add support for rfc822Name (email) and uniformResourceIdentifier (uri) to GeneralName
This commit is contained in:
Ian P. Cooke
parent
9943bb6869
commit
60337266ab
|
|
@ -1090,10 +1090,10 @@ foreign_type_and_impl_send_sync! {
|
||||||
}
|
}
|
||||||
|
|
||||||
impl GeneralNameRef {
|
impl GeneralNameRef {
|
||||||
/// Returns the contents of this `GeneralName` if it is a `dNSName`.
|
|
||||||
pub fn dnsname(&self) -> Option<&str> {
|
fn ia5_string(&self, ffi_type: c_int) -> Option<&str> {
|
||||||
unsafe {
|
unsafe {
|
||||||
if (*self.as_ptr()).type_ != ffi::GEN_DNS {
|
if (*self.as_ptr()).type_ != ffi_type {
|
||||||
return None;
|
return None;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1101,13 +1101,28 @@ impl GeneralNameRef {
|
||||||
let len = ffi::ASN1_STRING_length((*self.as_ptr()).d as *mut _);
|
let len = ffi::ASN1_STRING_length((*self.as_ptr()).d as *mut _);
|
||||||
|
|
||||||
let slice = slice::from_raw_parts(ptr as *const u8, len as usize);
|
let slice = slice::from_raw_parts(ptr as *const u8, len as usize);
|
||||||
// dNSNames are stated to be ASCII (specifically IA5). Hopefully
|
// IA5Strings are stated to be ASCII (specifically IA5). Hopefully
|
||||||
// OpenSSL checks that when loading a certificate but if not we'll
|
// OpenSSL checks that when loading a certificate but if not we'll
|
||||||
// use this instead of from_utf8_unchecked just in case.
|
// use this instead of from_utf8_unchecked just in case.
|
||||||
str::from_utf8(slice).ok()
|
str::from_utf8(slice).ok()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Returns the contents of this `GeneralName` if it is an `rfc822Name`.
|
||||||
|
pub fn email(&self) -> Option<&str> {
|
||||||
|
self.ia5_string(ffi::GEN_EMAIL)
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Returns the contents of this `GeneralName` if it is a `dNSName`.
|
||||||
|
pub fn dnsname(&self) -> Option<&str> {
|
||||||
|
self.ia5_string(ffi::GEN_DNS)
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Returns the contents of this `GeneralName` if it is an `uniformResourceIdentifier`.
|
||||||
|
pub fn uri(&self) -> Option<&str> {
|
||||||
|
self.ia5_string(ffi::GEN_URI)
|
||||||
|
}
|
||||||
|
|
||||||
/// Returns the contents of this `GeneralName` if it is an `iPAddress`.
|
/// Returns the contents of this `GeneralName` if it is an `iPAddress`.
|
||||||
pub fn ipaddress(&self) -> Option<&[u8]> {
|
pub fn ipaddress(&self) -> Option<&[u8]> {
|
||||||
unsafe {
|
unsafe {
|
||||||
|
|
|
||||||
|
|
@ -92,13 +92,15 @@ fn test_subject_alt_name() {
|
||||||
let cert = X509::from_pem(cert).unwrap();
|
let cert = X509::from_pem(cert).unwrap();
|
||||||
|
|
||||||
let subject_alt_names = cert.subject_alt_names().unwrap();
|
let subject_alt_names = cert.subject_alt_names().unwrap();
|
||||||
assert_eq!(3, subject_alt_names.len());
|
assert_eq!(5, subject_alt_names.len());
|
||||||
assert_eq!(Some("foobar.com"), subject_alt_names[0].dnsname());
|
assert_eq!(Some("example.com"), subject_alt_names[0].dnsname());
|
||||||
assert_eq!(subject_alt_names[1].ipaddress(), Some(&[127, 0, 0, 1][..]));
|
assert_eq!(subject_alt_names[1].ipaddress(), Some(&[127, 0, 0, 1][..]));
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
subject_alt_names[2].ipaddress(),
|
subject_alt_names[2].ipaddress(),
|
||||||
Some(&b"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x01"[..])
|
Some(&b"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x01"[..])
