9bdcbe0447
Major integrations and fixes: - Added BACKBEAT SDK integration for P2P operation timing - Implemented beat-aware status tracking for distributed operations - Added Docker secrets support for secure license management - Resolved KACHING license validation via HTTPS/TLS - Updated docker-compose configuration for clean stack deployment - Disabled rollback policies to prevent deployment failures - Added license credential storage (CHORUS-DEV-MULTI-001) Technical improvements: - BACKBEAT P2P operation tracking with phase management - Enhanced configuration system with file-based secrets - Improved error handling for license validation - Clean separation of KACHING and CHORUS deployment stacks 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
44 lines
997 B
Go
44 lines
997 B
Go
package dns
|
|
|
|
import (
|
|
"crypto/sha256"
|
|
"crypto/sha512"
|
|
"crypto/x509"
|
|
"encoding/hex"
|
|
"errors"
|
|
)
|
|
|
|
// CertificateToDANE converts a certificate to a hex string as used in the TLSA or SMIMEA records.
|
|
func CertificateToDANE(selector, matchingType uint8, cert *x509.Certificate) (string, error) {
|
|
switch matchingType {
|
|
case 0:
|
|
switch selector {
|
|
case 0:
|
|
return hex.EncodeToString(cert.Raw), nil
|
|
case 1:
|
|
return hex.EncodeToString(cert.RawSubjectPublicKeyInfo), nil
|
|
}
|
|
case 1:
|
|
h := sha256.New()
|
|
switch selector {
|
|
case 0:
|
|
h.Write(cert.Raw)
|
|
return hex.EncodeToString(h.Sum(nil)), nil
|
|
case 1:
|
|
h.Write(cert.RawSubjectPublicKeyInfo)
|
|
return hex.EncodeToString(h.Sum(nil)), nil
|
|
}
|
|
case 2:
|
|
h := sha512.New()
|
|
switch selector {
|
|
case 0:
|
|
h.Write(cert.Raw)
|
|
return hex.EncodeToString(h.Sum(nil)), nil
|
|
case 1:
|
|
h.Write(cert.RawSubjectPublicKeyInfo)
|
|
return hex.EncodeToString(h.Sum(nil)), nil
|
|
}
|
|
}
|
|
return "", errors.New("dns: bad MatchingType or Selector")
|
|
}
|