From ed749edbe058b9c33dc1a2b758fcc92e1e7ddde5 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Thu, 6 Apr 2017 18:18:02 +0200
Subject: certtool: print the key PIN on private and public keys

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---
 src/certtool-common.c | 13 ++-----------
 src/certtool.c        | 11 -----------
 src/common.c          | 20 ++++++++++++++++++++
 src/common.h          |  1 +
 4 files changed, 23 insertions(+), 22 deletions(-)

diff --git a/src/certtool-common.c b/src/certtool-common.c
index 1cfb056026..2003188b57 100644
--- a/src/certtool-common.c
+++ b/src/certtool-common.c
@@ -1211,7 +1211,8 @@ static void privkey_info_int(FILE *outfile, common_info_st * cinfo,
 		fprintf(stderr, "Error in key id calculation: %s\n",
 			gnutls_strerror(ret));
 	} else {
-		gnutls_datum_t art;
+		fprintf(outfile, "Public Key PIN:\n\tpin-sha256:%s\n",
+			raw_to_base64(lbuffer, size));
 
 		fprintf(outfile, "Public Key ID:\n\tsha256:%s\n",
 			raw_to_string(lbuffer, size));
@@ -1223,16 +1224,6 @@ static void privkey_info_int(FILE *outfile, common_info_st * cinfo,
 			fprintf(outfile, "\tsha1:%s\n",
 				raw_to_string(lbuffer, size));
 		}
-
-		ret =
-		    gnutls_random_art(GNUTLS_RANDOM_ART_OPENSSH, cprint,
-				      bits, lbuffer, size, &art);
-		if (ret >= 0) {
-			fprintf(outfile, "Public key's random art:\n%s\n",
-				art.data);
-			gnutls_free(art.data);
-		}
-
 	}
 	fprintf(outfile, "\n");
 
diff --git a/src/certtool.c b/src/certtool.c
index bf564529de..79813fe458 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -1632,17 +1632,6 @@ void pgp_privkey_info(void)
 
 			fprintf(outfile, "Fingerprint: %s\n",
 				raw_to_string(lbuffer, size));
-
-			ret =
-			    gnutls_random_art(GNUTLS_RANDOM_ART_OPENSSH,
-					      cprint, bits, lbuffer, size,
-					      &art);
-			if (ret >= 0) {
-				fprintf(outfile,
-					"Fingerprint's random art:\n%s\n\n",
-					art.data);
-				gnutls_free(art.data);
-			}
 		}
 	}
 
diff --git a/src/common.c b/src/common.c
index f8e8f0ede2..0c2844d82d 100644
--- a/src/common.c
+++ b/src/common.c
@@ -74,6 +74,26 @@ const char *raw_to_string(const unsigned char *raw, size_t raw_size)
 	return buf;
 }
 
+const char *raw_to_base64(const unsigned char *raw, size_t raw_size)
+{
+	static char buf[1024];
+	gnutls_datum_t data = {(unsigned char*)raw, raw_size};
+	size_t buf_size;
+	int ret;
+
+	if (raw_size == 0)
+		return "(empty)";
+
+	buf_size = sizeof(buf);
+	ret = gnutls_pem_base64_encode(NULL, &data, buf, &buf_size);
+	if (ret < 0)
+		return "(error)";
+
+	buf[sizeof(buf) - 1] = '\0';
+
+	return buf;
+}
+
 static void print_x509_info_compact(gnutls_session_t session)
 {
 	gnutls_x509_crt_t crt;
diff --git a/src/common.h b/src/common.h
index 8cd321e040..e1d9de5071 100644
--- a/src/common.h
+++ b/src/common.h
@@ -67,6 +67,7 @@ void print_list(const char *priorities, int verbose);
 int cert_verify(gnutls_session_t session, const char *hostname, const char *purpose);
 
 const char *raw_to_string(const unsigned char *raw, size_t raw_size);
+const char *raw_to_base64(const unsigned char *raw, size_t raw_size);
 int check_command(gnutls_session_t session, const char *str);
 
 int
-- 
cgit v1.2.1