xmlsecurityengine/xmlseccrypto/src/xmlsecc_x509vfy.cpp
changeset 15 9b1f1fe06753
parent 0 e35f40988205
child 24 74f0b3eb154c
equal deleted inserted replaced
3:e724ec518437 15:9b1f1fe06753
    84     /* reserved for the future */
    84     /* reserved for the future */
    85     NULL,					/* void* reserved0; */
    85     NULL,					/* void* reserved0; */
    86     NULL,					/* void* reserved1; */
    86     NULL,					/* void* reserved1; */
    87 };
    87 };
    88 
    88 
    89 static int		xmlSecSymbianCryptoX509VerifyCrl			(X509_STORE* xst, 
    89 /*static int		xmlSecSymbianCryptoX509VerifyCrl			(X509_STORE* xst, 
    90 									 X509_CRL *crl );
    90 									 X509_CRL *crl );*/
    91 static X509*		xmlSecSymbianCryptoX509FindCert			(STACK_OF(X509) *certs,
    91 static X509*		xmlSecSymbianCryptoX509FindCert			(STACK_OF(X509) *certs,
    92 									 xmlChar *subjectName,
    92 									 xmlChar *subjectName,
    93 									 xmlChar *issuerName, 
    93 									 xmlChar *issuerName, 
    94 									 xmlChar *issuerSerial,
    94 									 xmlChar *issuerSerial,
    95 									 xmlChar *ski);
    95 									 xmlChar *ski);
    96 static X509*		xmlSecSymbianCryptoX509FindNextChainCert		(STACK_OF(X509) *chain, 
    96 /*static X509*		xmlSecSymbianCryptoX509FindNextChainCert		(STACK_OF(X509) *chain, 
    97 		    							 X509 *cert);
    97 		    							 X509 *cert);
    98 static int		xmlSecSymbianCryptoX509VerifyCertAgainstCrls		(STACK_OF(X509_CRL) *crls, 
    98 static int		xmlSecSymbianCryptoX509VerifyCertAgainstCrls		(STACK_OF(X509_CRL) *crls, 
    99 								         X509* cert);
    99 								         X509* cert);
   100 static X509_NAME*	xmlSecSymbianCryptoX509NameRead			(xmlSecByte *str, 
   100 static X509_NAME*	xmlSecSymbianCryptoX509NameRead			(xmlSecByte *str, 
   101 									 int len);
   101 									 int len);
   107 									 int ingoreTrailingSpaces);
   107 									 int ingoreTrailingSpaces);
   108 static int		xmlSecSymbianCryptoX509NamesCompare			(X509_NAME *a,
   108 static int		xmlSecSymbianCryptoX509NamesCompare			(X509_NAME *a,
   109 									 X509_NAME *b);
   109 									 X509_NAME *b);
   110 static int 		xmlSecSymbianCryptoX509_NAME_cmp			(const X509_NAME *a, 
   110 static int 		xmlSecSymbianCryptoX509_NAME_cmp			(const X509_NAME *a, 
   111 									 const X509_NAME *b);
   111 									 const X509_NAME *b);
   112 /*
   112 
   113 static int 		xmlSecSymbianCryptoX509_NAME_ENTRY_cmp		(const X509_NAME_ENTRY **a, 
   113 static int 		xmlSecSymbianCryptoX509_NAME_ENTRY_cmp		(const X509_NAME_ENTRY **a, 
   114 									 const X509_NAME_ENTRY **b);
   114 									 const X509_NAME_ENTRY **b);
   115 */
   115 */
   116 /** 
   116 /** 
   117  * xmlSecSymbianCryptoX509StoreGetKlass:
   117  * xmlSecSymbianCryptoX509StoreGetKlass:
   176  */
   176  */
   177 EXPORT_C 
   177 EXPORT_C 
   178 int 	
   178 int 	
   179 xmlSecSymbianCryptoX509StoreKeyCertVerify(xmlSecKeyDataStorePtr store, X509* cert) {
   179 xmlSecSymbianCryptoX509StoreKeyCertVerify(xmlSecKeyDataStorePtr store, X509* cert) {
   180     xmlSecSymbianCryptoX509StoreCtxPtr ctx;
   180     xmlSecSymbianCryptoX509StoreCtxPtr ctx;
   181     X509* res = NULL;
   181     
   182     X509 *err_cert = NULL;
   182     
   183     char buf[256];
   183     
   184     int err = 0, depth;
   184     int err = 0;
   185     int i;
   185     
   186     int ret;
   186     
   187 
   187 
   188     xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecSymbianCryptoX509StoreId), NULL);
   188     xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecSymbianCryptoX509StoreId), NULL);
   189     xmlSecAssert2(cert, NULL);
   189     xmlSecAssert2(cert, NULL);
   190 
   190 
   191     ctx = xmlSecSymbianCryptoX509StoreGetCtx(store);
   191     ctx = xmlSecSymbianCryptoX509StoreGetCtx(store);
   257 EXPORT_C 
   257 EXPORT_C 
   258 X509* 	
   258 X509* 	
   259 xmlSecSymbianCryptoX509StoreVerify(xmlSecKeyDataStorePtr store, XMLSEC_STACK_OF_X509* certs,
   259 xmlSecSymbianCryptoX509StoreVerify(xmlSecKeyDataStorePtr store, XMLSEC_STACK_OF_X509* certs,
   260 			     XMLSEC_STACK_OF_X509_CRL* crls, xmlSecKeyInfoCtx* keyInfoCtx) {
   260 			     XMLSEC_STACK_OF_X509_CRL* crls, xmlSecKeyInfoCtx* keyInfoCtx) {
   261     xmlSecSymbianCryptoX509StoreCtxPtr ctx;
   261     xmlSecSymbianCryptoX509StoreCtxPtr ctx;
   262     STACK_OF(X509)* certs2 = NULL;	
   262     
   263     X509* res = NULL;
   263     X509* res = NULL;
   264     X509* cert = NULL;
   264     X509* cert = NULL;
   265     X509 *err_cert = NULL;
   265    
   266     char buf[256];
   266     
   267     int err = 0, depth;
   267     int err = 0;
   268     int i;
   268 
   269     int ret;
   269     int ret;
   270 
   270 
   271     xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecSymbianCryptoX509StoreId), NULL);
   271     xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecSymbianCryptoX509StoreId), NULL);
   272     xmlSecAssert2(certs, NULL);
   272     xmlSecAssert2(certs, NULL);
   273     xmlSecAssert2(keyInfoCtx, NULL);
   273     xmlSecAssert2(keyInfoCtx, NULL);
   634     return(0);
   634     return(0);
   635 }
   635 }
   636 
   636 
   637 static int
   637 static int
   638 xmlSecSymbianCryptoX509StoreInitialize(xmlSecKeyDataStorePtr store) {
   638 xmlSecSymbianCryptoX509StoreInitialize(xmlSecKeyDataStorePtr store) {
   639     const xmlChar* path;
   639     
   640     
   640     
   641     xmlSecSymbianCryptoX509StoreCtxPtr ctx;
   641     xmlSecSymbianCryptoX509StoreCtxPtr ctx;
   642     xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecSymbianCryptoX509StoreId), -1);
   642     xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecSymbianCryptoX509StoreId), -1);
   643 
   643 
   644     ctx = xmlSecSymbianCryptoX509StoreGetCtx(store);
   644     ctx = xmlSecSymbianCryptoX509StoreGetCtx(store);
   749 /*****************************************************************************
   749 /*****************************************************************************
   750  *
   750  *
   751  * Low-level x509 functions
   751  * Low-level x509 functions
   752  *
   752  *
   753  *****************************************************************************/
   753  *****************************************************************************/
   754 static int
   754 /*static int
   755 xmlSecSymbianCryptoX509VerifyCrl(X509_STORE* xst, X509_CRL *crl ) {
   755 xmlSecSymbianCryptoX509VerifyCrl(X509_STORE* xst, X509_CRL *crl ) {
   756 
   756 
   757     EVP_PKEY *pkey;
   757     EVP_PKEY *pkey;
   758     int ret = 0;  
   758     int ret = 0;  
   759 #ifdef XMLSEC_FUTURE_SUPPORT   
   759 #ifdef XMLSEC_FUTURE_SUPPORT   
   792     }
   792     }
   793     X509_STORE_CTX_cleanup (&xsc);  
   793     X509_STORE_CTX_cleanup (&xsc);  
   794 #endif		//XMLSEC_FUTURE_SUPPORT    
   794 #endif		//XMLSEC_FUTURE_SUPPORT    
   795     return((ret == 1) ? 1 : 0);
   795     return((ret == 1) ? 1 : 0);
   796 }
   796 }
       
