From: Theo Buehler <tb@theobuehler.org>
Subject: Re: rpki-client: collect non-functional CAs
To: Job Snijders <job@openbsd.org>
Cc: tech@openbsd.org
Date: Wed, 12 Mar 2025 12:44:23 +0100

On Wed, Mar 12, 2025 at 12:15:45PM +0100, Theo Buehler wrote:
> On Wed, Mar 12, 2025 at 10:51:54AM +0000, Job Snijders wrote:
> > On Wed, Mar 12, 2025 at 10:02:04AM +0100, Theo Buehler wrote:
> > > +	json_do_array("nonfunc_cas");
> > > +	RB_FOREACH(nca, nca_tree, ncas) {
> > > +		json_do_object("nca", 1);
> > > +		json_do_string("location", nca->location);
> > > +		json_do_string("ta", taldescs[nca->talid]);
> > > +		json_do_string("caRepository", nca->carepo);
> > > +		json_do_string("rpkiManifest", nca->mfturi);
> > > +		json_do_string("ski", nca->ski);
> > 
> > I think I'd prefer using pretty_key_id() to format the SKI. (In a
> > separate diff we can use pretty printing for the SKI in BGPsec too.)
> 
> It seems a bit strange to dump a hex string with colons into the JSON.
> Isn't making things easy on the eye the job of whatever software
> displays this to a human?

On the other hand, file mode already does that, so this seems more
consistent:

Index: extern.h
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/extern.h,v
diff -u -p -r1.237 extern.h
--- extern.h	25 Feb 2025 15:55:26 -0000	1.237
+++ extern.h	12 Mar 2025 11:34:31 -0000
@@ -936,6 +936,7 @@ int		 x509_valid_name(const char *, cons
 time_t		 x509_find_expires(time_t, struct auth *, struct crl_tree *);
 
 /* printers */
+const char	*pretty_key_id(const char *);
 char		*nid2str(int);
 const char	*purpose2str(enum cert_purpose);
 char		*time2str(time_t);
Index: output-json.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/output-json.c,v
diff -u -p -r1.51 output-json.c
--- output-json.c	13 Nov 2024 12:51:04 -0000	1.51
+++ output-json.c	12 Mar 2025 11:34:49 -0000
@@ -172,7 +172,7 @@ output_json(FILE *out, struct vrp_tree *
 	RB_FOREACH(b, brk_tree, brks) {
 		json_do_object("brks", 0);
 		json_do_int("asn", b->asid);
-		json_do_string("ski", b->ski);
+		json_do_string("ski", pretty_key_id(b->ski));
 		json_do_string("pubkey", b->pubkey);
 		json_do_string("ta", taldescs[b->talid]);
 		json_do_int("expires", b->expires);
Index: print.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/print.c,v
diff -u -p -r1.58 print.c
--- print.c	13 Nov 2024 12:51:04 -0000	1.58
+++ print.c	12 Mar 2025 11:35:14 -0000
@@ -30,7 +30,7 @@
 #include "extern.h"
 #include "json.h"
 
-static const char *
+const char *
 pretty_key_id(const char *hex)
 {
 	static char buf[128];	/* bigger than SHA_DIGEST_LENGTH * 3 */