Add DN-based constructors to WolfSSLX509Name#366
Open
cconlon wants to merge 1 commit intowolfSSL:masterfrom
Open
Add DN-based constructors to WolfSSLX509Name#366cconlon wants to merge 1 commit intowolfSSL:masterfrom
cconlon wants to merge 1 commit intowolfSSL:masterfrom
Conversation
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Adds DN-based WolfSSLX509Name constructors so callers can build names from RFC 2253/OpenSSL oneline strings, LdapName, or X500Principal, and adds JUnit coverage for the new parsing paths.
Changes:
- Added three new
WolfSSLX509Nameconstructors plus helper methods for DN parsing, attribute normalization, and mirror-field updates. - Added a comprehensive new
WolfSSLX509NameTestclass covering valid and invalid RFC 2253/oneline/LDAP/X500Principal inputs. - Registered the new test class in the main JUnit test suite.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 7 comments.
| File | Description |
|---|---|
| src/java/com/wolfssl/WolfSSLX509Name.java | Implements the new DN-based constructors and parsing/normalization helpers. |
| src/test/com/wolfssl/test/WolfSSLX509NameTest.java | Adds regression tests for the new constructors and error cases. |
| src/test/com/wolfssl/test/WolfSSLTestSuite.java | Includes the new test class in the suite. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
cconlon
force-pushed
the
x509name-dn-constructors
branch
2 times, most recently
from
06a6e96 to
3e340d9
Compare
wolfSSL-Fenrir-bot
left a comment
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #366
Scan targets checked: wolfssljni-bugs, wolfssljni-src
Findings: 1
1 finding(s) posted as inline comments (see file-level comments below)
This review was generated automatically by Fenrir. Findings are non-blocking.
cconlon
force-pushed
the
x509name-dn-constructors
branch
from
3e340d9 to
2b7692b
Compare
cconlon
force-pushed
the
x509name-dn-constructors
branch
from
2b7692b to
e013b63
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds two new constructors to
WolfSSLX509Name:WolfSSLX509Name(String)andWolfSSLX509Name(X500Principal)constructors so callers can populate a name from a parsed DN instead of calling eachsetXxx()individually.CN=foo,O=bar,C=US) vs OpenSSL oneline (/C=US/O=bar/CN=foo).javax.naming.*dependency) so the file compiles on Android. Callers who already have ajavax.naming.ldap.LdapNamecan passmyLdapName.toString()since LdapName's string form is RFC 2253.title,domainComponent, andserialNumbermirror fields with matchingsetX/getXmethods so the canonicalization table and mirror set stay in sync. Tests for these are gated behindAssume.assumeTruesince wolfSSL only added these three to its OBJ table in v5.8.2.WolfSSLException, since nativewolfSSL_X509_NAME_add_entry()currently ignores thesetflag.Includes new JUnit tests for regression prevention.