|
||||||
);
|
);
|
||||||
|
assert_eq!(Some("test@example.com"), subject_alt_names[3].email());
|
||||||
|
assert_eq!(Some("http://www.example.com"), subject_alt_names[4].uri());
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
|
@ -110,7 +112,7 @@ fn test_subject_alt_name_iter() {
|
||||||
let mut subject_alt_names_iter = subject_alt_names.iter();
|
let mut subject_alt_names_iter = subject_alt_names.iter();
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
subject_alt_names_iter.next().unwrap().dnsname(),
|
subject_alt_names_iter.next().unwrap().dnsname(),
|
||||||
Some("foobar.com")
|
Some("example.com")
|
||||||
);
|
);
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
subject_alt_names_iter.next().unwrap().ipaddress(),
|
subject_alt_names_iter.next().unwrap().ipaddress(),
|
||||||
|
|
@ -120,6 +122,14 @@ fn test_subject_alt_name_iter() {
|
||||||
subject_alt_names_iter.next().unwrap().ipaddress(),
|
subject_alt_names_iter.next().unwrap().ipaddress(),
|
||||||
Some(&b"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x01"[..])
|
Some(&b"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x01"[..])
|
||||||
);
|
);
|
||||||
|
assert_eq!(
|
||||||
|
subject_alt_names_iter.next().unwrap().email(),
|
||||||
|
Some("test@example.com")
|
||||||
|
);
|
||||||
|
assert_eq!(
|
||||||
|
subject_alt_names_iter.next().unwrap().uri(),
|
||||||
|
Some("http://www.example.com")
|
||||||
|
);
|
||||||
assert!(subject_alt_names_iter.next().is_none());
|
assert!(subject_alt_names_iter.next().is_none());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,25 +1,22 @@
|
||||||
-----BEGIN CERTIFICATE-----
|
-----BEGIN CERTIFICATE-----
|
||||||
MIIEOjCCAyKgAwIBAgIJAJz42fzGUJGeMA0GCSqGSIb3DQEBCwUAMH8xCzAJBgNV
|
MIIDsDCCApigAwIBAgIBATANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJBVTET
|
||||||
BAYTAlVTMQswCQYDVQQIDAJOWTERMA8GA1UEBwwITmV3IFlvcmsxFTATBgNVBAoM
|
MBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ
|
||||||
DEV4YW1wbGUsIExMQzEYMBYGA1UEAwwPRXhhbXBsZSBDb21wYW55MR8wHQYJKoZI
|
dHkgTHRkMB4XDTE4MDExNTExMDcwM1oXDTI4MDExMzExMDcwM1owfDELMAkGA1UE
|
||||||
hvcNAQkBFhB0ZXN0QGV4YW1wbGUuY29tMB4XDTE2MDQzMDA0MDg1NloXDTE3MDQz
|
BhMCVVMxCzAJBgNVBAgMAk5ZMREwDwYDVQQHDAhOZXcgWW9yazEVMBMGA1UECgwM
|
||||||
MDA0MDg1NlowfzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5ZMREwDwYDVQQHDAhO
|
RXhhbXBsZSwgTExDMTYwNAYDVQQDDC1FeGFtcGxlIENvbXBhbnkvZW1haWxBZGRy
