Add Credentials_Manager which is an interface to something that knows

what certs, keys, etc are available to the app. Needs polishing but it
seems like it should be sound.

2 files changed, 24 insertions, 0 deletions

diff --git a/src/cert/x509cert/x509cert.cpp b/src/cert/x509cert/x509cert.cpp
index 7d9370f2a..88aeebd77 100644
--- a/src/cert/x509cert/x509cert.cpp
+++ b/src/cert/x509cert/x509cert.cpp
@@ -296,6 +296,24 @@ bool X509_Certificate::operator==(const X509_Certificate& other) const
            subject == other.subject);
    }
 
+bool X509_Certificate::operator<(const X509_Certificate& other) const
+   {
+   /* If signature values are not equal, sort by lexicographic ordering of that */
+   if(sig != other.sig)
+      {
+      if(sig < other.sig)
+         return true;
+      return false;
+      }
+
+   /*
+   * same signatures, highly unlikely case, revert to compare
+   * of entire contents
+   */
+
+   return to_string() < other.to_string();
+   }
+
 /*
 * X.509 Certificate Comparison
 */
diff --git a/src/cert/x509cert/x509cert.h b/src/cert/x509cert/x509cert.h
index 8798ef1c2..cd49aa02f 100644
--- a/src/cert/x509cert/x509cert.h
+++ b/src/cert/x509cert/x509cert.h
@@ -152,6 +152,12 @@ class BOTAN_DLL X509_Certificate : public X509_Object
       bool operator==(const X509_Certificate& other) const;
 
       /**
+      * Impose an arbitrary (but consistent) ordering
+      * @return true if this is less than other by some unspecified criteria
+      */
+      bool operator<(const X509_Certificate& other) const;
+
+      /**
       * Create a certificate from a data source providing the DER or
       * PEM encoded certificate.
       * @param source the data source