   797 */
   797 
   798 
   798 /**
   799 /**
   799  * xmlSecSymbianCryptoX509FindCert:
   800  * xmlSecSymbianCryptoX509FindCert:
   800  */
   801  */
   801 static X509*		
   802 static X509*		
   802 xmlSecSymbianCryptoX509FindCert(STACK_OF(X509) *certs, xmlChar *subjectName,
   803 xmlSecSymbianCryptoX509FindCert(STACK_OF(X509) *certs, xmlChar *subjectName,
   803 			xmlChar *issuerName, xmlChar *issuerSerial,
   804 			xmlChar *issuerName, xmlChar *issuerSerial,
   804 			xmlChar *ski) {
   805 			xmlChar *ski) {
   805     X509 *cert = NULL;
   806 
   806     int i;
   807     
   807 
   808 
   808     xmlSecAssert2(certs, NULL);
   809     xmlSecAssert2(certs, NULL);
   809 #ifdef XMLSEC_FUTURE_SUPPORT    
   810 #ifdef XMLSEC_FUTURE_SUPPORT    
   810     /* may be this is not the fastest way to search certs */
   811     /* may be this is not the fastest way to search certs */
   811     if(subjectName) {
   812     if(subjectName) {
   938 }
   939 }
   939 
   940 
   940 /** 
   941 /** 
   941  * xmlSecSymbianCryptoX509FindNextChainCert:
   942  * xmlSecSymbianCryptoX509FindNextChainCert:
   942  */
   943  */
       
