From 89dd50b3cec8d9c9dea33b3b461c9ecaaeaf3b9d Mon Sep 17 00:00:00 2001
From: Steven Fackler <sfackler@gmail.com>
Date: Fri, 29 Dec 2017 10:50:10 -0800
Subject: [PATCH] Add issuer name access.

Closes #808
---
 openssl-sys/src/libressl/mod.rs |  1 +
 openssl-sys/src/ossl10x.rs      |  1 +
 openssl-sys/src/ossl110.rs      |  1 +
 openssl/src/x509/mod.rs         | 50 +++++++++++++++++++++++++++++++--
 4 files changed, 50 insertions(+), 3 deletions(-)

diff --git a/openssl-sys/src/libressl/mod.rs b/openssl-sys/src/libressl/mod.rs
index 7eb119c23..ffa37bb09 100644
--- a/openssl-sys/src/libressl/mod.rs
+++ b/openssl-sys/src/libressl/mod.rs
@@ -542,6 +542,7 @@ extern "C" {
                                    -> *mut ::EC_KEY,
     );
     pub fn X509_get_subject_name(x: *mut ::X509) -> *mut ::X509_NAME;
+    pub fn X509_get_issuer_name(x: *mut ::X509) -> *mut ::X509_NAME;
     pub fn X509_set_notAfter(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int;
     pub fn X509_set_notBefore(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int;
     pub fn X509_get_ext_d2i(
diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs
index 8bf5e35b0..8a9a03893 100644
--- a/openssl-sys/src/ossl10x.rs
+++ b/openssl-sys/src/ossl10x.rs
@@ -830,6 +830,7 @@ extern "C" {
             -> *mut ::EC_KEY,
     );
     pub fn X509_get_subject_name(x: *mut ::X509) -> *mut ::X509_NAME;
+    pub fn X509_get_issuer_name(x: *mut ::X509) -> *mut ::X509_NAME;
     pub fn X509_set_notAfter(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int;
     pub fn X509_set_notBefore(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int;
     pub fn X509_get_ext_d2i(
diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs
index 8b8624432..f8d944f02 100644
--- a/openssl-sys/src/ossl110.rs
+++ b/openssl-sys/src/ossl110.rs
@@ -107,6 +107,7 @@ extern "C" {
     pub fn DTLS_method() -> *const ::SSL_METHOD;
     pub fn SSL_CIPHER_get_version(cipher: *const ::SSL_CIPHER) -> *const c_char;
     pub fn X509_get_subject_name(x: *const ::X509) -> *mut ::X509_NAME;
+    pub fn X509_get_issuer_name(x: *const ::X509) -> *mut ::X509_NAME;
     pub fn X509_set1_notAfter(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int;
     pub fn X509_set1_notBefore(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int;
     pub fn X509_get_ext_d2i(
diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs
index d1297a697..52becf103 100644
--- a/openssl/src/x509/mod.rs
+++ b/openssl/src/x509/mod.rs
@@ -263,14 +263,37 @@ foreign_type_and_impl_send_sync! {
 }
 
 impl X509Ref {
+    /// Returns this certificate's subject name.
+    ///
+    /// This corresponds to [`X509_get_subject_name`].
+    ///
+    /// [`X509_get_subject_name`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_get_subject_name.html
     pub fn subject_name(&self) -> &X509NameRef {
         unsafe {
             let name = ffi::X509_get_subject_name(self.as_ptr());
+            assert!(!name.is_null());
             X509NameRef::from_ptr(name)
         }
     }
 
-    /// Returns this certificate's SAN entries, if they exist.
+    /// Returns this certificate's issuer name.
+    ///
+    /// This corresponds to [`X509_get_issuer_name`].
+    ///
+    /// [`X509_get_issuer_name`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_get_subject_name.html
+    pub fn issuer_name(&self) -> &X509NameRef {
+        unsafe {
+            let name = ffi::X509_get_issuer_name(self.as_ptr());
+            assert!(!name.is_null());
+            X509NameRef::from_ptr(name)
+        }
+    }
+
+    /// Returns this certificate's subject alternative name entries, if they exist.
+    ///
+    /// This corresponds to [`X509_get_ext_d2i`] called with `NID_subject_alt_name`.
+    ///
+    /// [`X509_get_ext_d2i`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_get_ext_d2i.html
     pub fn subject_alt_names(&self) -> Option<Stack<GeneralName>> {
         unsafe {
             let stack = ffi::X509_get_ext_d2i(
@@ -280,10 +303,31 @@ impl X509Ref {
                 ptr::null_mut(),
             );
             if stack.is_null() {
-                return None;
+                None
+            } else {
+                Some(Stack::from_ptr(stack as *mut _))
             }
+        }
+    }
 
-            Some(Stack::from_ptr(stack as *mut _))
+    /// Returns this certificate's issuer alternative name entries, if they exist.
+    ///
+    /// This corresponds to [`X509_get_ext_d2i`] called with `NID_issuer_alt_name`.
+    ///
+    /// [`X509_get_ext_d2i`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_get_ext_d2i.html
+    pub fn issuer_alt_names(&self) -> Option<Stack<GeneralName>> {
+        unsafe {
+            let stack = ffi::X509_get_ext_d2i(
+                self.as_ptr(),
+                ffi::NID_issuer_alt_name,
+                ptr::null_mut(),
+                ptr::null_mut(),
+            );
+            if stack.is_null() {
+                None
+            } else {
+                Some(Stack::from_ptr(stack as *mut _))
+            }
         }
     }
 
-- 
GitLab