github.com/xtls/xray-core@v1.8.12-0.20240518155711-3168d27b0bdb/transport/internet/tls/pin.go (about)

     1  package tls
     2  
     3  import (
     4  	"crypto/sha256"
     5  	"crypto/x509"
     6  	"encoding/base64"
     7  	"encoding/pem"
     8  )
     9  
    10  func CalculatePEMCertChainSHA256Hash(certContent []byte) string {
    11  	var certChain [][]byte
    12  	for {
    13  		block, remain := pem.Decode(certContent)
    14  		if block == nil {
    15  			break
    16  		}
    17  		certChain = append(certChain, block.Bytes)
    18  		certContent = remain
    19  	}
    20  	certChainHash := GenerateCertChainHash(certChain)
    21  	certChainHashB64 := base64.StdEncoding.EncodeToString(certChainHash)
    22  	return certChainHashB64
    23  }
    24  
    25  func GenerateCertChainHash(rawCerts [][]byte) []byte {
    26  	var hashValue []byte
    27  	for _, certValue := range rawCerts {
    28  		out := sha256.Sum256(certValue)
    29  		if hashValue == nil {
    30  			hashValue = out[:]
    31  		} else {
    32  			newHashValue := sha256.Sum256(append(hashValue, out[:]...))
    33  			hashValue = newHashValue[:]
    34  		}
    35  	}
    36  	return hashValue
    37  }
    38  
    39  func GenerateCertPublicKeyHash(cert *x509.Certificate) []byte {
    40  	out := sha256.Sum256(cert.RawSubjectPublicKeyInfo)
    41  	return out[:]
    42  }