pivy-box: display ephem keys in 'pivy-box key info'

this makes it easier to match things up with the INFO level logs from
the pivy-agent

ebox.c

@@ -1005,6 +1005,20 @@ ebox_ephem_count(const struct ebox *ebox)
 	return (n);
 }
 
+const struct sshkey *
+ebox_ephem_pubkey(const struct ebox *ebox, uint index)
+{
+	const struct ebox_ephem_key *eek;
+	eek = ebox->e_ephemkeys;
+	while (index > 0 && eek != NULL) {
+		eek = eek->eek_next;
+		--index;
+	}
+	if (eek == NULL)
+		return (NULL);
+	return (eek->eek_ephem);
+}
+
 void *
 ebox_private(const struct ebox *ebox)
 {

ebox.h

@@ -158,6 +158,7 @@ void ebox_free(struct ebox *box);
 uint ebox_version(const struct ebox *ebox);
 enum ebox_type ebox_type(const struct ebox *ebox);
 uint ebox_ephem_count(const struct ebox *ebox);
+const struct sshkey *ebox_ephem_pubkey(const struct ebox *ebox, uint index);
 size_t ebox_config_nonce_len(const struct ebox_config *config);
 
 boolean_t ebox_is_unlocked(const struct ebox *box);

pivy-box.c

@@ -1497,6 +1497,7 @@ cmd_key_info(int argc, char *argv[])
 	struct ebox_config *config = NULL;
 	errf_t *error;
 	const char *fname;
+	uint i;
 
 	if (argc == 1) {
 		FILE *file;
@@ -1533,6 +1534,17 @@ cmd_key_info(int argc, char *argv[])
 		break;
 	}
 	fprintf(stderr, "ephemeral keys: %u\n", ebox_ephem_count(ebox));
+	for (i = 0; i < ebox_ephem_count(ebox); ++i) {
+		const struct sshkey *k = ebox_ephem_pubkey(ebox, i);
+		char *fp;
+		VERIFY3U(k->type, ==, KEY_ECDSA);
+		fp = sshkey_fingerprint(k, SSH_DIGEST_SHA256, SSH_FP_BASE64);
+		fprintf(stderr, "  curve %s:\n    fingerprint: %s\n    key: ",
+		    sshkey_curve_nid_to_name(k->ecdsa_nid), fp);
+		(void)sshkey_write(k, stderr);
+		fprintf(stderr, "\n");
+		free(fp);
+	}
 	fprintf(stderr, "recovery cipher: %s\n", ebox_cipher(ebox));
 
 	while ((config = ebox_next_config(ebox, config)) != NULL) {