make x509.Name iterable and address other review feedback

4 files changed, 39 insertions, 23 deletions

diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt
index 003e37d5..fefd26b3 100644
--- a/docs/spelling_wordlist.txt
+++ b/docs/spelling_wordlist.txt
@@ -29,6 +29,7 @@ interoperable
 introspectability
 invariants
 iOS
+iterable
 Koblitz
 Lange
 metadata
diff --git a/docs/x509.rst b/docs/x509.rst
index 282744f3..473efc36 100644
--- a/docs/x509.rst
+++ b/docs/x509.rst
@@ -187,21 +187,20 @@ X.509 Certificate Object
 
     .. versionadded:: 0.8
 
-    An X509 Name is an ordered list of attributes. The entire list can be
-    obtained with :attr:`attributes` or you can use the helper properties to
+    An X509 Name is an ordered list of attributes. The object is iterable to
+    get every attribute or you can use the helper properties to
     obtain the specific type you want. Names are sometimes represented as a
-    slash or comma delimited string (e.g. ``/CN=mydomain.com/O=My Org/C=US``).
+    slash or comma delimited string (e.g. ``/CN=mydomain.com/O=My Org/C=US`` or
+    ``CN=mydomain.com, O=My Org, C=US``).
 
-    .. attribute:: attributes
+    .. doctest::
 
-        :type: :class:`list`
-
-        A list of all the :class:`NameAttribute` objects.
-
-        .. doctest::
-
-            >>> len(cert.subject.attributes)
-            3
+        >>> assert len(cert.subject) == 3
+        >>> attributes = []
+        >>> for attribute in cert.subject:
+        ...     attributes.append(attribute)
+        >>> len(attributes)
+        3
 
     .. method:: get_attributes_for_oid(oid)
 
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 7eb9a608..21693ed4 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -111,19 +111,21 @@ class Name(object):
     def get_attributes_for_oid(self, oid):
         return [i for i in self._attributes if i.oid == oid]
 
-    @property
-    def attributes(self):
-        return self._attributes[:]
-
     def __eq__(self, other):
         if not isinstance(other, Name):
             return NotImplemented
 
-        return self.attributes == other.attributes
+        return self._attributes == other._attributes
 
     def __ne__(self, other):
         return not self == other
 
+    def __iter__(self):
+        return iter(self._attributes[:])
+
+    def __len__(self):
+        return len(self._attributes)
+
 
 OID_COMMON_NAME = ObjectIdentifier("2.5.4.3")
 OID_COUNTRY_NAME = ObjectIdentifier("2.5.4.6")
diff --git a/tests/test_x509.py b/tests/test_x509.py
index c5a9e50a..0e95b258 100644
--- a/tests/test_x509.py
+++ b/tests/test_x509.py
@@ -10,6 +10,8 @@ import os
 
 import pytest
 
+import six
+
 from cryptography import x509
 from cryptography.hazmat.backends.interfaces import (
     DSABackend, EllipticCurveBackend, RSABackend, X509Backend
@@ -66,7 +68,10 @@ class TestRSACertificate(object):
         )
         issuer = cert.issuer
         assert isinstance(issuer, x509.Name)
-        assert issuer.attributes == [
+        attributes = []
+        for attrs in issuer:
+            attributes.append(attrs)
+        assert attributes == [
             x509.NameAttribute(x509.OID_COUNTRY_NAME, 'US'),
             x509.NameAttribute(
                 x509.OID_ORGANIZATION_NAME, 'Test Certificates 2011'
@@ -89,7 +94,10 @@ class TestRSACertificate(object):
         issuer = cert.issuer
 
         assert isinstance(issuer, x509.Name)
-        assert issuer.attributes == [
+        attributes = []
+        for attrs in issuer:
+            attributes.append(attrs)
+        assert attributes == [
             x509.NameAttribute(x509.OID_COUNTRY_NAME, 'US'),
             x509.NameAttribute(x509.OID_COUNTRY_NAME, 'CA'),
             x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, 'Texas'),
@@ -133,7 +141,10 @@ class TestRSACertificate(object):
         )
         subject = cert.subject
         assert isinstance(subject, x509.Name)
-        assert subject.attributes == [
+        attributes = []
+        for attrs in subject:
+            attributes.append(attrs)
+        assert attributes == [
             x509.NameAttribute(x509.OID_COUNTRY_NAME, 'US'),
             x509.NameAttribute(
                 x509.OID_ORGANIZATION_NAME, 'Test Certificates 2011'
@@ -162,13 +173,13 @@ class TestRSACertificate(object):
         assert cert.subject.get_attributes_for_oid(x509.OID_COMMON_NAME) == [
             x509.NameAttribute(
                 x509.OID_COMMON_NAME,
-                b'We heart UTF8!\xe2\x84\xa2'.decode('utf8')
+                six.u('We heart UTF8!\u2122')
             )
         ]
         assert cert.issuer.get_attributes_for_oid(x509.OID_COMMON_NAME) == [
             x509.NameAttribute(
                 x509.OID_COMMON_NAME,
-                b'We heart UTF8!\xe2\x84\xa2'.decode('utf8')
+                six.u('We heart UTF8!\u2122')
             )
         ]
 
@@ -183,7 +194,10 @@ class TestRSACertificate(object):
         )
         subject = cert.subject
         assert isinstance(subject, x509.Name)
-        assert subject.attributes == [
+        attributes = []
+        for attrs in subject:
+            attributes.append(attrs)
+        assert attributes == [
             x509.NameAttribute(x509.OID_COUNTRY_NAME, 'AU'),
             x509.NameAttribute(x509.OID_COUNTRY_NAME, 'DE'),
             x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, 'California'),