get x509 name entry

Change-Id: I75b097b206888cfe066d5470b9cdaec9da950244

cert.go

@@ -106,6 +106,19 @@ func (n *Name) AddTextEntries(entries map[string]string) error {
 	return nil
 }
 
+// GetEntry returns a name entry based on NID.  If no entry, then ("", false) is
+// returned.
+func (n *Name) GetEntry(nid NID) (entry string, ok bool) {
+	entrylen := C.X509_NAME_get_text_by_NID(n.name, C.int(nid), nil, 0)
+	if entrylen == -1 {
+		return "", false
+	}
+	buf := (*C.char)(C.malloc(C.size_t(entrylen + 1)))
+	defer C.free(unsafe.Pointer(buf))
+	C.X509_NAME_get_text_by_NID(n.name, C.int(nid), buf, entrylen+1)
+	return C.GoStringN(buf, entrylen), true
+}
+
 // NewCertificate generates a basic certificate based
 // on the provided CertificateInfo struct
 func NewCertificate(info *CertificateInfo, key PublicKey) (*Certificate, error) {

cert_test.go

@@ -99,3 +99,40 @@ func TestCAGenerate(t *testing.T) {
 		t.Fatal(err)
 	}
 }
+
+func TestCertGetNameEntry(t *testing.T) {
+	key, err := GenerateRSAKey(2048)
+	if err != nil {
+		t.Fatal(err)
+	}
+	info := &CertificateInfo{
+		Serial:       1,
+		Issued:       0,
+		Expires:      24 * time.Hour,
+		Country:      "US",
+		Organization: "Test",
+		CommonName:   "localhost",
+	}
+	cert, err := NewCertificate(info, key)
+	if err != nil {
+		t.Fatal(err)
+	}
+	name, err := cert.GetSubjectName()
+	if err != nil {
+		t.Fatal(err)
+	}
+	entry, ok := name.GetEntry(NID_commonName)
+	if !ok {
+		t.Fatal("no common name")
+	}
+	if entry != "localhost" {
+		t.Fatalf("expected localhost; got %q", entry)
+	}
+	entry, ok = name.GetEntry(NID_localityName)
+	if ok {
+		t.Fatal("did not expect a locality name")
+	}
+	if entry != "" {
+		t.Fatalf("entry should be empty; got %q", entry)
+	}
+}