   944  /*
   943 static X509*
   945 static X509*
   944 xmlSecSymbianCryptoX509FindNextChainCert(STACK_OF(X509) *chain, X509 *cert) {
   946 xmlSecSymbianCryptoX509FindNextChainCert(STACK_OF(X509) *chain, X509 *cert) {
   945     unsigned long certSubjHash;
   947  
   946     int i;
   948   
   947 
   949 
   948     xmlSecAssert2(chain, NULL);
   950     xmlSecAssert2(chain, NULL);
   949     xmlSecAssert2(cert, NULL);
   951     xmlSecAssert2(cert, NULL);
   950 /*    
   952  
   951     certSubjHash = X509_subject_name_hash(cert);
   953     certSubjHash = X509_subject_name_hash(cert);
   952     for(i = 0; i < sk_X509_num(chain); ++i) {
   954     for(i = 0; i < sk_X509_num(chain); ++i) {
   953 	if((sk_X509_value(chain, i) != cert) && 
   955 	if((sk_X509_value(chain, i) != cert) && 
   954 	   (X509_issuer_name_hash(sk_X509_value(chain, i)) == certSubjHash)) {
   956 	   (X509_issuer_name_hash(sk_X509_value(chain, i)) == certSubjHash)) {
   955 
   957 
   956 	    return(sk_X509_value(chain, i));
   958 	    return(sk_X509_value(chain, i));
   957 	}
   959 	}
   958     }
   960     }
   959 */    
   961   
   960     return(NULL);
   962     return(NULL);
   961 }
   963 }
   962 
   964 */
   963 /**
   965 /**
   964  * xmlSecSymbianCryptoX509VerifyCertAgainstCrls:
   966  * xmlSecSymbianCryptoX509VerifyCertAgainstCrls:
   965  */
   967  */
       
