File: SubjectAlternativeName.swift

package info (click to toggle)
swiftlang 6.0.3-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 2,519,992 kB
  • sloc: cpp: 9,107,863; ansic: 2,040,022; asm: 1,135,751; python: 296,500; objc: 82,456; f90: 60,502; lisp: 34,951; pascal: 19,946; sh: 18,133; perl: 7,482; ml: 4,937; javascript: 4,117; makefile: 3,840; awk: 3,535; xml: 914; fortran: 619; cs: 573; ruby: 573
file content (127 lines) | stat: -rw-r--r-- 4,271 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
 
//===----------------------------------------------------------------------===//
//
// This source file is part of the SwiftCertificates open source project
//
// Copyright (c) 2022 Apple Inc. and the SwiftCertificates project authors
// Licensed under Apache License v2.0
//
// See LICENSE.txt for license information
// See CONTRIBUTORS.txt for the list of SwiftCertificates project authors
//
// SPDX-License-Identifier: Apache-2.0
//
//===----------------------------------------------------------------------===//

import SwiftASN1

/// Allows identities to be bound to the subject of a certificate.
///
/// The identities attested in this extension belong to the subject of the certificate.
/// Users of the certificate may validate that these names correspond to a name they are
/// expecting, depending on the context.
public struct SubjectAlternativeNames {
    @usableFromInline
    var names: [GeneralName]

    /// Construct a Subject Alternative Name extension from a sequence of
    /// ``GeneralName``s.
    ///
    /// - Parameter names: The names to bind to the subject of the certificate.
    @inlinable
    public init<Names: Sequence>(_ names: Names) where Names.Element == GeneralName {
        self.names = Array(names)
    }

    /// Construct a Subject Alternative Name extension that attests to no names.
    @inlinable
    public init() {
        self.names = []
    }

    /// Create a new ``SubjectAlternativeNames`` object
    /// by unwrapping a ``Certificate/Extension``.
    ///
    /// - Parameter ext: The ``Certificate/Extension`` to unwrap
    /// - Throws: if the ``Certificate/Extension/oid`` is not equal to
    ///     `ASN1ObjectIdentifier.X509ExtensionID.subjectAlternativeName`.
    @inlinable
    public init(_ ext: Certificate.Extension) throws {
        guard ext.oid == .X509ExtensionID.subjectAlternativeName else {
            throw CertificateError.incorrectOIDForExtension(
                reason: "Expected \(ASN1ObjectIdentifier.X509ExtensionID.subjectAlternativeName), got \(ext.oid)"
            )
        }

        let asn1SAN = try GeneralNames(derEncoded: ext.value)
        self.names = asn1SAN.names
    }
}

extension SubjectAlternativeNames: Hashable {}

extension SubjectAlternativeNames: Sendable {}

extension SubjectAlternativeNames: CustomStringConvertible {
    public var description: String {
        self.lazy.map { String(reflecting: $0) }.joined(separator: ", ")
    }
}

extension SubjectAlternativeNames: CustomDebugStringConvertible {
    public var debugDescription: String {
        "SubjectAlternativeNames(\(String(describing: self)))"
    }
}

extension SubjectAlternativeNames: RandomAccessCollection, MutableCollection, RangeReplaceableCollection {
    @inlinable
    public var startIndex: Int {
        self.names.startIndex
    }

    @inlinable
    public var endIndex: Int {
        self.names.endIndex
    }

    @inlinable
    public subscript(position: Int) -> GeneralName {
        get {
            self.names[position]
        }
        set {
            self.names[position] = newValue
        }
    }

    @inlinable
    public mutating func replaceSubrange<NewElements>(_ subrange: Range<Int>, with newElements: NewElements)
    where NewElements: Collection, GeneralName == NewElements.Element {
        self.names.replaceSubrange(subrange, with: newElements)
    }
}

extension Certificate.Extension {
    /// Construct an opaque ``Certificate/Extension`` from this Subject Alternative Name extension.
    ///
    /// - Parameters:
    ///   - san: The extension to wrap
    ///   - critical: Whether this extension should have the critical bit set.
    @inlinable
    public init(_ san: SubjectAlternativeNames, critical: Bool) throws {
        let asn1Representation = GeneralNames(san.names)
        var serializer = DER.Serializer()
        try serializer.serialize(asn1Representation)
        self.init(
            oid: .X509ExtensionID.subjectAlternativeName,
            critical: critical,
            value: serializer.serializedBytes[...]
        )
    }
}

extension SubjectAlternativeNames: CertificateExtensionConvertible {
    public func makeCertificateExtension() throws -> Certificate.Extension {
        return try .init(self, critical: false)
    }
}