diff options
| author | Steven Fackler <[email protected]> | 2016-10-31 22:43:05 -0700 |
|---|---|---|
| committer | Steven Fackler <[email protected]> | 2016-10-31 22:43:05 -0700 |
| commit | dc4098bdd83e23703b2490741ee7461caea83375 (patch) | |
| tree | e0f1fd86bd2fc67e51fe744b09762f89f04d46e3 /openssl/src/x509 | |
| parent | Merge pull request #507 from sfackler/ref (diff) | |
| download | rust-openssl-dc4098bdd83e23703b2490741ee7461caea83375.tar.xz rust-openssl-dc4098bdd83e23703b2490741ee7461caea83375.zip | |
Clean up x509 name entries
Diffstat (limited to 'openssl/src/x509')
| -rw-r--r-- | openssl/src/x509/mod.rs | 57 | ||||
| -rw-r--r-- | openssl/src/x509/tests.rs | 48 |
2 files changed, 52 insertions, 53 deletions
diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index bb2c7544..28f2542f 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -12,9 +12,8 @@ use std::slice; use std::str; use {cvt, cvt_p}; -use asn1::Asn1Time; +use asn1::{Asn1String, Asn1Time}; use bio::{MemBio, MemBioSlice}; -use crypto::CryptoString; use hash::MessageDigest; use pkey::PKey; use rand::rand_bytes; @@ -473,33 +472,49 @@ impl Borrow<Ref<X509>> for X509 { type_!(X509Name, ffi::X509_NAME, ffi::X509_NAME_free); impl Ref<X509Name> { - pub fn text_by_nid(&self, nid: Nid) -> Option<CryptoString> { - unsafe { - let loc = ffi::X509_NAME_get_index_by_NID(self.as_ptr(), nid.as_raw(), -1); - if loc == -1 { - return None; - } + pub fn entries_by_nid<'a>(&'a self, nid: Nid) -> X509NameEntries<'a> { + X509NameEntries { + name: self, + nid: nid, + loc: -1, + } + } +} - let ne = ffi::X509_NAME_get_entry(self.as_ptr(), loc); - if ne.is_null() { - return None; - } +pub struct X509NameEntries<'a> { + name: &'a Ref<X509Name>, + nid: Nid, + loc: c_int, +} - let asn1_str = ffi::X509_NAME_ENTRY_get_data(ne); - if asn1_str.is_null() { - return None; - } +impl<'a> Iterator for X509NameEntries<'a> { + type Item = &'a Ref<X509NameEntry>; - let mut str_from_asn1: *mut u8 = ptr::null_mut(); - let len = ffi::ASN1_STRING_to_UTF8(&mut str_from_asn1, asn1_str); + fn next(&mut self) -> Option<&'a Ref<X509NameEntry>> { + unsafe { + self.loc = ffi::X509_NAME_get_index_by_NID(self.name.as_ptr(), + self.nid.as_raw(), + self.loc); - if len < 0 { + if self.loc == -1 { return None; } - assert!(!str_from_asn1.is_null()); + let entry = ffi::X509_NAME_get_entry(self.name.as_ptr(), self.loc); + assert!(!entry.is_null()); - Some(CryptoString::from_raw_parts(str_from_asn1, len as usize)) + Some(Ref::from_ptr(entry)) + } + } +} + +type_!(X509NameEntry, ffi::X509_NAME_ENTRY, ffi::X509_NAME_ENTRY_free); + +impl Ref<X509NameEntry> { + pub fn data(&self) -> &Ref<Asn1String> { + unsafe { + let data = ffi::X509_NAME_ENTRY_get_data(self.as_ptr()); + Ref::from_ptr(data) } } } diff --git a/openssl/src/x509/tests.rs b/openssl/src/x509/tests.rs index 1c248ba2..db93c3a8 100644 --- a/openssl/src/x509/tests.rs +++ b/openssl/src/x509/tests.rs @@ -113,58 +113,42 @@ fn test_save_der() { #[test] fn test_subject_read_cn() { let cert = include_bytes!("../../test/cert.pem"); - let cert = X509::from_pem(cert).ok().expect("Failed to load PEM"); + let cert = X509::from_pem(cert).unwrap(); let subject = cert.subject_name(); - let cn = match subject.text_by_nid(nid::COMMONNAME) { - Some(x) => x, - None => panic!("Failed to read CN from cert"), - }; - - assert_eq!(&cn as &str, "foobar.com") + let cn = subject.entries_by_nid(nid::COMMONNAME).next().unwrap(); + assert_eq!(cn.data().as_slice(), b"foobar.com") } #[test] fn test_nid_values() { let cert = include_bytes!("../../test/nid_test_cert.pem"); - let cert = X509::from_pem(cert).ok().expect("Failed to load PEM"); + let cert = X509::from_pem(cert).unwrap(); let subject = cert.subject_name(); - let cn = match subject.text_by_nid(nid::COMMONNAME) { - Some(x) => x, - None => panic!("Failed to read CN from cert"), - }; - assert_eq!(&cn as &str, "example.com"); - - let email = match subject.text_by_nid(nid::PKCS9_EMAILADDRESS) { - Some(x) => x, - None => panic!("Failed to read subject email address from cert"), - }; - assert_eq!(&email as &str, "[email protected]"); - - let friendly = match subject.text_by_nid(nid::FRIENDLYNAME) { - Some(x) => x, - None => panic!("Failed to read subject friendly name from cert"), - }; - assert_eq!(&friendly as &str, "Example"); + let cn = subject.entries_by_nid(nid::COMMONNAME).next().unwrap(); + assert_eq!(cn.data().as_slice(), b"example.com"); + + let email = subject.entries_by_nid(nid::PKCS9_EMAILADDRESS).next().unwrap(); + assert_eq!(email.data().as_slice(), b"[email protected]"); + + let friendly = subject.entries_by_nid(nid::FRIENDLYNAME).next().unwrap(); + assert_eq!(&*friendly.data().as_utf8().unwrap(), "Example"); } #[test] fn test_nid_uid_value() { let cert = include_bytes!("../../test/nid_uid_test_cert.pem"); - let cert = X509::from_pem(cert).ok().expect("Failed to load PEM"); + let cert = X509::from_pem(cert).unwrap(); let subject = cert.subject_name(); - let cn = match subject.text_by_nid(nid::USERID) { - Some(x) => x, - None => panic!("Failed to read UID from cert"), - }; - assert_eq!(&cn as &str, "this is the userId"); + let cn = subject.entries_by_nid(nid::USERID).next().unwrap(); + assert_eq!(cn.data().as_slice(), b"this is the userId"); } #[test] fn test_subject_alt_name() { let cert = include_bytes!("../../test/alt_name_cert.pem"); - let cert = X509::from_pem(cert).ok().expect("Failed to load PEM"); + let cert = X509::from_pem(cert).unwrap(); let subject_alt_names = cert.subject_alt_names().unwrap(); assert_eq!(3, subject_alt_names.len()); |