   968  /*
   966 static int
   969 static int
   967 xmlSecSymbianCryptoX509VerifyCertAgainstCrls(STACK_OF(X509_CRL) *crls, X509* cert) {
   970 xmlSecSymbianCryptoX509VerifyCertAgainstCrls(STACK_OF(X509_CRL) *crls, X509* cert) {
   968     X509_NAME *issuer;
   971    
   969     X509_CRL *crl = NULL;
   972    
   970 #ifdef XMLSEC_FUTURE_SUPPORT    
   973 #ifdef XMLSEC_FUTURE_SUPPORT    
   971     X509_REVOKED *revoked;
   974     X509_REVOKED *revoked;
   972     int i, n;
   975     int i, n;
   973     int ret;  
   976     int ret;  
   974 
   977 
   975     xmlSecAssert2(crls, -1);
   978     xmlSecAssert2(crls, -1);
   976     xmlSecAssert2(cert, -1);
   979     xmlSecAssert2(cert, -1);
   977     
   980     
   978     /*
   981     
   979      * Try to retrieve a CRL corresponding to the issuer of
   982      * Try to retrieve a CRL corresponding to the issuer of
   980      * the current certificate 
   983      * the current certificate 
   981      */    
   984       
   982     n = sk_X509_CRL_num(crls);
   985     n = sk_X509_CRL_num(crls);
   983     for(i = 0; i < n; i++) {
   986     for(i = 0; i < n; i++) {
   984 	crl = sk_X509_CRL_value(crls, i);     
   987 	crl = sk_X509_CRL_value(crls, i);     
   985 	issuer = X509_CRL_get_issuer(crl);
   988 	issuer = X509_CRL_get_issuer(crl);
   986 	if(xmlSecSymbianCryptoX509NamesCompare(X509_CRL_get_issuer(crl), issuer) == 0) { 
   989 	if(xmlSecSymbianCryptoX509NamesCompare(X509_CRL_get_issuer(crl), issuer) == 0) { 
   987 	    break;
   990 	    break;
   988 	}
   991 	}
   989     }
   992     }
   990     if((i >= n) || (!crl)){
   993     if((i >= n) || (!crl)){
   991 	/* no crls for this issuer */
   994 	// no crls for this issuer 
   992 	return(1);
   995 	return(1);
   993     }
   996     }
   994 
   997 
   995     /* 
   998     
   996      * Check date of CRL to make sure it's not expired 
   999      // Check date of CRL to make sure it's not expired 
   997      */
  1000      
   998     ret = X509_cmp_current_time(X509_CRL_get_nextUpdate(crl));
  1001     ret = X509_cmp_current_time(X509_CRL_get_nextUpdate(crl));
   999     if (ret == 0) {
  1002     if (ret == 0) {
  1000 	/* crl expired */
  1003 	//crl expired 
  1001 	return(1);
  1004 	return(1);
  1002     }
  1005     }
  1003     
  1006     
  1004     /* 
  1007      
  1005      * Check if the current certificate is revoked by this CRL
  1008      // Check if the current certificate is revoked by this CRL
  1006      */
  1009      
  1007     n = sk_num(X509_CRL_get_REVOKED(crl));
  1010     n = sk_num(X509_CRL_get_REVOKED(crl));
  1008     for (i = 0; i < n; i++) {
  1011     for (i = 0; i < n; i++) {
  1009         revoked = (X509_REVOKED *)sk_value(X509_CRL_get_REVOKED(crl), i);
  1012         revoked = (X509_REVOKED *)sk_value(X509_CRL_get_REVOKED(crl), i);
  1010         if (ASN1_INTEGER_cmp(revoked->serialNumber, X509_get_serialNumber(cert)) == 0) {
  1013         if (ASN1_INTEGER_cmp(revoked->serialNumber, X509_get_serialNumber(cert)) == 0) {
  1011 	    xmlSecError(XMLSEC_ERRORS_HERE,
  1014 	    xmlSecError(XMLSEC_ERRORS_HERE,
  1017         }
  1020         }
  1018     }
  1021     }
  1019 #endif		//XMLSEC_FUTURE_SUPPORT    
  1022 #endif		//XMLSEC_FUTURE_SUPPORT    
  1020     return(1);    
  1023     return(1);    
  1021 }
  1024 }
       
