int gnutls_x509_crt_init(gnutls_x509_crt_t * cert);
void gnutls_x509_crt_deinit(gnutls_x509_crt_t cert);
+
+unsigned gnutls_x509_crt_equals(gnutls_x509_crt_t cert1, gnutls_x509_crt_t cert2);
+unsigned gnutls_x509_crt_equals2(gnutls_x509_crt_t cert1, gnutls_datum_t * der);
+
int gnutls_x509_crt_import(gnutls_x509_crt_t cert,
const gnutls_datum_t * data,
gnutls_x509_crt_fmt_t format);
gnutls_x509_crq_get_pk_oid;
gnutls_x509_crl_get_signature_oid;
gnutls_ecc_curve_get_pk;
+ gnutls_x509_crt_equals;
+ gnutls_x509_crt_equals2;
local:
*;
};
goto cleanup;
}
- if (_gnutls_check_if_same_cert(priv->crt, tcrt) == 0) {
+ if (gnutls_x509_crt_equals(priv->crt, tcrt) == 0) {
/* doesn't match */
ret = -1;
goto cleanup;
_gnutls_check_valid_key_id(gnutls_datum_t *key_id,
gnutls_x509_crt_t cert, time_t now);
-bool
-_gnutls_check_if_same_cert(gnutls_x509_crt_t cert1,
- gnutls_x509_crt_t cert2);
-
-bool
-_gnutls_check_if_same_cert2(gnutls_x509_crt_t cert1,
- gnutls_datum_t * cert2bin);
-
bool _gnutls_check_key_purpose(gnutls_x509_crt_t cert, const char *purpose, unsigned no_any);
time_t _gnutls_x509_generalTime2gtime(const char *ttime);
signercert = find_signercert(resp);
if (!signercert) {
signercert = issuer;
- } else if (!_gnutls_check_if_same_cert(signercert, issuer)) {
+ } else if (!gnutls_x509_crt_equals(signercert, issuer)) {
/* response contains a signer. Verify him */
if (flags & GNUTLS_TL_NO_DUPLICATES || flags & GNUTLS_TL_NO_DUPLICATE_KEY) {
for (j=0;j<list->node[hash].trusted_ca_size;j++) {
if (flags & GNUTLS_TL_NO_DUPLICATES)
- ret = _gnutls_check_if_same_cert(list->node[hash].trusted_cas[j], clist[i]);
+ ret = gnutls_x509_crt_equals(list->node[hash].trusted_cas[j], clist[i]);
else
ret = _gnutls_check_if_same_key(list->node[hash].trusted_cas[j], clist[i], 1);
if (ret != 0) {
hash %= list->size;
for (j = 0; j < list->node[hash].trusted_ca_size; j++) {
- if (_gnutls_check_if_same_cert
+ if (gnutls_x509_crt_equals
(clist[i],
list->node[hash].trusted_cas[j]) != 0) {
hash %= list->size;
for (j = 0; j < list->node[hash].trusted_ca_size; j++) {
- if (_gnutls_check_if_same_cert
+ if (gnutls_x509_crt_equals
(certificate_list[i],
list->node[hash].trusted_cas[j]) != 0) {
/* cut the list at the point of first the trusted certificate */
for (i=0;i<cert_list_size;i++) {
for (j=0;j<blacklist_size;j++) {
- if (_gnutls_check_if_same_cert(cert_list[i], blacklist[j]) != 0) {
+ if (gnutls_x509_crt_equals(cert_list[i], blacklist[j]) != 0) {
return 1;
}
}
*voutput = GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND;
for (i = 0; i < list->node[hash].named_cert_size; i++) {
- if (_gnutls_check_if_same_cert(cert, list->node[hash].named_certs[i].cert) != 0) { /* check if name matches */
+ if (gnutls_x509_crt_equals(cert, list->node[hash].named_certs[i].cert) != 0) { /* check if name matches */
if (list->node[hash].named_certs[i].name_size ==
name_size
&& memcmp(list->node[hash].named_certs[i].name,
for (i = 0; i < list->node[hash].trusted_ca_size; i++) {
ret =
- _gnutls_check_if_same_cert(cert,
+ gnutls_x509_crt_equals(cert,
list->node[hash].
trusted_cas[i]);
if (ret != 0)
#include <stdbool.h>
/* Checks if two certs have the same name and the same key. Return 1 on match.
