DNS Stamp calculator component for Python. This tool generates DNS Stamps (for DoH/DoT/DoQ) by retrieving server certificates and computing necessary hashes locally.
Note: This tool requires an active internet connection to retrieve the server's SSL/TLS certificate, which is essential for generating the DNS Stamp. The calculation of the DNS Stamp itself is performed locally after the certificate is obtained.
- Thanks to jedisct1.
- Code implementations sourced from stamps-specifications
This project was created to provide a local solution for generating DNS Stamps, particularly when direct certificate and hash computation through tools like dnscrypt-proxy is challenging. It aims to fill the gap for users seeking a straightforward, script-based approach.
- Install Python (3.7+)
- Install the
cryptographyPython module:pip install cryptography - Download the script for your language (e.g.,
sdns-calculator.py) - Run it from your terminal:
python sdns-calculator.py
Additionally, you can now select "Certificate Info" (option 5) to retrieve detailed server certificate information (Subject, Issuer, Serial Number, Validity, SHA256 Fingerprint, and TBS SHA256 Hash) for DoH/DoT protocols.
Important Note for Windows Users:
If you encounter an ImportError: DLL load failed while importing _rust: The specified procedure could not be found. error when running the script, it is highly likely that your system is missing or has an outdated Microsoft Visual C++ Redistributable package. The cryptography library, which sdns-calculator depends on for secure operations, relies on these runtime components.
To resolve this issue:
- Download and install the latest Microsoft Visual C++ Redistributable
- You can find the official download here: Microsoft Visual C++ Redistributable
- It's generally recommended to download and install both the
x86andx64versions, even if your Python installation is 64-bit, to ensure full compatibility.
- Restart your computer after installation to ensure the changes take effect system-wide.
- (Optional but recommended) If you've already tried to run the script and encountered the error before installing the redistributable, it's a good idea to reinstall
cryptographyafter installing the redistributable:pip install --force-reinstall cryptography
If you encounter any problems during use, please submit your issues.