridges write the SHA1 digest of their identity key fingerprint to notice-level logs and to hashed-fingerprint, so that bridge operators can look up their bridge in Globe and similar tools.
doc/tor.1.txt +4 −0 Original line number Diff line number Diff line Loading @@ -2305,6 +2305,10 @@ __DataDirectory__**/keys/***:: __DataDirectory__**/fingerprint**:: Only used by servers. Holds the fingerprint of the server's identity key. __DataDirectory__**/hashed-fingerprint**:: Only used by bridges. Holds the hashed fingerprint of the bridge's identity key. (That is, the hash of the hash of the identity key.) __DataDirectory__**/approved-routers**:: Only for naming authoritative directory servers (see **NamingAuthoritativeDirectory**). This file lists nickname to identity Loading
src/common/crypto.c +22 −0 Original line number Diff line number Diff line Loading @@ -1374,6 +1374,28 @@ crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out, int add_space) return 0; } /** Given a private or public key <b>pk</b>, put a hashed fingerprint of * the public key into <b>fp_out</b> (must have at least FINGERPRINT_LEN+1 * bytes of space). Return 0 on success, -1 on failure. * * Hashed fingerprints are computed as the SHA1 digest of the SHA1 digest * of the ASN.1 encoding of the public key, converted to hexadecimal, in * upper case. */ int crypto_pk_get_hashed_fingerprint(crypto_pk_t *pk, char *fp_out) { char digest[DIGEST_LEN], hashed_digest[DIGEST_LEN]; if (crypto_pk_get_digest(pk, digest)) { return -1; } if (crypto_digest(hashed_digest, digest, DIGEST_LEN)) { return -1; } base16_encode(fp_out, FINGERPRINT_LEN + 1, hashed_digest, DIGEST_LEN); return 0; } /* symmetric crypto */ /** Return a pointer to the key set for the cipher in <b>env</b>. Loading
src/common/crypto.h +1 −0 Original line number Diff line number Diff line Loading @@ -182,6 +182,7 @@ crypto_pk_t *crypto_pk_asn1_decode(const char *str, size_t len); int crypto_pk_get_digest(crypto_pk_t *pk, char *digest_out); int crypto_pk_get_all_digests(crypto_pk_t *pk, digests_t *digests_out); int crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out,int add_space); int crypto_pk_get_hashed_fingerprint(crypto_pk_t *pk, char *fp_out); /* symmetric crypto */ const char *crypto_cipher_get_key(crypto_cipher_t *env); Loading
src/or/main.c +2 −0 Original line number Diff line number Diff line Loading @@ -2764,6 +2764,8 @@ sandbox_init_filter(void) get_datadir_fname2("keys", "secret_id_key.tmp"), 1, get_datadir_fname("fingerprint"), 1, get_datadir_fname("fingerprint.tmp"), 1, get_datadir_fname("hashed-fingerprint"), 1, get_datadir_fname("hashed-fingerprint.tmp"), 1, get_datadir_fname("cached-consensus"), 1, get_datadir_fname("cached-consensus.tmp"), 1, "/etc/resolv.conf", 0, Loading