mirror/gmsm
1
0
Fork 0
mirror of https://github.com/emmansun/gmsm.git synced 2025-04-28 05:06:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

#45, #46

Browse Source
This commit is contained in:
Emman 2022-04-15 11:14:30 +08:00
parent 155ef2943d
commit 35732a2822
2 changed files with 94 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
smx509/cert_pool.go
View File

@ -73,7 +73,8 @@ func (s *CertPool) cert(n int) (*Certificate, error) {
return s.lazyCerts[n].getCert() return s.lazyCerts[n].getCert()
} }
func (s *CertPool) copy() *CertPool { // Clone returns a copy of s.
func (s *CertPool) Clone() *CertPool {
p := &CertPool{ p := &CertPool{
byName: make(map[string][]int, len(s.byName)), byName: make(map[string][]int, len(s.byName)),
lazyCerts: make([]lazyCert, len(s.lazyCerts)), lazyCerts: make([]lazyCert, len(s.lazyCerts)),
@ -105,7 +106,7 @@ func (s *CertPool) copy() *CertPool {
// New changes in the system cert pool might not be reflected in subsequent calls. // New changes in the system cert pool might not be reflected in subsequent calls.
func SystemCertPool() (*CertPool, error) { func SystemCertPool() (*CertPool, error) {
if sysRoots := systemRootsPool(); sysRoots != nil { if sysRoots := systemRootsPool(); sysRoots != nil {
return sysRoots.copy(), nil return sysRoots.Clone(), nil
} }
return loadSystemRoots() return loadSystemRoots()
@ -248,6 +249,9 @@ func (s *CertPool) Subjects() [][]byte {
// Equal reports whether s and other are equal. // Equal reports whether s and other are equal.
func (s *CertPool) Equal(other *CertPool) bool { func (s *CertPool) Equal(other *CertPool) bool {
if s == nil || other == nil {
return s == other
}
if s.systemPool != other.systemPool || len(s.haveSum) != len(other.haveSum) { if s.systemPool != other.systemPool || len(s.haveSum) != len(other.haveSum) {
return false return false
} }

124
smx509/cert_pool_test.go
View File

@ -3,52 +3,102 @@ package smx509
import "testing" import "testing"
func TestCertPoolEqual(t *testing.T) { func TestCertPoolEqual(t *testing.T) {
a, b := NewCertPool(), NewCertPool()
if !a.Equal(b) {
t.Error("two empty pools not equal")
}
tc := &Certificate{Raw: []byte{1, 2, 3}, RawSubject: []byte{2}} tc := &Certificate{Raw: []byte{1, 2, 3}, RawSubject: []byte{2}}
a.AddCert(tc)
if a.Equal(b) {
t.Error("empty pool equals non-empty pool")
}
b.AddCert(tc)
if !a.Equal(b) {
t.Error("two non-empty pools not equal")
}
otherTC := &Certificate{Raw: []byte{9, 8, 7}, RawSubject: []byte{8}} otherTC := &Certificate{Raw: []byte{9, 8, 7}, RawSubject: []byte{8}}
a.AddCert(otherTC)
if a.Equal(b) {
t.Error("non-equal pools equal")
}
systemA, err := SystemCertPool() emptyPool := NewCertPool()
nonSystemPopulated := NewCertPool()
nonSystemPopulated.AddCert(tc)
nonSystemPopulatedAlt := NewCertPool()
nonSystemPopulatedAlt.AddCert(otherTC)
emptySystem, err := SystemCertPool()
if err != nil { if err != nil {
t.Fatalf("unable to load system cert pool: %s", err) t.Fatal(err)
} }
systemB, err := SystemCertPool() populatedSystem, err := SystemCertPool()
if err != nil { if err != nil {
t.Fatalf("unable to load system cert pool: %s", err) t.Fatal(err)
} }
if !systemA.Equal(systemB) { populatedSystem.AddCert(tc)
t.Error("two empty system pools not equal") populatedSystemAlt, err := SystemCertPool()
if err != nil {
t.Fatal(err)
}
populatedSystemAlt.AddCert(otherTC)
tests := []struct {
name string
a *CertPool
b *CertPool
equal bool
}{
{
name: "two empty pools",
a: emptyPool,
b: emptyPool,
equal: true,
},
{
name: "one empty pool, one populated pool",
a: emptyPool,
b: nonSystemPopulated,
equal: false,
},
{
name: "two populated pools",
a: nonSystemPopulated,
b: nonSystemPopulated,
equal: true,
},
{
name: "two populated pools, different content",
a: nonSystemPopulated,
b: nonSystemPopulatedAlt,
equal: false,
},
{
name: "two empty system pools",
a: emptySystem,
b: emptySystem,
equal: true,
},
{
name: "one empty system pool, one populated system pool",
a: emptySystem,
b: populatedSystem,
equal: false,
},
{
name: "two populated system pools",
a: populatedSystem,
b: populatedSystem,
equal: true,
},
{
name: "two populated pools, different content",
a: populatedSystem,
b: populatedSystemAlt,
equal: false,
},
{
name: "two nil pools",
a: nil,
b: nil,
equal: true,
},
{
name: "one nil pool, one empty pool",
a: nil,
b: emptyPool,
equal: false,
},
} }
systemA.AddCert(tc) for _, tc := range tests {
if systemA.Equal(systemB) { t.Run(tc.name, func(t *testing.T) {
t.Error("empty system pool equals non-empty system pool") equal := tc.a.Equal(tc.b)
if equal != tc.equal {
t.Errorf("Unexpected Equal result: got %t, want %t", equal, tc.equal)
} }
})
systemB.AddCert(tc)
if !systemA.Equal(systemB) {
t.Error("two non-empty system pools not equal")
}
systemA.AddCert(otherTC)
if systemA.Equal(systemB) {
t.Error("non-equal system pools equal")
} }
} }