  1025 */
  1022 
  1026 
  1023 
  1027 
  1024 /**
  1028 /**
  1025  * xmlSecSymbianCryptoX509NameRead:
  1029  * xmlSecSymbianCryptoX509NameRead:
  1026  */       
  1030  */  
       
  1031  /*     
  1027 static X509_NAME *
  1032 static X509_NAME *
  1028 xmlSecSymbianCryptoX509NameRead(xmlSecByte *str, int len) {
  1033 xmlSecSymbianCryptoX509NameRead(xmlSecByte *str, int len) {
  1029     xmlSecByte name[256];
  1034    
  1030     xmlSecByte value[256];
  1035     
  1031     int nameLen, valueLen;
  1036     
  1032     X509_NAME *nm = NULL;
  1037     X509_NAME *nm = NULL;
  1033 
  1038 
  1034     xmlSecAssert2(str, NULL);
  1039     xmlSecAssert2(str, NULL);
  1035     
  1040     
  1036 #ifdef XMLSEC_FUTURE_SUPPORT    
  1041 #ifdef XMLSEC_FUTURE_SUPPORT    
  1043 		    XMLSEC_ERRORS_NO_MESSAGE);
  1048 		    XMLSEC_ERRORS_NO_MESSAGE);
  1044 	return(NULL);
  1049 	return(NULL);
  1045     }
  1050     }
  1046     
  1051     
  1047     while(len > 0) {
  1052     while(len > 0) {
  1048 	/* skip spaces after comma or semicolon */
  1053 	//skip spaces after comma or semicolon 
  1049 	while((len > 0) && isspace(*str)) {
  1054 	while((len > 0) && isspace(*str)) {
  1050 	    ++str; --len;
  1055 	    ++str; --len;
  1051 	}
  1056 	}
  1052 
  1057 
  1053 	nameLen = xmlSecSymbianCryptoX509NameStringRead(&str, &len, name, sizeof(name), '=', 0);	
  1058 	nameLen = xmlSecSymbianCryptoX509NameStringRead(&str, &len, name, sizeof(name), '=', 0);	
  1075 				XMLSEC_ERRORS_NO_MESSAGE);
  1080 				XMLSEC_ERRORS_NO_MESSAGE);
  1076 		    X509_NAME_free(nm);
  1081 		    X509_NAME_free(nm);
  1077 		    return(NULL);
  1082 		    return(NULL);
  1078     		}
  1083     		}
  1079 		
  1084 		
  1080 		/* skip quote */
  1085 		//skip quote 
  1081 		if((len <= 0) || ((*str) != '\"')) {
  1086 		if((len <= 0) || ((*str) != '\"')) {
  1082 		    xmlSecError(XMLSEC_ERRORS_HERE,
  1087 		    xmlSecError(XMLSEC_ERRORS_HERE,
  1083 				NULL,
  1088 				NULL,
  1084 				NULL,
  1089 				NULL,
  1085 				XMLSEC_ERRORS_R_INVALID_DATA,
  1090 				XMLSEC_ERRORS_R_INVALID_DATA,
  1088 		    X509_NAME_free(nm);
  1093 		    X509_NAME_free(nm);
  1089 		    return(NULL);
  1094 		    return(NULL);
  1090 		}
  1095 		}
  1091                 ++str; --len;
  1096                 ++str; --len;
  1092 
  1097 
  1093 		/* skip spaces before comma or semicolon */
  1098 		//skip spaces before comma or semicolon 
  1094 		while((len > 0) && isspace(*str)) {
  1099 		while((len > 0) && isspace(*str)) {
  1095 		    ++str; --len;
  1100 		    ++str; --len;
  1096 		}
  1101 		}
  1097 		if((len > 0) && ((*str) != ',')) {
  1102 		if((len > 0) && ((*str) != ',')) {
  1098 		    xmlSecError(XMLSEC_ERRORS_HERE,
  1103 		    xmlSecError(XMLSEC_ERRORS_HERE,
  1107 		if(len > 0) {
  1112 		if(len > 0) {
  1108 		    ++str; --len;
  1113 		    ++str; --len;
  1109 		}
  1114 		}
  1110 		type = MBSTRING_ASC;
  1115 		type = MBSTRING_ASC;
  1111 	    } else if((*str) == '#') {
  1116 	    } else if((*str) == '#') {
  1112 		/* Not implemented currently */
  1117 		//Not implemented currently
  1113 		xmlSecError(XMLSEC_ERRORS_HERE,
  1118 		xmlSecError(XMLSEC_ERRORS_HERE,
  1114 			    NULL,
  1119 			    NULL,
  1115 			    NULL,
  1120 			    NULL,
  1116 			    XMLSEC_ERRORS_R_INVALID_DATA,
  1121 			    XMLSEC_ERRORS_R_INVALID_DATA,
  1117 			    "reading octect values is not implemented yet");
  1122 			    "reading octect values is not implemented yet");
  1142     }
  1147     }
  1143 #endif	//XMLSEC_FUTURE_SUPPORT    
  1148 #endif	//XMLSEC_FUTURE_SUPPORT    
  1144     return(nm);
  1149     return(nm);
  1145 }
  1150 }
  1146 
  1151 
  1147 
  1152 */
  1148 
  1153 
  1149 /**
  1154 /**
  1150  * xmlSecSymbianCryptoX509NameStringRead:
  1155  * xmlSecSymbianCryptoX509NameStringRead:
  1151  */
  1156  */
       
