Commit 0a4f5627 authored by Nick Mathewson's avatar Nick Mathewson 🦀
Browse files

Functions to get a public RSA key from a cert

parent 92602345
Loading
Loading
Loading
Loading
+34 −0
Original line number Diff line number Diff line
@@ -838,6 +838,40 @@ tor_tls_get_my_certs(int server,
  return 0;
}

/**
 * Return the authentication key that we use to authenticate ourselves as a
 * client in the V3 in-protocol handshake.
 */
crypto_pk_env_t *
tor_tls_get_my_client_auth_key(void)
{
  if (! client_tls_context)
    return NULL;
  return client_tls_context->auth_key;
}

/**
 * Return the public key that a cetificate certifies.  Return NULL if the
 * cert's key is not RSA.
 */
crypto_pk_env_t *
tor_tls_cert_get_key(tor_cert_t *cert)
{
  crypto_pk_env_t *result = NULL;
  EVP_PKEY *pkey = X509_get_pubkey(cert->cert);
  RSA *rsa;
  if (!pkey)
    return NULL;
  rsa = EVP_PKEY_get1_RSA(pkey);
  if (!rsa) {
    EVP_PKEY_free(pkey);
    return NULL;
  }
  result = _crypto_new_pk_env_rsa(rsa);
  EVP_PKEY_free(pkey);
  return result;
}

/** Return true iff <b>a</b> and <b>b</b> represent the same public key. */
static int
pkey_eq(EVP_PKEY *a, EVP_PKEY *b)
+2 −0
Original line number Diff line number Diff line
@@ -118,6 +118,8 @@ const digests_t *tor_cert_get_cert_digests(const tor_cert_t *cert);
int tor_tls_get_my_certs(int server,
                         const tor_cert_t **link_cert_out,
                         const tor_cert_t **id_cert_out);
crypto_pk_env_t *tor_tls_get_my_client_auth_key(void);
crypto_pk_env_t *tor_tls_cert_get_key(tor_cert_t *cert);
int tor_tls_cert_matches_key(const tor_tls_t *tls, const tor_cert_t *cert);
int tor_tls_cert_is_valid(const tor_cert_t *cert,
                          const tor_cert_t *signing_cert);