Loading changes/ticket33632 0 → 100644 +5 −0 Original line number Diff line number Diff line o Minor features (relay fingerprint, command line): - Allow a relay operator to list the ed25519 keys on the command line by adding the `rsa` and `ed25519` arguments to the --list-fingerprint flag to show the respective RSA and ed25519 relay fingerprint. Closes ticket 33632. Patch by Neel Chauhan. doc/man/tor.1.txt +3 −2 Original line number Diff line number Diff line Loading @@ -91,8 +91,9 @@ The following options in this section are only recognized on the [[opt-hash-password]] **`--hash-password`** __PASSWORD__:: Generate a hashed password for control port access. [[opt-list-fingerprint]] **`--list-fingerprint`**:: Generate your keys and output your nickname and fingerprint. [[opt-list-fingerprint]] **`--list-fingerprint`** [__key type__]:: Generate your keys and output your nickname and fingerprint. Optionally, you can specify the key type as `rsa` (default) or `ed25519`. [[opt-verify-config]] **`--verify-config`**:: Verify whether the configuration file is valid. Loading src/app/config/config.c +1 −0 Original line number Diff line number Diff line Loading @@ -2466,6 +2466,7 @@ static const struct { .command=CMD_DUMP_CONFIG, .quiet=QUIET_SILENT }, { .name="--list-fingerprint", .takes_argument=ARGUMENT_OPTIONAL, .command=CMD_LIST_FINGERPRINT }, { .name="--keygen", .command=CMD_KEYGEN }, Loading src/app/main/main.c +32 −8 Original line number Diff line number Diff line Loading @@ -58,6 +58,7 @@ #include "feature/stats/rephist.h" #include "lib/compress/compress.h" #include "lib/buf/buffers.h" #include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_rand.h" #include "lib/crypt_ops/crypto_s2k.h" #include "lib/net/resolve.h" Loading Loading @@ -735,11 +736,23 @@ tor_remove_file(const char *filename) static int do_list_fingerprint(void) { char buf[FINGERPRINT_LEN+1]; const or_options_t *options = get_options(); const char *arg = options->command_arg; char rsa[FINGERPRINT_LEN + 1]; crypto_pk_t *k; const char *nickname = get_options()->Nickname; const ed25519_public_key_t *edkey; const char *nickname = options->Nickname; sandbox_disable_getaddrinfo_cache(); if (!server_mode(get_options())) { bool show_rsa = !strcmp(arg, "") || !strcmp(arg, "rsa"); bool show_ed25519 = !strcmp(arg, "ed25519"); if (!show_rsa && !show_ed25519) { log_err(LD_GENERAL, "If you give a key type, you must specify 'rsa' or 'ed25519'. Exiting."); return -1; } if (!server_mode(options)) { log_err(LD_GENERAL, "Clients don't have long-term identity keys. Exiting."); return -1; Loading @@ -750,14 +763,25 @@ do_list_fingerprint(void) return -1; } if (!(k = get_server_identity_key())) { log_err(LD_GENERAL,"Error: missing identity key."); log_err(LD_GENERAL, "Error: missing RSA identity key."); return -1; } if (crypto_pk_get_fingerprint(k, rsa, 1) < 0) { log_err(LD_BUG, "Error computing RSA fingerprint"); return -1; } if (crypto_pk_get_fingerprint(k, buf, 1)<0) { log_err(LD_BUG, "Error computing fingerprint"); if (!(edkey = get_master_identity_key())) { log_err(LD_GENERAL,"Error: missing ed25519 identity key."); return -1; } printf("%s %s\n", nickname, buf); if (show_rsa) { printf("%s %s\n", nickname, rsa); } if (show_ed25519) { char ed25519[ED25519_BASE64_LEN + 1]; digest256_to_base64(ed25519, (const char *) edkey->pubkey); printf("%s %s\n", nickname, ed25519); } return 0; } Loading Loading
changes/ticket33632 0 → 100644 +5 −0 Original line number Diff line number Diff line o Minor features (relay fingerprint, command line): - Allow a relay operator to list the ed25519 keys on the command line by adding the `rsa` and `ed25519` arguments to the --list-fingerprint flag to show the respective RSA and ed25519 relay fingerprint. Closes ticket 33632. Patch by Neel Chauhan.
