From 76f8a1d0d9e3ea4fd16a0fe19d00e073a333da74 Mon Sep 17 00:00:00 2001
From: Sergey Matveev <stargrave@stargrave.org>
Date: Mon, 20 Feb 2023 16:16:13 +0300
Subject: [PATCH] Example DANE's SPKI hash calculator

---
 cmd/cer-dane-hash/main.go | 47 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 cmd/cer-dane-hash/main.go

diff --git a/cmd/cer-dane-hash/main.go b/cmd/cer-dane-hash/main.go
new file mode 100644
index 0000000..5486a54
--- /dev/null
+++ b/cmd/cer-dane-hash/main.go
@@ -0,0 +1,47 @@
+// GoGOST -- Pure Go GOST cryptographic functions library
+// Copyright (C) 2015-2023 Sergey Matveev <stargrave@stargrave.org>
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, version 3 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+// DANE's SPKI hash calculator
+package main
+
+import (
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/hex"
+	"encoding/pem"
+	"flag"
+	"fmt"
+	"io"
+	"log"
+	"os"
+)
+
+func main() {
+	flag.Parse()
+	data, err := io.ReadAll(os.Stdin)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	b, _ := pem.Decode(data)
+	if b == nil || b.Type != "CERTIFICATE" {
+		log.Fatalln("no CERTIFICATE")
+	}
+	cer, err := x509.ParseCertificate(b.Bytes)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	h := sha256.Sum256(cer.RawSubjectPublicKeyInfo)
+	fmt.Println(hex.EncodeToString(h[:]))
+}
-- 
2.44.0