Add Connection.get_certificate method (#733)

This makes it possible to retrieve the local certificate (if any) for a Connection. An example where this is useful is when negotiating a DTLS-SRTP connection, the fingerprint of the local certificate needs to be communicated to the remote party out-of-band via SDP.
author: Jeremy Lainé <jeremy.laine@m4x.org> 2018-05-16 19:44:19 +0200
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2018-05-16 13:44:19 -0400
commit: 460a19d45425218c34dcb7d6fde478f80a987fea (patch)
tree: 27a774b3666b094b1677aee76539342a6ca1f5e2 /src/OpenSSL/SSL.py
parent: e7f334583541e1de98614e76a65b7d04e7be4979 (diff)
download: pyopenssl-460a19d45425218c34dcb7d6fde478f80a987fea.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
index 4c708ba..e3eddae 100644
--- a/src/OpenSSL/SSL.py
+++ b/src/OpenSSL/SSL.py
@@ -2176,6 +2176,18 @@ class Connection(object):
         """
         return self._socket.shutdown(*args, **kwargs)
 
+    def get_certificate(self):
+        """
+        Retrieve the local certificate (if any)
+
+        :return: The local certificate
+        """
+        cert = _lib.SSL_get_certificate(self._ssl)
+        if cert != _ffi.NULL:
+            _lib.X509_up_ref(cert)
+            return X509._from_raw_x509_ptr(cert)
+        return None
+
     def get_peer_certificate(self):
         """
         Retrieve the other side's certificate (if any)
author	Jeremy Lainé <jeremy.laine@m4x.org>	2018-05-16 19:44:19 +0200
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2018-05-16 13:44:19 -0400
commit	460a19d45425218c34dcb7d6fde478f80a987fea (patch)
tree	27a774b3666b094b1677aee76539342a6ca1f5e2 /src/OpenSSL/SSL.py
parent	e7f334583541e1de98614e76a65b7d04e7be4979 (diff)
download	pyopenssl-460a19d45425218c34dcb7d6fde478f80a987fea.tar.gz