|
||||||
ZXcgWW9yazEVMBMGA1UECgwMRXhhbXBsZSwgTExDMRgwFgYDVQQDDA9FeGFtcGxl
|
ZXNzPXRlc3RAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
|
||||||
IENvbXBhbnkxHzAdBgkqhkiG9w0BCQEWEHRlc3RAZXhhbXBsZS5jb20wggEiMA0G
|
AoIBAQCo9CWMRLMXo1CF/iORh9B4NhtJF/8tR9PlG95sNvyWuQQ/8jfev+8zErpl
|
||||||
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDggl2TbtO5Ewi/q8kV56xK6HBpwsj9
|
xfLkt0pJqcoiZG8g9NU0kU6o5T+/1QgZclCAoZaS0Jqxmoo2Yk/1Qsj16pnMBc10
|
||||||
wBoqGi6hkKm/8lhLTkuUG6WbEUepi7n9d7tjI9hwYN7MKtppAnS+d+Zh6sKMgLJn
|
uSDk6V9aJSX1vKwONVNSwiHA1MhX+i7Wf7/K0niq+k7hOkhleFkWgZtUq41gXh1V
|
||||||
hONkbQBJkYWwuIxRVXORCdyZDNzXP1rlb6ynmj6mItuPTRVNNMaZP+24fgXtwGk8
|
fOugka7UktYnk9mrBbAMjmaloZNn2pMMAQxVg4ThiLm3zvuWqvXASWzUZc7IAd1G
|
||||||
P2nqA1ONbmyaP27txV+Rd8fmQvW3vSmq7iDob661TOtLZRqqVRpnLDGpLXTCptYz
|
bN4AtDuhs252eqE9E4iTHk7F14wAS1JWqv666hReGHrmZJGx0xQTM9vPD1HN5t2U
|
||||||
dLN1nDWKjBUFpPGDxvfcSE3Yf9LaQM2uDHRygSgTFusbwarAGrAk8krsm/Tiaumx
|
3KTfhO/mTlAUWVyg9tCtOzboKgs1AgMBAAGjdDByMAkGA1UdEwQCMAAwCwYDVR0P
|
||||||
Ls74MY6OEoLnPbEi5epWLqPmoE1nxrvYLtaWh3TTET3H72yL0+1PZTkpAgMBAAGj
|
BAQDAgWgMFgGA1UdEQRRME+CC2V4YW1wbGUuY29thwR/AAABhxAAAAAAAAAAAAAA
|
||||||
gbgwgbUwHQYDVR0OBBYEFAIcHhTPUqVdK85u47vo8z0viJGPMB8GA1UdIwQYMBaA
|
AAAAAAABgRB0ZXN0QGV4YW1wbGUuY29thhZodHRwOi8vd3d3LmV4YW1wbGUuY29t
|
||||||
FAIcHhTPUqVdK85u47vo8z0viJGPMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMC0G
|
MA0GCSqGSIb3DQEBCwUAA4IBAQAx14G99z/MnSbs8h5jSos+dgLvhc2IQB/3CChE
|
||||||
A1UdEQQmMCSCCmZvb2Jhci5jb22HBH8AAAGHEAAAAAAAAAAAAAAAAAAAAAEwLAYJ
|
hPyELc7iyw1iteRs7bS1m2NZx6gv6TZ6VydDrK1dnWSatQ7sskXTO+zfC6qjMwXl
|
||||||
YIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMA0GCSqG
|
IV+u7T8EREwciniIA82d8GWs60BGyBL3zp2iUOr5ULG4+c/S6OLdlyJv+fDKv+Xo
|
||||||
SIb3DQEBCwUAA4IBAQDeYsuJaxbnxR2wDRSbxMpPp2b6fHPxC1vArKTSrQ/X+5s7
|
fKv1UGDi5rcvUBikeNkpEPTN9UsE9/A8XJfDyq+4RKuDW19EtzOOeVx4xpHOMnAy
|
||||||
YcQ29jkzD8FbET8iPsCOn/IECBiDKOpckkO6dBWM05ma9HHzWjQOJ7Lo6gEsvk4d
|
VVAQVMKJzhoXtLF4k2j409na+f6FIcZSBet+plmzfB+WZNIgUUi/7MQIXOFQRkj4
|
||||||
+M/jJz5IaJ7hOxp1hGqwNQ+PJQOZMmlruNcOzPU36qaWJ03+NYOKar5VpIrRxCNc
|
zH3SnsPm/IYpJzlH2vHhlqIBdaSoTWpGVWPq7D+H8OS3mmXF
|
||||||
uehTArmJqDLQPfgETEhMYfpkqf3s/cGb1uyeCpzgIRPpf4Ki1Oys5cV/BqIn7n5g
|
|
||||||
7sUrhXboYL4+eYt5V4rcc4rLI5J5IP/a1Z+Z6UVH+Mbiyl0iD8aRr/bo9WvKih3C
|
|
||||||
2LBO0Apl0tkXUOMWp7G0UYHVEndwPjZnVoM42f11
|
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue