From 6e07e9c8e7e23f35249a4cd7eb4e0d6d235532b7 Mon Sep 17 00:00:00 2001
From: Leo Shen <i@szclsya.me>
Date: Mon, 6 Nov 2023 02:05:52 -0500
Subject: [PATCH 1/3] Support exporting pem from `Certificate`

---
 src/imp/openssl.rs | 5 +++++
 src/lib.rs         | 6 ++++++
 2 files changed, 11 insertions(+)

diff --git a/src/imp/openssl.rs b/src/imp/openssl.rs
index 8fc43620..41ba103e 100644
--- a/src/imp/openssl.rs
+++ b/src/imp/openssl.rs
@@ -201,6 +201,11 @@ impl Certificate {
         let der = self.0.to_der()?;
         Ok(der)
     }
+
+    pub fn to_pem(&self) -> Result<Vec<u8>, Error> {
+        let pem = self.0.to_pem()?;
+        Ok(pem)
+    }
 }
 
 pub struct MidHandshakeTlsStream<S>(MidHandshakeSslStream<S>);
diff --git a/src/lib.rs b/src/lib.rs
index 267679dc..9a05754b 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -210,6 +210,12 @@ impl Certificate {
         let der = self.0.to_der()?;
         Ok(der)
     }
+
+    /// Returns the PEM-encoded representation of this certificate
+    pub fn to_pem(&self) -> Result<Vec<u8>> {
+        let pem = self.0.to_pem()?;
+        Ok(pem)
+    }
 }
 
 /// A TLS stream which has been interrupted midway through the handshake process.

From f8254ff43d4a5868576632be34537ba03e50eb1f Mon Sep 17 00:00:00 2001
From: Leo Shen <i@szclsya.me>
Date: Mon, 6 Nov 2023 22:00:27 -0500
Subject: [PATCH 2/3] Implement PEM exporting for schannel

---
 src/imp/schannel.rs | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/imp/schannel.rs b/src/imp/schannel.rs
index 62e5042f..462ee64c 100644
--- a/src/imp/schannel.rs
+++ b/src/imp/schannel.rs
@@ -175,6 +175,10 @@ impl Certificate {
     pub fn to_der(&self) -> Result<Vec<u8>, Error> {
         Ok(self.0.to_der().to_vec())
     }
+
+    pub fn to_pem(&self) -> Result<Vec<u8>, Error> {
+        Ok(self.0.to_pem().into_bytes())
+    }
 }
 
 pub struct MidHandshakeTlsStream<S>(tls_stream::MidHandshakeTlsStream<S>);

From 1bc57b64e1f002111d8fc53c8f0ffb5d502b22aa Mon Sep 17 00:00:00 2001
From: Leo Shen <i@szclsya.me>
Date: Mon, 6 Nov 2023 22:00:39 -0500
Subject: [PATCH 3/3] Produce a panic when exporting PEM on macOS/iOS

- as the underlying security-framework crate doesn't implement PEM
  exporting yet
---
 src/imp/security_framework.rs | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/imp/security_framework.rs b/src/imp/security_framework.rs
index 511badfb..36c97f3d 100644
--- a/src/imp/security_framework.rs
+++ b/src/imp/security_framework.rs
@@ -225,6 +225,10 @@ impl Certificate {
     pub fn to_der(&self) -> Result<Vec<u8>, Error> {
         Ok(self.0.to_der())
     }
+
+    pub fn to_pem(&self) -> Result<Vec<u8>, Error> {
+        panic!("Not implemented on macOS/iOS");
+    }
 }
 
 pub enum HandshakeError<S> {