Expose alias on X509 structs

openssl-sys/src/handwritten/x509.rs

@@ -311,6 +311,7 @@ extern "C" {
     pub fn X509_get_version(x: *const X509) -> c_long;
     pub fn X509_set_serialNumber(x: *mut X509, sn: *mut ASN1_INTEGER) -> c_int;
     pub fn X509_get_serialNumber(x: *mut X509) -> *mut ASN1_INTEGER;
+    pub fn X509_alias_get0(x: *mut X509, len: *mut c_int) -> *mut c_uchar;
 }
 const_ptr_api! {
     extern "C" {

openssl/src/pkcs12.rs

@@ -304,9 +304,20 @@ mod test {
         let parsed = pkcs12.parse2("mypass").unwrap();
 
         assert_eq!(
-            hex::encode(parsed.cert.unwrap().digest(MessageDigest::sha1()).unwrap()),
+            hex::encode(
+                parsed
+                    .cert
+                    .as_ref()
+                    .unwrap()
+                    .digest(MessageDigest::sha1())
+                    .unwrap()
+            ),
             "59172d9313e84459bcff27f967e79e6e9217e584"
         );
+        assert_eq!(
+            parsed.cert.as_ref().unwrap().alias(),
+            Some(b"foobar.com" as &[u8])
+        );
 
         let chain = parsed.ca.unwrap();
         assert_eq!(chain.len(), 1);

openssl/src/x509/mod.rs

@@ -649,6 +649,22 @@ impl X509Ref {
         }
     }
 
+    /// Returns this certificate's "alias". This field is populated by
+    /// OpenSSL in some situations -- specifically OpenSSL will store a
+    /// PKCS#12 `friendlyName` in this field.
+    #[corresponds(X509_alias_get0)]
+    pub fn alias(&self) -> Option<&[u8]> {
+        unsafe {
+            let mut len = 0;
+            let ptr = ffi::X509_alias_get0(self.as_ptr(), &mut len);
+            if ptr.is_null() {
+                None
+            } else {
+                Some(slice::from_raw_parts(ptr, len as usize))
+            }
+        }
+    }
+
     to_pem! {
         /// Serializes the certificate into a PEM-encoded X509 structure.
         ///