diff --git a/openssl-sys/src/libressl/mod.rs b/openssl-sys/src/libressl/mod.rs index 0080fc7d53809af5f9604e73bc7c8cc011a16d61..aa258a02e1f1a97cd64c334afa14c9a41d47f694 100644 --- a/openssl-sys/src/libressl/mod.rs +++ b/openssl-sys/src/libressl/mod.rs @@ -589,6 +589,7 @@ extern "C" { loc: c_int, set: c_int, ) -> c_int; + pub fn X509_NAME_entry_count(n: *mut ::X509_NAME) -> c_int; pub fn X509_NAME_get_entry(n: *mut ::X509_NAME, loc: c_int) -> *mut ::X509_NAME_ENTRY; pub fn X509_NAME_ENTRY_get_data(ne: *mut ::X509_NAME_ENTRY) -> *mut ::ASN1_STRING; pub fn X509_STORE_CTX_get_chain(ctx: *mut ::X509_STORE_CTX) -> *mut stack_st_X509; diff --git a/openssl-sys/src/openssl/v10x.rs b/openssl-sys/src/openssl/v10x.rs index c22bb7fcbd6289dceb9a0fb059daf19a280a5bff..0b28820d22cf06a88020dfc10e550824f8c55d0b 100644 --- a/openssl-sys/src/openssl/v10x.rs +++ b/openssl-sys/src/openssl/v10x.rs @@ -959,6 +959,7 @@ extern "C" { ppval: *mut *mut c_void, alg: *mut ::X509_ALGOR, ); + pub fn X509_NAME_entry_count(n: *mut ::X509_NAME) -> c_int; pub fn X509_NAME_get_entry(n: *mut ::X509_NAME, loc: c_int) -> *mut ::X509_NAME_ENTRY; pub fn X509_NAME_ENTRY_get_data(ne: *mut ::X509_NAME_ENTRY) -> *mut ::ASN1_STRING; pub fn X509_STORE_CTX_get_chain(ctx: *mut ::X509_STORE_CTX) -> *mut stack_st_X509; diff --git a/openssl-sys/src/openssl/v110.rs b/openssl-sys/src/openssl/v110.rs index 47d2bee41d92d48c0f33ffdf4145aade528d3db0..73fb92784b0806bb584424d0b60287bc28662bd4 100644 --- a/openssl-sys/src/openssl/v110.rs +++ b/openssl-sys/src/openssl/v110.rs @@ -198,6 +198,7 @@ extern "C" { ppval: *mut *const c_void, alg: *const ::X509_ALGOR, ); + pub fn X509_NAME_entry_count(n: *const ::X509_NAME) -> c_int; pub fn X509_NAME_get_entry(n: *const ::X509_NAME, loc: c_int) -> *mut ::X509_NAME_ENTRY; pub fn X509_NAME_ENTRY_get_data(ne: *const ::X509_NAME_ENTRY) -> *mut ::ASN1_STRING; pub fn X509V3_EXT_nconf_nid( diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index 5c1bb23f35c24dd2860f476a1fd7b2b2c374a1ce..b051985684c6cde1f713fe41a051638c54bbc40a 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -820,16 +820,25 @@ impl X509NameRef { pub fn entries_by_nid<'a>(&'a self, nid: Nid) -> X509NameEntries<'a> { X509NameEntries { name: self, - nid: nid, + nid: Some(nid), loc: -1, } } + + /// Returns an iterator over all `X509NameEntry` values + pub fn all_entries<'a>(&'a self) -> X509NameEntries<'a> { + X509NameEntries { + name: self, + nid: None, + loc: -1 + } + } } /// A type to destructure and examine an `X509Name`. pub struct X509NameEntries<'a> { name: &'a X509NameRef, - nid: Nid, + nid: Option, loc: c_int, } @@ -838,10 +847,21 @@ impl<'a> Iterator for X509NameEntries<'a> { fn next(&mut self) -> Option<&'a X509NameEntryRef> { unsafe { - self.loc = - ffi::X509_NAME_get_index_by_NID(self.name.as_ptr(), self.nid.as_raw(), self.loc); + let entry_count = ffi::X509_NAME_entry_count(self.name.as_ptr()); + + match self.nid { + Some(nid) => { + // There is a `Nid` specified to search for + self.loc = + ffi::X509_NAME_get_index_by_NID(self.name.as_ptr(), nid.as_raw(), self.loc); + } + None => { + // Iterate over all `Nid`s + self.loc += 1; + } + } - if self.loc == -1 { + if self.loc == -1 || self.loc >= entry_count { return None; } diff --git a/openssl/src/x509/tests.rs b/openssl/src/x509/tests.rs index 42859c9767eef27b6b8177a76bace2c59709727d..3e2ead9de609b5dde12d5e30da0399474df850af 100644 --- a/openssl/src/x509/tests.rs +++ b/openssl/src/x509/tests.rs @@ -79,6 +79,27 @@ fn test_nid_values() { assert_eq!(&**friendly.data().as_utf8().unwrap(), "Example"); } +#[test] +fn test_nameref_iterator() { + let cert = include_bytes!("../../test/nid_test_cert.pem"); + let cert = X509::from_pem(cert).unwrap(); + let subject = cert.subject_name(); + let mut all_entries = subject.all_entries(); + + let email = all_entries.next().unwrap(); + assert_eq!(email.data().as_slice(), b"test@example.com"); + + let cn = all_entries.next().unwrap(); + assert_eq!(cn.data().as_slice(), b"example.com"); + + let friendly = all_entries.next().unwrap(); + assert_eq!(&**friendly.data().as_utf8().unwrap(), "Example"); + + if let Some(_) = all_entries.next() { + assert!(false); + } +} + #[test] fn test_nid_uid_value() { let cert = include_bytes!("../../test/nid_uid_test_cert.pem");