- * If @is_ca is zero then this function is identical to _gnutls_check_if_same_cert()
+ * If @is_ca is zero then this function is identical to gnutls_x509_crt_equals()
*/
bool
_gnutls_check_if_same_key(gnutls_x509_crt_t cert1,
bool result;
if (is_ca == 0)
- return _gnutls_check_if_same_cert(cert1, cert2);
+ return gnutls_x509_crt_equals(cert1, cert2);
ret = _gnutls_is_same_dn(cert1, cert2);
if (ret == 0)
return ret;
}
-bool
-_gnutls_check_if_same_cert(gnutls_x509_crt_t cert1,
- gnutls_x509_crt_t cert2)
-{
- int ret;
- bool result;
-
- ret = _gnutls_is_same_dn(cert1, cert2);
- if (ret == 0)
- return 0;
-
- if ((cert1->der.size == cert2->der.size) &&
- (memcmp(cert1->der.data, cert2->der.data, cert1->der.size) == 0))
- result = 1;
- else
- result = 0;
-
- return result;
-}
-
-bool
-_gnutls_check_if_same_cert2(gnutls_x509_crt_t cert1,
- gnutls_datum_t * cert2bin)
-{
- bool result;
-
- if ((cert1->der.size == cert2bin->size) &&
- (memcmp(cert1->der.data, cert2bin->data, cert1->der.size) == 0))
- result = 1;
- else
- result = 0;
-
- return result;
-}
/* Checks if the issuer of a certificate is a
* Certificate Authority, or if the certificate is the same
return 0;
}
+/**
+ * gnutls_x509_crt_equals - This function compares two gnutls_x509_crt_t certificates
+ * @cert1: The first certificate
+ * @cert2: The second certificate
+ *
+ * This function will compare two X.509 certificate structures.
+ *
+ * Returns: On equality non-zero is returned, otherwise zero.
+ *
+ * Since: 3.5.0
+ **/
+unsigned gnutls_x509_crt_equals(gnutls_x509_crt_t cert1,
+ gnutls_x509_crt_t cert2)
+{
+ int ret;
+ bool result;
+
+ ret = _gnutls_is_same_dn(cert1, cert2);
+ if (ret == 0)
+ return 0;
+
+ if ((cert1->der.size == cert2->der.size) &&
+ (memcmp(cert1->der.data, cert2->der.data, cert1->der.size) == 0))
+ result = 1;
+ else
+ result = 0;
+
+ return result;
+}
+
+/**
+ * gnutls_x509_crt_equals2 - This function compares a gnutls_x509_crt_t cert with DER data
+ * @cert1: The first certificate
+ * @der: A DER encoded certificate
+ *
+ * This function will compare an X.509 certificate structures, with DER
+ * encoded certificate data.
+ *
+ * Returns: On equality non-zero is returned, otherwise zero.
+ *
+ * Since: 3.5.0
+ **/
+unsigned
+gnutls_x509_crt_equals2(gnutls_x509_crt_t cert1,
+ gnutls_datum_t * der)
+{
+ bool result;
+
+ if ((cert1->der.size == der->size) &&
+ (memcmp(cert1->der.data, der->data, cert1->der.size) == 0))
+ result = 1;
+ else
+ result = 0;
+
+ return result;
+}
+
/**
* gnutls_x509_crt_init:
* @cert: A pointer to the type to be initialized
projects / thirdparty / gnutls.git / commitdiff
