github.com/xmplusdev/xmcore@v1.8.11-0.20240412132628-5518b55526af/transport/internet/tls/pin.go (about) 1 package tls 2 3 import ( 4 "crypto/sha256" 5 "crypto/x509" 6 "encoding/base64" 7 "encoding/pem" 8 ) 9 10 func CalculatePEMCertChainSHA256Hash(certContent []byte) string { 11 var certChain [][]byte 12 for { 13 block, remain := pem.Decode(certContent) 14 if block == nil { 15 break 16 } 17 certChain = append(certChain, block.Bytes) 18 certContent = remain 19 } 20 certChainHash := GenerateCertChainHash(certChain) 21 certChainHashB64 := base64.StdEncoding.EncodeToString(certChainHash) 22 return certChainHashB64 23 } 24 25 func GenerateCertChainHash(rawCerts [][]byte) []byte { 26 var hashValue []byte 27 for _, certValue := range rawCerts { 28 out := sha256.Sum256(certValue) 29 if hashValue == nil { 30 hashValue = out[:] 31 } else { 32 newHashValue := sha256.Sum256(append(hashValue, out[:]...)) 33 hashValue = newHashValue[:] 34 } 35 } 36 return hashValue 37 } 38 39 func GenerateCertPublicKeyHash(cert *x509.Certificate) []byte { 40 out := sha256.Sum256(cert.RawSubjectPublicKeyInfo) 41 return out[:] 42 }