Merge pull request #214 from josephglanville/feature/peer_cert

Add accessor for peer_certificate

2 files changed, 15 insertions, 0 deletions

diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index 17228793..98611064 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -822,6 +822,11 @@ impl<S: Read+Write> SslStream<S> {
         &self.stream
     }
 
+    /// Return the certificate of the peer
+    pub fn get_peer_certificate(&self) -> Option<X509> {
+        self.ssl.get_peer_certificate()
+    }
+
     /// Returns a mutable reference to the underlying stream.
     ///
     /// ## Warning
diff --git a/openssl/src/ssl/tests.rs b/openssl/src/ssl/tests.rs
index c9a2d73a..6759b2bb 100644
--- a/openssl/src/ssl/tests.rs
+++ b/openssl/src/ssl/tests.rs
@@ -315,6 +315,16 @@ fn test_write() {
     stream.flush().unwrap();
 }
 
+run_test!(get_peer_certificate, |method, stream| {
+    //let stream = TcpStream::connect("127.0.0.1:15418").unwrap();
+    let stream = SslStream::new(&SslContext::new(method).unwrap(), stream).unwrap();
+    let cert = stream.get_peer_certificate().unwrap();
+    let fingerprint = cert.fingerprint(SHA256).unwrap();
+    let node_hash_str = "46e3f1a6d17a41ce70d0c66ef51cee2ab4ba67cac8940e23f10c1f944b49    fb5c";
+    let node_id = node_hash_str.from_hex().unwrap();
+    assert_eq!(node_id, fingerprint)
+});
+
 #[test]
 #[cfg(feature = "dtlsv1")]
 fn test_write_dtlsv1() {