Merge pull request #33 from libp2p/expose-pubkey-from-certchain

expose the function to derive the peer's public key from the cert chain

Merge pull request #33 from libp2p/expose-pubkey-from-certchain
expose the function to derive the peer's public key from the cert chain
46e9e9f9 · Marten Seemann · GitHub · cc53c4f8 · 71f35a4b · 46e9e9f9
Unverified Commit 46e9e9f9 authored Aug 01, 2019 by Marten Seemann Committed by GitHub Aug 01, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 6 deletions

crypto.go crypto.go +4 -6

No files found.
--- a/crypto.go
+++ b/crypto.go
@@ -68,9 +68,7 @@ func (i *Identity) ConfigForAny() (*tls.Config, <-chan ic.PubKey) {
 //
 // It should be used to create a new tls.Config before securing either an
 // incoming or outgoing connection.
-func (i *Identity) ConfigForPeer(
+func (i *Identity) ConfigForPeer(remote peer.ID) (*tls.Config, <-chan ic.PubKey) {
-	remote peer.ID,
-) (*tls.Config, <-chan ic.PubKey) {
 	keyCh := make(chan ic.PubKey, 1)
 	// We need to check the peer ID in the VerifyPeerCertificate callback.
 	// The tls.Config it is also used for listening, and we might also have concurrent dials.
@@ -90,7 +88,7 @@ func (i *Identity) ConfigForPeer(
 			chain[i] = cert
 		}
-		pubKey, err := getRemotePubKey(chain)
+		pubKey, err := PubKeyFromCertChain(chain)
 		if err != nil {
 			return err
 		}
@@ -103,8 +101,8 @@ func (i *Identity) ConfigForPeer(
 	return conf, keyCh
 }
-// getRemotePubKey derives the remote's public key from the certificate chain.
+// PubKeyFromCertChain verifies the certificate chain and extract the remote's public key.
-func getRemotePubKey(chain []*x509.Certificate) (ic.PubKey, error) {
+func PubKeyFromCertChain(chain []*x509.Certificate) (ic.PubKey, error) {
 	if len(chain) != 1 {
 		return nil, errors.New("expected one certificates in the chain")
 	}