diff --git a/openssl-sys/src/handwritten/x509.rs b/openssl-sys/src/handwritten/x509.rs index 15f527e651..7642dcd3b9 100644 --- a/openssl-sys/src/handwritten/x509.rs +++ b/openssl-sys/src/handwritten/x509.rs @@ -311,6 +311,7 @@ extern "C" { pub fn X509_get_version(x: *const X509) -> c_long; pub fn X509_set_serialNumber(x: *mut X509, sn: *mut ASN1_INTEGER) -> c_int; pub fn X509_get_serialNumber(x: *mut X509) -> *mut ASN1_INTEGER; + pub fn X509_alias_get0(x: *mut X509, len: *mut c_int) -> *mut c_uchar; } const_ptr_api! { extern "C" { diff --git a/openssl/src/pkcs12.rs b/openssl/src/pkcs12.rs index d74705eaa8..5f171da9b8 100644 --- a/openssl/src/pkcs12.rs +++ b/openssl/src/pkcs12.rs @@ -304,9 +304,20 @@ mod test { let parsed = pkcs12.parse2("mypass").unwrap(); assert_eq!( - hex::encode(parsed.cert.unwrap().digest(MessageDigest::sha1()).unwrap()), + hex::encode( + parsed + .cert + .as_ref() + .unwrap() + .digest(MessageDigest::sha1()) + .unwrap() + ), "59172d9313e84459bcff27f967e79e6e9217e584" ); + assert_eq!( + parsed.cert.as_ref().unwrap().alias(), + Some(b"foobar.com" as &[u8]) + ); let chain = parsed.ca.unwrap(); assert_eq!(chain.len(), 1); diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index 52ad4af8c7..0d1a500f06 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -649,6 +649,22 @@ impl X509Ref { } } + /// Returns this certificate's "alias". This field is populated by + /// OpenSSL in some situations -- specifically OpenSSL will store a + /// PKCS#12 `friendlyName` in this field. + #[corresponds(X509_alias_get0)] + pub fn alias(&self) -> Option<&[u8]> { + unsafe { + let mut len = 0; + let ptr = ffi::X509_alias_get0(self.as_ptr(), &mut len); + if ptr.is_null() { + None + } else { + Some(slice::from_raw_parts(ptr, len as usize)) + } + } + } + to_pem! { /// Serializes the certificate into a PEM-encoded X509 structure. ///