From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Wed, 22 Feb 2017 10:11:06 +0000 (+0100)
Subject: x509/output: print key PIN on oneline output
X-Git-Tag: gnutls_3_6_0~957
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=bf0806e2ec2dff63a1ad8e394b1fe2f0ebc3b7a8;p=thirdparty%2Fgnutls.git

x509/output: print key PIN on oneline output

That is, instead of the public key ID. The key PIN due to HPKP
is now more widely used than hex-based key IDs.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---

diff --git a/lib/x509/output.c b/lib/x509/output.c
index 2eca0b99cf..99644cc168 100644
--- a/lib/x509/output.c
+++ b/lib/x509/output.c
@@ -1847,12 +1847,12 @@ static void print_oneline(gnutls_buffer_st * str, gnutls_x509_crt_t cert)
 		err = gnutls_x509_crt_get_key_id(cert, GNUTLS_KEYID_USE_SHA256,
 						 buffer, &size);
 		if (err < 0) {
-			addf(str, "key ID error (%s)",
+			addf(str, "key PIN error (%s)",
 			     gnutls_strerror(err));
 		} else {
-			addf(str, "key-ID `sha256:");
-			_gnutls_buffer_hexprint(str, buffer, size);
-			adds(str, "'");
+			addf(str, "pin-sha256=\"");
+			_gnutls_buffer_base64print(str, buffer, size);
+			adds(str, "\"");
 		}
 	}