Add NIOSSLCertificate debug description for useful debugging (#246)

* Add debug description

* Fix test

* Linux tests

* Update Sources/NIOSSL/SSLCertificate.swift

Co-authored-by: Cory Benfield <[email protected]>

* Update Sources/NIOSSL/SSLCertificate.swift

Co-authored-by: Cory Benfield <[email protected]>

* Update Sources/NIOSSL/SSLCertificate.swift

Co-authored-by: Cory Benfield <[email protected]>

* Address review comments

* Move IP address to it's own extension

* Add preconditions

* PR comments

* Fix Swift 5.0

* Pr comments

* Update Sources/NIOSSL/SSLCertificate.swift

Co-authored-by: Cory Benfield <[email protected]>

* Update Sources/NIOSSL/SSLCertificate.swift

Co-authored-by: Cory Benfield <[email protected]>

* Update Sources/NIOSSL/SSLCertificate.swift

Co-authored-by: Cory Benfield <[email protected]>

* Update Sources/NIOSSL/SSLCertificate.swift

Co-authored-by: Cory Benfield <[email protected]>

* Update Sources/NIOSSL/SSLCertificate.swift

Co-authored-by: Cory Benfield <[email protected]>

* Update Sources/NIOSSL/SSLCertificate.swift

Co-authored-by: Cory Benfield <[email protected]>

Co-authored-by: Cory Benfield <[email protected]>

Author: Davidde94

Sources/NIOSSL/SSLCertificate.swift

@@ -434,3 +434,66 @@ internal class SubjectAltNameSequence: Sequence, IteratorProtocol {
         CNIOBoringSSL_GENERAL_NAMES_free(self.nameStack)
     }
 }
+
+extension NIOSSLCertificate: CustomStringConvertible {
+    
+    public var description: String {
+        var desc = "<NIOSSLCertificate"
+        if let commonNameBytes = self.commonName() {
+            let commonName = String(decoding: commonNameBytes, as: UTF8.self)
+            desc += ";common_name=" + commonName
+        }
+        if let alternativeName = self.subjectAlternativeNames() {
+            let altNames = alternativeName.map { name in
+                switch name {
+                case .dnsName(let bytes):
+                    return String(decoding: bytes, as: UTF8.self)
+                case .ipAddress(let address):
+                    return String(describing: address)
+                }
+            }.joined(separator: ",")
+            desc += ";alternative_names=\(altNames)"
+        }
+        return desc + ">"
+    }
+    
+}
+
+extension NIOSSLCertificate.IPAddress: CustomStringConvertible {
+    
+    private static let ipv4AddressLength = 16
+    private static let ipv6AddressLength = 46
+    
+    /// A string representation of the IP address.
+    /// E.g. IPv4: `192.168.0.1`
+    /// E.g. IPv6: `2001:db8::1`
+    public var description: String {
+        switch self {
+        case .ipv4(let addr):
+            return self.ipv4ToString(addr)
+        case .ipv6(let addr):
+            return self.ipv6ToString(addr)
+        }
+    }
+    
+    private func ipv4ToString(_ address: in_addr) -> String {
+        var address = address
+        var dest: [CChar] = Array(repeating: 0, count: NIOSSLCertificate.IPAddress.ipv4AddressLength)
+        dest.withUnsafeMutableBufferPointer { pointer in
+            let result = inet_ntop(AF_INET, &address, pointer.baseAddress!, socklen_t(pointer.count))
+            precondition(result != nil, "The IP address was invalid. This should never happen as we're within the IP address struct.")
+        }
+        return String(cString: &dest)
+    }
+    
+    private func ipv6ToString(_ address: in6_addr) -> String {
+        var address = address
+        var dest: [CChar] = Array(repeating: 0, count: NIOSSLCertificate.IPAddress.ipv6AddressLength)
+        dest.withUnsafeMutableBufferPointer { pointer in
+            let result = inet_ntop(AF_INET6, &address, pointer.baseAddress!, socklen_t(pointer.count))
+            precondition(result != nil, "The IP address was invalid. This should never happen as we're within the IP address struct.")
+        }
+        return String(cString: &dest)
+    }
+    
+}

Tests/NIOSSLTests/SSLCertificateTest+XCTest.swift

@@ -54,6 +54,8 @@ extension SSLCertificateTest {
                 ("testExtractingPublicKey", testExtractingPublicKey),
                 ("testDumpingPEMCert", testDumpingPEMCert),
                 ("testDumpingDERCert", testDumpingDERCert),
+                ("testPrintingDebugDetailsNoAlternativeNames", testPrintingDebugDetailsNoAlternativeNames),
+                ("testPrintingDebugDetailsWithAlternativeNames", testPrintingDebugDetailsWithAlternativeNames),
            ]
    }
 }

Tests/NIOSSLTests/SSLCertificateTest.swift

@@ -380,4 +380,20 @@ class SSLCertificateTest: XCTestCase {
 
         XCTAssertEqual(certBytes, expectedCertBytes)
     }
+    
+    func testPrintingDebugDetailsNoAlternativeNames() throws {
+        let expectedDebugDescription = "<NIOSSLCertificate;common_name=robots.sanfransokyo.edu>"
+        let cert = try assertNoThrowWithValue(NIOSSLCertificate(bytes: .init(samplePemCert.utf8), format: .pem))
+        let debugString = String(describing: cert)
+
+        XCTAssertEqual(debugString, expectedDebugDescription)
+    }
+    
+    func testPrintingDebugDetailsWithAlternativeNames() throws {
+        let expectedDebugDescription = "<NIOSSLCertificate;common_name=localhost;alternative_names=localhost,example.com,192.168.0.1,2001:db8::1>"
+        let cert = try assertNoThrowWithValue(NIOSSLCertificate(bytes: .init(multiSanCert.utf8), format: .pem))
+        let debugString = String(describing: cert)
+
+        XCTAssertEqual(debugString, expectedDebugDescription)
+    }
 }