Home Explore Help
Sign In
tangmz
/
openbilibili
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
openbilibili
/
vendor
/
github.com
/
miekg
/
dns
/
dane.go

dane.go 997 B
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243 
  1. package dns
    2. 

  2. 

  3. import (
    4. 

  4. 	"crypto/sha256"
    5. 

  5. 	"crypto/sha512"
    6. 

  6. 	"crypto/x509"
    7. 

  7. 	"encoding/hex"
    8. 

  8. 	"errors"
    9. 

  9. )
    10. 

  10. 

  11. // CertificateToDANE converts a certificate to a hex string as used in the TLSA or SMIMEA records.
    12. 

  12. func CertificateToDANE(selector, matchingType uint8, cert *x509.Certificate) (string, error) {
    13. 

  13. 	switch matchingType {
    14. 

  14. 	case 0:
    15. 

  15. 		switch selector {
    16. 

  16. 		case 0:
    17. 

  17. 			return hex.EncodeToString(cert.Raw), nil
    18. 

  18. 		case 1:
    19. 

  19. 			return hex.EncodeToString(cert.RawSubjectPublicKeyInfo), nil
    20. 

  20. 		}
    21. 

  21. 	case 1:
    22. 

  22. 		h := sha256.New()
    23. 

  23. 		switch selector {
    24. 

  24. 		case 0:
    25. 

  25. 			h.Write(cert.Raw)
    26. 

  26. 			return hex.EncodeToString(h.Sum(nil)), nil
    27. 

  27. 		case 1:
    28. 

  28. 			h.Write(cert.RawSubjectPublicKeyInfo)
    29. 

  29. 			return hex.EncodeToString(h.Sum(nil)), nil
    30. 

  30. 		}
    31. 

  31. 	case 2:
    32. 

  32. 		h := sha512.New()
    33. 

  33. 		switch selector {
    34. 

  34. 		case 0:
    35. 

  35. 			h.Write(cert.Raw)
    36. 

  36. 			return hex.EncodeToString(h.Sum(nil)), nil
    37. 

  37. 		case 1:
    38. 

  38. 			h.Write(cert.RawSubjectPublicKeyInfo)
    39. 

  39. 			return hex.EncodeToString(h.Sum(nil)), nil
    40. 

  40. 		}
    41. 

  41. 	}
    42. 

  42. 	return "", errors.New("dns: bad MatchingType or Selector")
    43. 

  43. }
    44.