  1157  /*
  1152 static int 
  1158 static int 
  1153 xmlSecSymbianCryptoX509NameStringRead(xmlSecByte **str, int *strLen, 
  1159 xmlSecSymbianCryptoX509NameStringRead(xmlSecByte **str, int *strLen, 
  1154 			xmlSecByte *res, int resLen,
  1160 			xmlSecByte *res, int resLen,
  1155 			xmlSecByte delim, int ingoreTrailingSpaces) {
  1161 			xmlSecByte delim, int ingoreTrailingSpaces) {
  1156     xmlSecByte *p, *q, *nonSpace; 
  1162     xmlSecByte *p, *q, *nonSpace; 
  1202     }
  1208     }
  1203     (*strLen) -= (p - (*str));
  1209     (*strLen) -= (p - (*str));
  1204     (*str) = p;
  1210     (*str) = p;
  1205     return((ingoreTrailingSpaces) ? nonSpace - res + 1 : q - res);
  1211     return((ingoreTrailingSpaces) ? nonSpace - res + 1 : q - res);
  1206 }
  1212 }
  1207 
  1213 */
       
  1214 
       
  1215 /*
  1208 static
  1216 static
  1209 int xmlSecSymbianCryptoX509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) {
  1217 int xmlSecSymbianCryptoX509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) {
  1210     int i,ret;
  1218   
  1211 /*    
  1219     
  1212     const X509_NAME_ENTRY *na,*nb;
  1220     const X509_NAME_ENTRY *na,*nb;
  1213 
  1221 
  1214     xmlSecAssert2(a != NULL, -1);
  1222     xmlSecAssert2(a != NULL, -1);
  1215     xmlSecAssert2(b != NULL, 1);
  1223     xmlSecAssert2(b != NULL, 1);
  1216 	
  1224 	
  1225 	ret = xmlSecSymbianCryptoX509_NAME_ENTRY_cmp(&na, &nb);
  1233 	ret = xmlSecSymbianCryptoX509_NAME_ENTRY_cmp(&na, &nb);
  1226 	if(ret != 0) {
  1234 	if(ret != 0) {
  1227 	    return(ret);
  1235 	    return(ret);
  1228 	}
  1236 	}
  1229     }	
  1237     }	
       
