[chore] Validate/set account domain (#619)

* add miekg/dns dependency * set/validate accountDomain
2025-12-17 16:53:00 -06:00 · 2022-06-11 11:09:31 +02:00 · 2022-06-11 11:09:31 +02:00 · cf5c6d724d
commit cf5c6d724d
parent dfdc473cef
304 changed files with 34218 additions and 1 deletions
--- a/vendor/github.com/miekg/dns/dane.go
+++ b/vendor/github.com/miekg/dns/dane.go
@ -0,0 +1,43 @@
+package dns
+
+import (
+	"crypto/sha256"
+	"crypto/sha512"
+	"crypto/x509"
+	"encoding/hex"
+	"errors"
+)
+
+// CertificateToDANE converts a certificate to a hex string as used in the TLSA or SMIMEA records.
+func CertificateToDANE(selector, matchingType uint8, cert *x509.Certificate) (string, error) {
+	switch matchingType {
+	case 0:
+		switch selector {
+		case 0:
+			return hex.EncodeToString(cert.Raw), nil
+		case 1:
+			return hex.EncodeToString(cert.RawSubjectPublicKeyInfo), nil
+		}
+	case 1:
+		h := sha256.New()
+		switch selector {
+		case 0:
+			h.Write(cert.Raw)
+			return hex.EncodeToString(h.Sum(nil)), nil
+		case 1:
+			h.Write(cert.RawSubjectPublicKeyInfo)
+			return hex.EncodeToString(h.Sum(nil)), nil
+		}
+	case 2:
+		h := sha512.New()
+		switch selector {
+		case 0:
+			h.Write(cert.Raw)
+			return hex.EncodeToString(h.Sum(nil)), nil
+		case 1:
+			h.Write(cert.RawSubjectPublicKeyInfo)
+			return hex.EncodeToString(h.Sum(nil)), nil
+		}
+	}
+	return "", errors.New("dns: bad MatchingType or Selector")
+}