doc/man/tor.1.txt +3 −2 Original line number Diff line number Diff line Loading @@ -91,8 +91,9 @@ The following options in this section are only recognized on the [[opt-hash-password]] **`--hash-password`** __PASSWORD__:: Generate a hashed password for control port access. [[opt-list-fingerprint]] **`--list-fingerprint`**:: Generate your keys and output your nickname and fingerprint. [[opt-list-fingerprint]] **`--list-fingerprint`** [__key type__]:: Generate your keys and output your nickname and fingerprint. Optionally, you can specify the key type as `rsa` (default) or `ed25519`. [[opt-verify-config]] **`--verify-config`**:: Verify whether the configuration file is valid. Loading
src/app/config/config.c +1 −0 Original line number Diff line number Diff line Loading @@ -2466,6 +2466,7 @@ static const struct { .command=CMD_DUMP_CONFIG, .quiet=QUIET_SILENT }, { .name="--list-fingerprint", .takes_argument=ARGUMENT_OPTIONAL, .command=CMD_LIST_FINGERPRINT }, { .name="--keygen", .command=CMD_KEYGEN }, Loading
src/app/main/main.c +32 −8 Original line number Diff line number Diff line Loading @@ -58,6 +58,7 @@ #include "feature/stats/rephist.h" #include "lib/compress/compress.h" #include "lib/buf/buffers.h" #include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_rand.h" #include "lib/crypt_ops/crypto_s2k.h" #include "lib/net/resolve.h" Loading Loading @@ -735,11 +736,23 @@ tor_remove_file(const char *filename) static int do_list_fingerprint(void) { char buf[FINGERPRINT_LEN+1]; const or_options_t *options = get_options(); const char *arg = options->command_arg; char rsa[FINGERPRINT_LEN + 1]; crypto_pk_t *k; const char *nickname = get_options()->Nickname; const ed25519_public_key_t *edkey; const char *nickname = options->Nickname; sandbox_disable_getaddrinfo_cache(); if (!server_mode(get_options())) { bool show_rsa = !strcmp(arg, "") || !strcmp(arg, "rsa"); bool show_ed25519 = !strcmp(arg, "ed25519"); if (!show_rsa && !show_ed25519) { log_err(LD_GENERAL, "If you give a key type, you must specify 'rsa' or 'ed25519'. Exiting."); return -1; } if (!server_mode(options)) { log_err(LD_GENERAL, "Clients don't have long-term identity keys. Exiting."); return -1; Loading @@ -750,14 +763,25 @@ do_list_fingerprint(void) return -1; } if (!(k = get_server_identity_key())) { log_err(LD_GENERAL,"Error: missing identity key."); log_err(LD_GENERAL, "Error: missing RSA identity key."); return -1; } if (crypto_pk_get_fingerprint(k, rsa, 1) < 0) { log_err(LD_BUG, "Error computing RSA fingerprint"); return -1; } if (crypto_pk_get_fingerprint(k, buf, 1)<0) { log_err(LD_BUG, "Error computing fingerprint"); if (!(edkey = get_master_identity_key())) { log_err(LD_GENERAL,"Error: missing ed25519 identity key."); return -1; } printf("%s %s\n", nickname, buf); if (show_rsa) { printf("%s %s\n", nickname, rsa); } if (show_ed25519) { char ed25519[ED25519_BASE64_LEN + 1]; digest256_to_base64(ed25519, (const char *) edkey->pubkey); printf("%s %s\n", nickname, ed25519); } return 0; } Loading
