From 6ddf40f301439c01bec24344694074bd9ba5f016 Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@gnome.org>
Date: Wed, 1 Aug 2012 10:41:02 +0200
Subject: [PATCH] gtlscertificate: Add g_tls_certificate_is_same() function

 * Certificate equality in PKIX in general is equality between
   the DER encoding of the certificates.

https://bugzilla.gnome.org/show_bug.cgi?id=681116
---
 docs/reference/gio/gio-sections.txt |  1 +
 gio/gio.symbols                     |  1 +
 gio/gtlscertificate.c               | 37 +++++++++++++++++++++++++++++++++++++
 gio/gtlscertificate.h               |  4 ++++
 4 files changed, 43 insertions(+)

diff --git a/docs/reference/gio/gio-sections.txt b/docs/reference/gio/gio-sections.txt
index 991cc32..36a0c30 100644
--- a/docs/reference/gio/gio-sections.txt
+++ b/docs/reference/gio/gio-sections.txt
@@ -3300,6 +3300,7 @@ g_tls_certificate_new_from_files
 g_tls_certificate_list_new_from_file
 g_tls_certificate_get_issuer
 g_tls_certificate_verify
+g_tls_certificate_is_same
 <SUBSECTION Standard>
 GTlsCertificateClass
 GTlsCertificatePrivate
diff --git a/gio/gio.symbols b/gio/gio.symbols
index a60e1e9..26558ea 100644
--- a/gio/gio.symbols
+++ b/gio/gio.symbols
@@ -1525,6 +1525,7 @@ g_tls_error_get_type
 g_tls_error_quark
 g_tls_certificate_get_issuer
 g_tls_certificate_get_type
+g_tls_certificate_is_same
 g_tls_certificate_list_new_from_file
 g_tls_certificate_new_from_file
 g_tls_certificate_new_from_files
diff --git a/gio/gtlscertificate.c b/gio/gtlscertificate.c
index 2cea2be..6c04378 100644
--- a/gio/gtlscertificate.c
+++ b/gio/gtlscertificate.c
@@ -560,3 +560,40 @@ g_tls_certificate_verify (GTlsCertificate     *cert,
 {
   return G_TLS_CERTIFICATE_GET_CLASS (cert)->verify (cert, identity, trusted_ca);
 }
+
+/**
+ * g_tls_certificate_is_same:
+ * @cert_one: first certificate to compare
+ * @cert_two: second certificate to compare
+ *
+ * Check if two #GTlsCertificate objects represent the same certificate.
+ * The raw DER byte data of the two certificates are checked for equality.
+ * This has the effect that two certificates may compare equal even if
+ * their #GTlsCertificate:issuer, #GTlsCertificate:private-key, or
+ * #GTlsCertificate:private-key-pem properties differ.
+ *
+ * Return value: whether the same or not
+ *
+ * Since: 2.34
+ */
+gboolean
+g_tls_certificate_is_same (GTlsCertificate     *cert_one,
+                           GTlsCertificate     *cert_two)
+{
+  GByteArray *b1, *b2;
+  gboolean equal;
+
+  g_return_val_if_fail (G_IS_TLS_CERTIFICATE (cert_one), FALSE);
+  g_return_val_if_fail (G_IS_TLS_CERTIFICATE (cert_two), FALSE);
+
+  g_object_get (cert_one, "certificate", &b1, NULL);
+  g_object_get (cert_two, "certificate", &b2, NULL);
+
+  equal = (b1->len == b2->len &&
+           memcmp (b1->data, b2->data, b1->len) == 0);
+
+  g_byte_array_unref (b1);
+  g_byte_array_unref (b2);
+
+  return equal;
+}
diff --git a/gio/gtlscertificate.h b/gio/gtlscertificate.h
index 40cabf9..991eb1d 100644
--- a/gio/gtlscertificate.h
+++ b/gio/gtlscertificate.h
@@ -78,6 +78,10 @@ GTlsCertificateFlags  g_tls_certificate_verify             (GTlsCertificate
 							    GSocketConnectable  *identity,
 							    GTlsCertificate     *trusted_ca);
 
+GLIB_AVAILABLE_IN_2_34
+gboolean              g_tls_certificate_is_same            (GTlsCertificate     *cert_one,
+                                                            GTlsCertificate     *cert_two);
+
 G_END_DECLS
 
 #endif /* __G_TLS_CERTIFICATE_H__ */
-- 
2.7.4