[compat] implement X509::Certificate#==

Author: kares

src/main/java/org/jruby/ext/openssl/X509Cert.java

@@ -45,6 +45,7 @@
 import java.security.interfaces.DSAPublicKey;
 import java.security.interfaces.RSAPublicKey;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collection;
 import java.util.LinkedHashMap;
 import java.util.List;
@@ -316,6 +317,36 @@ public IRubyObject tbs_bytes() {
         }
     }
 
+    @Override
+    @JRubyMethod(name = "==")
+    public IRubyObject op_equal(ThreadContext context, IRubyObject obj) {
+        return equalImpl(context.runtime, obj);
+    }
+
+    private IRubyObject equalImpl(final Ruby runtime, IRubyObject obj) {
+        if ( this == obj ) return runtime.getTrue();
+        if ( obj instanceof X509Cert ) {
+            final X509Certificate cert = this.cert;
+            final X509Certificate otherCert = ((X509Cert) obj).cert;
+            if ( cert == null || otherCert == null ) return runtime.getFalse();
+
+            final boolean equal;
+            try {
+                equal = Arrays.equals(cert.getEncoded(), otherCert.getEncoded());
+            }
+            catch (CertificateEncodingException e) {
+                throw newCertificateError(runtime, e);
+            }
+            return runtime.newBoolean(equal);
+        }
+        return runtime.getFalse();
+    }
+
+    @Override
+    public IRubyObject eql_p(IRubyObject obj) {
+        return equalImpl(getRuntime(), obj);
+    }
+
     @JRubyMethod(name = {"to_pem", "to_s"})
     public IRubyObject to_pem() {
         final StringWriter str = new StringWriter();

src/test/ruby/x509/test_x509cert.rb

@@ -434,6 +434,31 @@ def test_tbs_precert_bytes
     assert_equal 7, seq.value.size
   end
 
+  def test_eq
+    now = Time.now
+    ca = OpenSSL::X509::Name.parse('/DC=org/DC=ruby-lang/CN=CA')
+    ee = OpenSSL::X509::Name.parse('/DC=org/DC=example/CN=ServerCert')
+    ca_key = OpenSSL::PKey::RSA.new(TEST_KEY_RSA1024)
+    ee_key = OpenSSL::PKey::RSA.new(TEST_KEY_RSA1024)
+
+    cacert = issue_cert(ca, ca_key, 1, [], nil, nil,
+                        not_before: now, not_after: now + 3600)
+    cert1 = issue_cert(ee, ee_key, 2, [], cacert, ca_key,
+                       not_before: now, not_after: now + 3600)
+    cert2 = issue_cert(ee, ee_key, 2, [], cacert, ca_key,
+                       not_before: now, not_after: now + 3600)
+    cert3 = issue_cert(ee, ee_key, 3, [], cacert, ca_key,
+                       not_before: now, not_after: now + 3600)
+    cert4 = issue_cert(ee, ee_key, 2, [], cacert, ca_key,
+                       digest: 'sha512', not_before: now, not_after: now + 3600)
+
+    assert_equal false, cert1 == 12345
+    assert_equal true, cert1 == cert2
+    assert_equal false, cert1 == cert3
+    assert_equal false, cert1 == cert4
+    assert_equal false, cert3 == cert4
+  end
+
   def test_cert_loading_regression
     cert_text = "0\x82\x01\xAD0\x82\x01\xA1\xA0\x03\x02\x01\x02\x02\x01\x010\x03\x06\x01\x000g1\v0\t\x06\x03U\x04\x06\x13\x02US1\x130\x11\x06\x03U\x04\b\f\nCalifornia1\x150\x13\x06\x03U\x04\a\f\fSanta Monica1\x110\x0F\x06\x03U\x04\n\f\bOneLogin1\x190\x17\x06\x03U\x04\x03\f\x10app.onelogin.com0\x1E\x17\r100309095845Z\x17\r150309095845Z0g1\v0\t\x06\x03U\x04\x06\x13\x02US1\x130\x11\x06\x03U\x04\b\f\nCalifornia1\x150\x13\x06\x03U\x04\a\f\fSanta Monica1\x110\x0F\x06\x03U\x04\n\f\bOneLogin1\x190\x17\x06\x03U\x04\x03\f\x10app.onelogin.com0\x81\x9F0\r\x06\t*\x86H\x86\xF7\r\x01\x01\x01\x05\x00\x03\x81\x8D\x000\x81\x89\x02\x81\x81\x00\xE8\xD2\xBBW\xE3?/\x1D\xE7\x0E\x10\xC8\xBD~\xCD\xDE!#\rL\x92G\xDF\xE1f?L\xB1\xBC9\x99\x14\xE5\x84\xD2Zi\x87<>d\xBD\x81\xF9\xBA\x85\xD2\xFF\xAA\x90\xF3Z\x97\xA5\x1D\xB0W\xC0\x93\xA3\x06IP\xB84\xF5\xD7Qu\x19\xFCB\xCA\xA3\xD4\\\x8E\v\x9B%\x13|\xB6m\x9D\xA8\x16\xE6\xBB\xDA\x87\xFF\xE3\xD7\xE9\xBA9\xC5O\xA2\xA7C\xADB\x04\xCA\xA5\x0E\x84\xD0\xA8\xE4\xFA\xDA\xF1\x89\xF2s\xFA1\x95\xAF\x03\xAB1\xAA\xE7y\x02\x03\x01\x00\x010\x03\x06\x01\x00\x03\x01\x00"
     assert cert = OpenSSL::X509::Certificate.new(cert_text)