  1238 
       
  1239     return(0);
       
  1240 }
  1230 */
  1241 */
  1231     return(0);
       
  1232 }
       
  1233 
  1242 
  1234 
  1243 
  1235 /** 
  1244 /** 
  1236  * xmlSecSymbianCryptoX509NamesCompare:
  1245  * xmlSecSymbianCryptoX509NamesCompare:
  1237  *
  1246  *
  1238  * we have to sort X509_NAME entries to get correct results.
  1247  * we have to sort X509_NAME entries to get correct results.
  1239  * This is ugly but SymbianCrypto does not support it
  1248  * This is ugly but SymbianCrypto does not support it
  1240  */
  1249  */
       
  1250  /*
  1241 static int		
  1251 static int		
  1242 xmlSecSymbianCryptoX509NamesCompare(X509_NAME *a, X509_NAME *b) {
  1252 xmlSecSymbianCryptoX509NamesCompare(X509_NAME *a, X509_NAME *b) {
  1243     X509_NAME *a1 = NULL;
  1253     X509_NAME *a1 = NULL;
  1244     X509_NAME *b1 = NULL;
  1254     X509_NAME *b1 = NULL;
  1245     int ret = -1;
  1255     int ret = -1;
  1264 		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
  1274 		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
  1265 		    XMLSEC_ERRORS_NO_MESSAGE);
  1275 		    XMLSEC_ERRORS_NO_MESSAGE);
  1266         return(1);
  1276         return(1);
  1267     }
  1277     }
  1268         
  1278         
  1269     /* sort both */
  1279     //sort both
  1270     sk_X509_NAME_ENTRY_set_cmp_func(a1->entries, xmlSecSymbianCryptoX509_NAME_ENTRY_cmp);
  1280     sk_X509_NAME_ENTRY_set_cmp_func(a1->entries, xmlSecSymbianCryptoX509_NAME_ENTRY_cmp);
  1271     sk_X509_NAME_ENTRY_sort(a1->entries);
  1281     sk_X509_NAME_ENTRY_sort(a1->entries);
  1272     sk_X509_NAME_ENTRY_set_cmp_func(b1->entries, xmlSecSymbianCryptoX509_NAME_ENTRY_cmp);
  1282     sk_X509_NAME_ENTRY_set_cmp_func(b1->entries, xmlSecSymbianCryptoX509_NAME_ENTRY_cmp);
  1273     sk_X509_NAME_ENTRY_sort(b1->entries);
  1283     sk_X509_NAME_ENTRY_sort(b1->entries);
  1274 
  1284 
  1275     /* actually compare */
  1285      //actually compare
  1276     ret = xmlSecSymbianCryptoX509_NAME_cmp(a1, b1);
  1286     ret = xmlSecSymbianCryptoX509_NAME_cmp(a1, b1);
  1277     
  1287     
  1278     /* cleanup */
  1288     //cleanup
  1279     X509_NAME_free(a1);
  1289     X509_NAME_free(a1);
  1280     X509_NAME_free(b1);
  1290     X509_NAME_free(b1);
  1281 #endif		//XMLSEC_FUTURE_SUPPORT    
  1291 #endif		//XMLSEC_FUTURE_SUPPORT    
  1282     return(ret);
  1292     return(ret);
  1283 }
  1293 }
  1284 			
  1294 		*/	
  1285 
  1295 
  1286 /**
  1296 /**
  1287  * xmlSecSymbianCryptoX509_NAME_ENTRY_cmp:
  1297  * xmlSecSymbianCryptoX509_NAME_ENTRY_cmp:
  1288  */
  1298  */
  1289 #ifdef XMLSEC_FUTURE_SUPPORT
  1299 #ifdef XMLSEC_FUTURE_SUPPORT