2017-04-23 09:22:00 +02:00
|
|
|
#! /usr/bin/perl
|
|
|
|
use strict;
|
|
|
|
use warnings;
|
|
|
|
use 5.010;
|
|
|
|
use autodie;
|
|
|
|
|
|
|
|
use Digest::SHA;
|
|
|
|
use MIME::Base64;
|
|
|
|
|
|
|
|
|
|
|
|
use constant WAIT_BEGIN => 1;
|
|
|
|
use constant WAIT_END =>2;
|
|
|
|
|
|
|
|
sub usage {
|
|
|
|
say STDERR "$0 DNS-LABEL CERT-FILE";
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
|
|
|
|
usage() if (scalar(@ARGV) != 2);
|
|
|
|
|
2017-04-23 09:25:17 +02:00
|
|
|
gen_tlsa(@ARGV);
|
|
|
|
|
|
|
|
sub gen_tlsa {
|
|
|
|
my ($label, $cert_file) = @_;
|
|
|
|
my $state = WAIT_BEGIN;
|
|
|
|
my $pem = '';
|
|
|
|
my ($fh, $line);
|
|
|
|
|
|
|
|
open($fh, '<', $cert_file);
|
|
|
|
while($line = <$fh>) {
|
|
|
|
if ($state == WAIT_BEGIN) {
|
|
|
|
if ($line=~/^-----BEGIN CERTIFICATE-----/) {
|
|
|
|
$state = WAIT_END;
|
|
|
|
}
|
|
|
|
} elsif ($state == WAIT_END) {
|
|
|
|
if ($line=~/^-----END CERTIFICATE-----/) {
|
|
|
|
last;
|
|
|
|
} else {
|
|
|
|
$pem.=$line;
|
|
|
|
}
|
2017-04-23 09:22:00 +02:00
|
|
|
}
|
|
|
|
}
|
2017-04-23 09:25:17 +02:00
|
|
|
close($fh);
|
|
|
|
say($label, ' IN TLSA 1 0 1 ',
|
|
|
|
Digest::SHA::sha256_hex(decode_base64($pem)));
|
2017-04-23 09:22:00 +02:00
|
|
|
}
|