gtsocial-umbx

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

dane.go (997B)

      1 package dns
      2 
      3 import (
      4 	"crypto/sha256"
      5 	"crypto/sha512"
      6 	"crypto/x509"
      7 	"encoding/hex"
      8 	"errors"
      9 )
     10 
     11 // CertificateToDANE converts a certificate to a hex string as used in the TLSA or SMIMEA records.
     12 func CertificateToDANE(selector, matchingType uint8, cert *x509.Certificate) (string, error) {
     13 	switch matchingType {
     14 	case 0:
     15 		switch selector {
     16 		case 0:
     17 			return hex.EncodeToString(cert.Raw), nil
     18 		case 1:
     19 			return hex.EncodeToString(cert.RawSubjectPublicKeyInfo), nil
     20 		}
     21 	case 1:
     22 		h := sha256.New()
     23 		switch selector {
     24 		case 0:
     25 			h.Write(cert.Raw)
     26 			return hex.EncodeToString(h.Sum(nil)), nil
     27 		case 1:
     28 			h.Write(cert.RawSubjectPublicKeyInfo)
     29 			return hex.EncodeToString(h.Sum(nil)), nil
     30 		}
     31 	case 2:
     32 		h := sha512.New()
     33 		switch selector {
     34 		case 0:
     35 			h.Write(cert.Raw)
     36 			return hex.EncodeToString(h.Sum(nil)), nil
     37 		case 1:
     38 			h.Write(cert.RawSubjectPublicKeyInfo)
     39 			return hex.EncodeToString(h.Sum(nil)), nil
     40 		}
     41 	}
     42 	return "", errors.New("dns: bad MatchingType or Selector")
     43 }