-
Notifications
You must be signed in to change notification settings - Fork 1.4k
/
Copy pathX509Extensions.swift
94 lines (79 loc) · 2.62 KB
/
X509Extensions.swift
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
//===----------------------------------------------------------------------===//
//
// This source file is part of the Swift open source project
//
// Copyright (c) 2023 Apple Inc. and the Swift project authors
// Licensed under Apache License v2.0 with Runtime Library Exception
//
// See http://swift.org/LICENSE.txt for license information
// See http://swift.org/CONTRIBUTORS.txt for the list of Swift project authors
//
//===----------------------------------------------------------------------===//
import struct Foundation.Data
#if USE_IMPL_ONLY_IMPORTS
#if canImport(Security)
internal import Security
#endif
internal import SwiftASN1
internal import X509
#else
#if canImport(Security)
import Security
#endif
import SwiftASN1
import X509
#endif
import Basics
#if canImport(Security)
extension Certificate {
init(secCertificate: SecCertificate) throws {
let data = SecCertificateCopyData(secCertificate) as Data
self = try Certificate(Array(data))
}
init(secIdentity: SecIdentity) throws {
var secCertificate: SecCertificate?
let status = SecIdentityCopyCertificate(secIdentity, &secCertificate)
guard status == errSecSuccess, let secCertificate else {
throw StringError("failed to get certificate from SecIdentity: status \(status)")
}
self = try Certificate(secCertificate: secCertificate)
}
}
#endif
extension Certificate {
func hasExtension(oid: ASN1ObjectIdentifier) -> Bool {
self.extensions[oid: oid] != nil
}
}
extension DistinguishedName {
var commonName: String? {
self.stringAttribute(oid: ASN1ObjectIdentifier.NameAttributes.commonName)
}
var organizationalUnitName: String? {
self.stringAttribute(oid: ASN1ObjectIdentifier.NameAttributes.organizationalUnitName)
}
var organizationName: String? {
self.stringAttribute(oid: ASN1ObjectIdentifier.NameAttributes.organizationName)
}
private func stringAttribute(oid: ASN1ObjectIdentifier) -> String? {
for relativeDistinguishedName in self {
for attribute in relativeDistinguishedName where attribute.type == oid {
return attribute.value.description
}
}
return nil
}
}
// MARK: - Certificate cache
extension Certificate {
private static let cache = ThreadSafeKeyValueStore<[UInt8], Certificate>()
init(_ bytes: [UInt8]) throws {
if let cached = Self.cache[bytes] {
self = cached
} else {
let certificate = try Certificate(derEncoded: bytes)
Self.cache[bytes] = certificate
self = certificate
}
}
}