From 1e1056d692d9d6e533ca64112024ebc4c4821d3e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Richard=20K=C3=B6rber?= <github@shredzone.org>
Date: Sat, 19 Dec 2015 16:38:32 +0100
Subject: [PATCH] DnsChallenge: return digest for TXT record

---
 .../acme4j/challenge/DnsChallenge.java        | 20 +++++++++++++++++++
 .../acme4j/challenge/DnsChallengeTest.java    |  1 +
 2 files changed, 21 insertions(+)

diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/DnsChallenge.java b/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/DnsChallenge.java
index ab772bba..06c68eb3 100644
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/DnsChallenge.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/DnsChallenge.java
@@ -13,6 +13,10 @@
  */
 package org.shredzone.acme4j.challenge;
 
+import java.io.UnsupportedEncodingException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
 import org.jose4j.base64url.Base64Url;
 import org.shredzone.acme4j.Account;
 import org.shredzone.acme4j.util.ClaimBuilder;
@@ -55,6 +59,22 @@ public class DnsChallenge extends GenericChallenge {
         return authorization;
     }
 
+    /**
+     * Returns the digest string to be set in the domain's {@code _acme-challenge} TXT
+     * record.
+     */
+    public String getDigest() {
+        try {
+            MessageDigest md = MessageDigest.getInstance("SHA-256");
+            md.update(getAuthorization().getBytes("UTF-8"));
+            byte[] digest = md.digest();
+            return Base64Url.encode(digest);
+        } catch (NoSuchAlgorithmException | UnsupportedEncodingException ex) {
+            // both should be standard in JDK...
+            throw new RuntimeException(ex);
+        }
+    }
+
     @Override
     public void authorize(Account account) {
         super.authorize(account);
diff --git a/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/DnsChallengeTest.java b/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/DnsChallengeTest.java
index 840da3bb..bad3d9c4 100644
--- a/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/DnsChallengeTest.java
+++ b/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/DnsChallengeTest.java
@@ -63,6 +63,7 @@ public class DnsChallengeTest {
 
         assertThat(challenge.getToken(), is(TOKEN));
         assertThat(challenge.getAuthorization(), is(KEY_AUTHORIZATION));
+        assertThat(challenge.getDigest(), is("rzMmotrIgsithyBYc0vgiLUEEKYx0WetQRgEF2JIozA"));
 
         ClaimBuilder cb = new ClaimBuilder();
         challenge.marshall(cb);