diff --git a/cert.go b/cert.go index 8dc82f8..2e53872 100644 --- a/cert.go +++ b/cert.go @@ -106,6 +106,19 @@ func (n *Name) AddTextEntries(entries map[string]string) error { return nil } +// GetEntry returns a name entry based on NID. If no entry, then ("", false) is +// returned. +func (n *Name) GetEntry(nid NID) (entry string, ok bool) { + entrylen := C.X509_NAME_get_text_by_NID(n.name, C.int(nid), nil, 0) + if entrylen == -1 { + return "", false + } + buf := (*C.char)(C.malloc(C.size_t(entrylen + 1))) + defer C.free(unsafe.Pointer(buf)) + C.X509_NAME_get_text_by_NID(n.name, C.int(nid), buf, entrylen+1) + return C.GoStringN(buf, entrylen), true +} + // NewCertificate generates a basic certificate based // on the provided CertificateInfo struct func NewCertificate(info *CertificateInfo, key PublicKey) (*Certificate, error) { diff --git a/cert_test.go b/cert_test.go index 0dfac37..dd44ff7 100644 --- a/cert_test.go +++ b/cert_test.go @@ -99,3 +99,40 @@ func TestCAGenerate(t *testing.T) { t.Fatal(err) } } + +func TestCertGetNameEntry(t *testing.T) { + key, err := GenerateRSAKey(2048) + if err != nil { + t.Fatal(err) + } + info := &CertificateInfo{ + Serial: 1, + Issued: 0, + Expires: 24 * time.Hour, + Country: "US", + Organization: "Test", + CommonName: "localhost", + } + cert, err := NewCertificate(info, key) + if err != nil { + t.Fatal(err) + } + name, err := cert.GetSubjectName() + if err != nil { + t.Fatal(err) + } + entry, ok := name.GetEntry(NID_commonName) + if !ok { + t.Fatal("no common name") + } + if entry != "localhost" { + t.Fatalf("expected localhost; got %q", entry) + } + entry, ok = name.GetEntry(NID_localityName) + if ok { + t.Fatal("did not expect a locality name") + } + if entry != "" { + t.Fatalf("entry should be empty; got %q", entry) + } +}