mirror of
https://codeberg.org/superseriousbusiness/gotosocial.git
synced 2024-12-25 10:28:18 +03:00
cf5c6d724d
* add miekg/dns dependency * set/validate accountDomain
43 lines
997 B
Go
43 lines
997 B
Go
package dns
|
|
|
|
import (
|
|
"crypto/sha256"
|
|
"crypto/sha512"
|
|
"crypto/x509"
|
|
"encoding/hex"
|
|
"errors"
|
|
)
|
|
|
|
// CertificateToDANE converts a certificate to a hex string as used in the TLSA or SMIMEA records.
|
|
func CertificateToDANE(selector, matchingType uint8, cert *x509.Certificate) (string, error) {
|
|
switch matchingType {
|
|
case 0:
|
|
switch selector {
|
|
case 0:
|
|
return hex.EncodeToString(cert.Raw), nil
|
|
case 1:
|
|
return hex.EncodeToString(cert.RawSubjectPublicKeyInfo), nil
|
|
}
|
|
case 1:
|
|
h := sha256.New()
|
|
switch selector {
|
|
case 0:
|
|
h.Write(cert.Raw)
|
|
return hex.EncodeToString(h.Sum(nil)), nil
|
|
case 1:
|
|
h.Write(cert.RawSubjectPublicKeyInfo)
|
|
return hex.EncodeToString(h.Sum(nil)), nil
|
|
}
|
|
case 2:
|
|
h := sha512.New()
|
|
switch selector {
|
|
case 0:
|
|
h.Write(cert.Raw)
|
|
return hex.EncodeToString(h.Sum(nil)), nil
|
|
case 1:
|
|
h.Write(cert.RawSubjectPublicKeyInfo)
|
|
return hex.EncodeToString(h.Sum(nil)), nil
|
|
}
|
|
}
|
|
return "", errors.New("dns: bad MatchingType or Selector")
|
|
}
|