khm_int32 KHMAPI
cred_is_equal(khm_handle cred1,
khm_handle cred2,
void * rock) {
khm_int32 result;
/* Note that this is actually a comparison function. It should
return 0 if the credentials are found to be equal, and non-zero
if they are not. We just set this to 0 if we don't need to
check any additional fields and accept the two credentials as
being equal. By the time this function is called, the
identity, name and type of the credentials have already been
found to be equal. */
result = kcdb_creds_comp_attr(cred1, cred2, attr_id_issuer_name);
if (result != 0)
return result;
result = kcdb_creds_comp_attr(cred1, cred2, attr_id_serial_number);
return result;
}
KHMEXP khm_int32 KHMAPI
kcdb_cred_comp_generic(khm_handle cred1,
khm_handle cred2,
void * rock)
{
kcdb_cred_comp_order * o = (kcdb_cred_comp_order *) rock;
int i;
khm_int32 r = 0;
khm_int32 f1, f2;
khm_int32 t1, t2;
khm_int32 pt;
for(i=0; i<o->nFields; i++) {
if (o->fields[i].order & KCDB_CRED_COMP_INITIAL_FIRST) {
if (o->fields[i].attrib == KCDB_ATTR_TYPE_NAME ||
o->fields[i].attrib == KCDB_ATTR_TYPE) {
kcdb_cred_get_type(cred1, &t1);
kcdb_cred_get_type(cred2, &t2);
kcdb_identity_get_type(&pt);
if (t1 == t2)
r = 0;
else if (t1 == pt)
r = -1;
else if (t2 == pt)
r = 1;
else
r = 0;
} else {
kcdb_cred_get_flags(cred1, &f1);
kcdb_cred_get_flags(cred2, &f2);
if (((f1 ^ f2) & KCDB_CRED_FLAG_INITIAL) == 0)
r = 0;
else if (f1 & KCDB_CRED_FLAG_INITIAL)
r = -1;
else
r = 1;
}
} else {
r = 0;
}
if (r == 0)
r = kcdb_creds_comp_attr(cred1,cred2,o->fields[i].attrib);
if(r != 0) {
if(o->fields[i].order & KCDB_CRED_COMP_DECREASING)
r = -r;
break;
}
}
return r;
}
KHMEXP khm_int32 KHMAPI
kcdb_cred_comp_generic(khm_handle cred1,
khm_handle cred2,
void * rock)
{
kcdb_cred_comp_order * o = (kcdb_cred_comp_order *) rock;
int i;
khm_int32 r = 0;
khm_int32 f1, f2;
khm_int32 t1, t2;
khm_int32 pt = KCDB_CREDTYPE_INVALID;
for(i=0; i<o->nFields; i++) {
if (o->fields[i].order & KCDB_CRED_COMP_INITIAL_FIRST) {
if (o->fields[i].attrib == KCDB_ATTR_TYPE_NAME ||
o->fields[i].attrib == KCDB_ATTR_TYPE) {
khm_handle id1 = NULL;
khm_handle id2 = NULL;
khm_handle idpro = NULL;
kcdb_cred_get_type(cred1, &t1);
kcdb_cred_get_type(cred2, &t2);
if (t1 == t2) {
continue;
} else {
kcdb_cred_get_identity(cred1, &id1);
kcdb_cred_get_identity(cred2, &id2);
if (kcdb_identity_is_equal(id1, id2)) {
kcdb_identity_get_identpro(id1, &idpro);
kcdb_identpro_get_type(idpro, &pt);
if (t1 == pt)
r = -1;
else if (t2 == pt)
r = 1;
kcdb_identpro_release(idpro);
}
kcdb_identity_release(id1);
kcdb_identity_release(id2);
}
} else {
kcdb_cred_get_flags(cred1, &f1);
kcdb_cred_get_flags(cred2, &f2);
if (((f1 ^ f2) & KCDB_CRED_FLAG_INITIAL) == 0)
r = 0;
else if (f1 & KCDB_CRED_FLAG_INITIAL)
r = -1;
else
r = 1;
}
} else {
r = 0;
}
if (r == 0 &&
(o->fields[i].attrib == KCDB_ATTR_ID_DISPLAY_NAME ||
o->fields[i].attrib == KCDB_ATTR_ID)) {
khm_handle id1 = NULL;
khm_handle id2 = NULL;
wchar_t idname1[KCDB_IDENT_MAXCCH_NAME] = L"";
wchar_t idname2[KCDB_IDENT_MAXCCH_NAME] = L"";
khm_size cb;
kcdb_cred_get_identity(cred1, &id1);
kcdb_cred_get_identity(cred2, &id2);
r = (((cb = sizeof(idname1)) &&
KHM_SUCCEEDED(kcdb_get_resource(id1, KCDB_RES_DISPLAYNAME,
0, NULL, NULL, idname1, &cb)) &&
(cb = sizeof(idname2)) &&
KHM_SUCCEEDED(kcdb_get_resource(id2, KCDB_RES_DISPLAYNAME,
0, NULL, NULL, idname2, &cb)))?
_wcsicmp(idname1, idname2) : 0);
kcdb_identity_release(id1);
kcdb_identity_release(id2);
}
if (r == 0)
r = kcdb_creds_comp_attr(cred1,cred2,o->fields[i].attrib);
if(r != 0) {
if(o->fields[i].order & KCDB_CRED_COMP_DECREASING)
r = -r;
break;
}
}
return r;
}