Add ability to fingerprint public keys

author: Jack Lloyd <[email protected]> 2017-12-14 15:45:55 -0500
committer: Jack Lloyd <[email protected]> 2017-12-14 16:07:53 -0500
commit: 1b6c50860a1cf7776de448f24814f01a700ef2e9 (patch)
tree: 84ac7840e2bf5fe94d0816cccbfcd7130aec0e6e /src/lib/x509
parent: 5c7f3b45198655bd0fae435c428b1f9256610ac5 (diff)
2 files changed, 4 insertions, 19 deletions
diff --git a/src/lib/x509/certstor_sql/certstor_sql.cpp b/src/lib/x509/certstor_sql/certstor_sql.cpp
index 36acd6ce3..6acfed060 100644
--- a/src/lib/x509/certstor_sql/certstor_sql.cpp
+++ b/src/lib/x509/certstor_sql/certstor_sql.cpp
@@ -186,7 +186,7 @@ std::shared_ptr<const Private_Key> Certificate_Store_In_SQL::find_key(const X509
 std::vector<std::shared_ptr<const X509_Certificate>>
 Certificate_Store_In_SQL::find_certs_for_key(const Private_Key& key) const
    {
-   auto fpr = key.fingerprint("SHA-256");
+   auto fpr = key.fingerprint_private("SHA-256");
    auto stmt = m_database->new_statement("SELECT certificate FROM " + m_prefix + "certificates WHERE priv_fingerprint == ?1");
 
    stmt->bind(1,fpr);
@@ -209,7 +209,7 @@ bool Certificate_Store_In_SQL::insert_key(const X509_Certificate& cert, const Pr
       return false;
 
    auto pkcs8 = PKCS8::BER_encode(key, m_rng, m_password);
-   auto fpr = key.fingerprint("SHA-256");
+   auto fpr = key.fingerprint_private("SHA-256");
 
    auto stmt1 = m_database->new_statement(
          "INSERT OR REPLACE INTO " + m_prefix + "keys ( fingerprint, key ) VALUES ( ?1, ?2 )");
@@ -230,7 +230,7 @@ bool Certificate_Store_In_SQL::insert_key(const X509_Certificate& cert, const Pr
 
 void Certificate_Store_In_SQL::remove_key(const Private_Key& key)
    {
-   auto fpr = key.fingerprint("SHA-256");
+   auto fpr = key.fingerprint_private("SHA-256");
    auto stmt = m_database->new_statement("DELETE FROM " + m_prefix + "keys WHERE fingerprint == ?1");
 
    stmt->bind(1,fpr);
diff --git a/src/lib/x509/x509cert.cpp b/src/lib/x509/x509cert.cpp
index acd6b3362..1370d52b0 100644
--- a/src/lib/x509/x509cert.cpp
+++ b/src/lib/x509/x509cert.cpp
@@ -662,22 +662,7 @@ std::vector<std::string> X509_Certificate::policies() const
 
 std::string X509_Certificate::fingerprint(const std::string& hash_name) const
    {
-   std::unique_ptr<HashFunction> hash(HashFunction::create_or_throw(hash_name));
-   hash->update(this->BER_encode());
-   const std::string hex_print = hex_encode(hash->final());
-
-   std::string formatted_print;
-
-   for(size_t i = 0; i != hex_print.size(); i += 2)
-      {
-      formatted_print.push_back(hex_print[i]);
-      formatted_print.push_back(hex_print[i+1]);
-
-      if(i != hex_print.size() - 2)
-         formatted_print.push_back(':');
-      }
-
-   return formatted_print;
+   return create_hex_fingerprint(this->BER_encode(), hash_name);
    }
 
 bool X509_Certificate::matches_dns_name(const std::string& name) const
author	Jack Lloyd <[email protected]>	2017-12-14 15:45:55 -0500
committer	Jack Lloyd <[email protected]>	2017-12-14 16:07:53 -0500
commit	1b6c50860a1cf7776de448f24814f01a700ef2e9 (patch)
tree	84ac7840e2bf5fe94d0816cccbfcd7130aec0e6e /src/lib/x509
parent	5c7f3b45198655bd0fae435c428b1f9256610ac5 (diff)