GNOME Bugzilla – Bug 681116
gtlscertificate: Add g_tls_certificate_equal() function
Last modified: 2012-08-03 17:01:26 UTC
Needed for some glib-networking refactoring, and figured wuoldn't want to rewrite this function all over the place.
Created attachment 220215 [details] [review] gtlscertificate: Add g_tls_certificate_equal() function * Certificate equality in PKIX in general is equality between the DER encoding of the certificates.
Comment on attachment 220215 [details] [review] gtlscertificate: Add g_tls_certificate_equal() function >+ * Check if two #GTlsCertificate objects represent the same certificate. >+ * The raw DER byte data of the two certificates are checked for equality. Might be worth explicitly noting that two certificates can compare equal even if (a) one has #GTlsCertificate::issuer set and the other doesn't, or (b) one includes a private key and the other doesn't. >+ b1 = g_byte_array_free_to_bytes (d1); >+ b2 = g_byte_array_free_to_bytes (d2); This works with GTlsCertificateGnutls because it constructs a new GByteArray each time, but it's not safe in general. And it's heavierweight than you need anyway; just compare d1->len to d2->len and then memcmp d1->data and d2->data.
Comment on attachment 220215 [details] [review] gtlscertificate: Add g_tls_certificate_equal() function > >+gboolean g_tls_certificate_equal (GTlsCertificate *cert_one, prefix with GLIB_AVAILABLE_IN_2_34
Created attachment 220268 [details] [review] gtlscertificate: Add g_tls_certificate_is_same() function Good catch about the free_to_bytes(). Duh. I also renamed the function so it doesn't look like all the other _equal() functions in glib.
Comment on attachment 220268 [details] [review] gtlscertificate: Add g_tls_certificate_is_same() function >+ * Return value: whether thet same or not good other than that
Attachment 220268 [details] pushed as 6ddf40f - gtlscertificate: Add g_tls_certificate_is_same() function