diff options
| author |  tobi <31960611+tsmethurst@users.noreply.github.com> | 2022-06-11 11:09:31 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2022-06-11 11:09:31 +0200 |
| commit | cf5c6d724d381a867a7ff5d82fb9432e26c395e8 (patch) | |
| tree | 859bb6fa4a3de2fdcb218b24bb33ab7219e80ce7 /vendor/github.com/miekg/dns/dane.go | |
| parent | [chore] Webfinger rework (#627) (diff) | |
| download | gotosocial-cf5c6d724d381a867a7ff5d82fb9432e26c395e8.tar.xz | |
[chore] Validate/set account domain (#619)
* add miekg/dns dependency
* set/validate accountDomain
Diffstat (limited to 'vendor/github.com/miekg/dns/dane.go')
| -rw-r--r-- | vendor/github.com/miekg/dns/dane.go | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/vendor/github.com/miekg/dns/dane.go b/vendor/github.com/miekg/dns/dane.go new file mode 100644 index 000000000..8c4a14ef1 --- /dev/null +++ b/vendor/github.com/miekg/dns/dane.go @@ -0,0 +1,43 @@ +package dns + +import ( + "crypto/sha256" + "crypto/sha512" + "crypto/x509" + "encoding/hex" + "errors" +) + +// CertificateToDANE converts a certificate to a hex string as used in the TLSA or SMIMEA records. +func CertificateToDANE(selector, matchingType uint8, cert *x509.Certificate) (string, error) { + switch matchingType { + case 0: + switch selector { + case 0: + return hex.EncodeToString(cert.Raw), nil + case 1: + return hex.EncodeToString(cert.RawSubjectPublicKeyInfo), nil + } + case 1: + h := sha256.New() + switch selector { + case 0: + h.Write(cert.Raw) + return hex.EncodeToString(h.Sum(nil)), nil + case 1: + h.Write(cert.RawSubjectPublicKeyInfo) + return hex.EncodeToString(h.Sum(nil)), nil + } + case 2: + h := sha512.New() + switch selector { + case 0: + h.Write(cert.Raw) + return hex.EncodeToString(h.Sum(nil)), nil + case 1: + h.Write(cert.RawSubjectPublicKeyInfo) + return hex.EncodeToString(h.Sum(nil)), nil + } + } + return "", errors.New("dns: bad MatchingType or Selector") +} |