Add NIOSSLCertificate serial number var, and add to description (#247)

* Add serial number * Make a lazy var * PR comments * PR comments
apple · Oct 14, 2020 · 9852198 · 9852198
1 parent 7c403e7
commit 9852198
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 3 deletions.
diff --git a/Sources/NIOSSL/SSLCertificate.swift b/Sources/NIOSSL/SSLCertificate.swift
@@ -46,6 +46,11 @@ public class NIOSSLCertificate {
         case ipv4(in_addr)
         case ipv6(in6_addr)
     }
+
+    public var serialNumber: [UInt8] {
+        let serialNumber = CNIOBoringSSL_X509_get_serialNumber(self.ref)!
+        return Array(UnsafeBufferPointer(start: serialNumber.pointee.data, count: Int(serialNumber.pointee.length)))
+    }
 
     private init(withOwnedReference ref: UnsafeMutablePointer<X509>) {
         self._ref = UnsafeMutableRawPointer(ref) // erasing the type for @_implementationOnly import CNIOBoringSSL
@@ -438,7 +443,8 @@ internal class SubjectAltNameSequence: Sequence, IteratorProtocol {
 extension NIOSSLCertificate: CustomStringConvertible {
 
     public var description: String {
-        var desc = "<NIOSSLCertificate"
+        let serialNumber = self.serialNumber.map { String($0, radix: 16) }.reduce("", +)
+        var desc = "<NIOSSLCertificate;serial_number=\(serialNumber)"
         if let commonNameBytes = self.commonName() {
             let commonName = String(decoding: commonNameBytes, as: UTF8.self)
             desc += ";common_name=" + commonName

diff --git a/Tests/NIOSSLTests/SSLCertificateTest.swift b/Tests/NIOSSLTests/SSLCertificateTest.swift
@@ -382,15 +382,15 @@ class SSLCertificateTest: XCTestCase {
     }
 
     func testPrintingDebugDetailsNoAlternativeNames() throws {
-        let expectedDebugDescription = "<NIOSSLCertificate;common_name=robots.sanfransokyo.edu>"
+        let expectedDebugDescription = "<NIOSSLCertificate;serial_number=9fd7d05a34ca7984;common_name=robots.sanfransokyo.edu>"
         let cert = try assertNoThrowWithValue(NIOSSLCertificate(bytes: .init(samplePemCert.utf8), format: .pem))
         let debugString = String(describing: cert)
 
         XCTAssertEqual(debugString, expectedDebugDescription)
     }
 
     func testPrintingDebugDetailsWithAlternativeNames() throws {
-        let expectedDebugDescription = "<NIOSSLCertificate;common_name=localhost;alternative_names=localhost,example.com,192.168.0.1,2001:db8::1>"
+        let expectedDebugDescription = "<NIOSSLCertificate;serial_number=46231a526848d57af4999e29f89988d178d94da2;common_name=localhost;alternative_names=localhost,example.com,192.168.0.1,2001:db8::1>"
         let cert = try assertNoThrowWithValue(NIOSSLCertificate(bytes: .init(multiSanCert.utf8), format: .pem))
         let debugString = String(describing: cert)