x509/output: print key PIN on oneline output

That is, instead of the public key ID. The key PIN due to HPKP
is now more widely used than hex-based key IDs.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

diff --git a/lib/x509/output.c b/lib/x509/output.c
index 2eca0b99cf5a83ded80340bd506ab9a5516bb609..99644cc168486113c0cc893b99c135e65d3d0b19 100644 (file)
--- a/lib/x509/output.c
+++ b/lib/x509/output.c
@@ -1847,12 +1847,12 @@ static void print_oneline(gnutls_buffer_st * str, gnutls_x509_crt_t cert)
                err = gnutls_x509_crt_get_key_id(cert, GNUTLS_KEYID_USE_SHA256,
                                                 buffer, &size);
                if (err < 0) {
-                       addf(str, "key ID error (%s)",
+                       addf(str, "key PIN error (%s)",
                             gnutls_strerror(err));
                } else {
-                       addf(str, "key-ID `sha256:");
-                       _gnutls_buffer_hexprint(str, buffer, size);
-                       adds(str, "'");
+                       addf(str, "pin-sha256=\"");
+                       _gnutls_buffer_base64print(str, buffer, size);
+                       adds(str, "\"");
                }
        }