indentation work

56 files changed, 1059 insertions, 1091 deletions

diff --git a/lasso/export.h b/lasso/export.h
index 2eecea7f..fb844f3a 100644
--- a/lasso/export.h
+++ b/lasso/export.h
@@ -30,19 +30,19 @@
 extern "C" {
 #endif /* __cplusplus */ 
 
-/* Now, the export orgy begins. The following we must do for the 
-   Windows platform with MSVC compiler. */
+/* Now, the export orgy begins. The following we must do for the
+ * Windows platform with MSVC compiler. */
 
 #if !defined LASSO_EXPORT
 #  if (defined _MSC_VER || defined MINGW32)
-     /* if we compile libxmlsec itself: */
+	/* if we compile libxmlsec itself: */
 #    if defined(IN_LASSO)
 #      if !defined(LASSO_STATIC)
 #        define LASSO_EXPORT __declspec(dllexport) 
 #      else
 #        define LASSO_EXPORT extern
 #      endif
-     /* if a client program includes this file: */
+	/* if a client program includes this file: */
 #    else
 #      if !defined(LASSO_STATIC)
 #        define LASSO_EXPORT __declspec(dllimport) 
@@ -50,8 +50,8 @@ extern "C" {
 #        define LASSO_EXPORT 
 #      endif
 #    endif
-   /* This holds on all other platforms/compilers, which are easier to
-      handle in regard to this. */
+	/* This holds on all other platforms/compilers, which are easier to
+	   handle in regard to this. */
 #  else
 #    define LASSO_EXPORT
 #  endif
@@ -59,17 +59,17 @@ extern "C" {
 
 #if !defined LASSO_EXPORT_VAR
 #  if (defined _MSC_VER || defined MINGW32)
-     /* if we compile libxmlsec itself: */
+	/* if we compile libxmlsec itself: */
 #    if defined(IN_LASSO)
 #      if !defined(LASSO_STATIC)
 #        define LASSO_EXPORT_VAR __declspec(dllexport) extern
 #      else
 #        define LASSO_EXPORT_VAR extern
 #      endif
-     /* if we compile libxmlsec-crypto itself: */
+	/* if we compile libxmlsec-crypto itself: */
 #    elif defined(IN_LASSO_CRYPTO)
 #        define LASSO_EXPORT_VAR extern
-     /* if a client program includes this file: */
+	/* if a client program includes this file: */
 #    else
 #      if !defined(LASSO_STATIC)
 #        define LASSO_EXPORT_VAR __declspec(dllimport) extern
@@ -77,8 +77,8 @@ extern "C" {
 #        define LASSO_EXPORT_VAR extern
 #      endif
 #    endif
-   /* This holds on all other platforms/compilers, which are easier to
-      handle in regard to this. */
+	/* This holds on all other platforms/compilers, which are easier to
+	   handle in regard to this. */
 #  else
 #    define LASSO_EXPORT_VAR extern
 #  endif
diff --git a/lasso/id-ff/federation.c b/lasso/id-ff/federation.c
index 9f2abca0..60195607 100644
--- a/lasso/id-ff/federation.c
+++ b/lasso/id-ff/federation.c
@@ -280,25 +280,13 @@ lasso_federation_get_type()
 LassoFederation*
 lasso_federation_new(gchar *remote_providerID)
 {
-  LassoFederation *federation;
+	LassoFederation *federation;
 
-  g_return_val_if_fail(remote_providerID != NULL, NULL);
+	g_return_val_if_fail(remote_providerID != NULL, NULL);
 
-  federation = LASSO_FEDERATION(g_object_new(LASSO_TYPE_FEDERATION, NULL));
+	federation = LASSO_FEDERATION(g_object_new(LASSO_TYPE_FEDERATION, NULL));
+	federation->remote_providerID = g_strdup(remote_providerID);
 
-  federation->remote_providerID = g_strdup(remote_providerID);
-
-  return federation;
+	return federation;
 }
 
-LassoFederation*
-lasso_federation_new_from_dump(gchar *dump)
-{
-  LassoFederation *federation;
-
-  g_return_val_if_fail(dump != NULL, NULL);
-
-  federation = LASSO_FEDERATION(g_object_new(LASSO_TYPE_FEDERATION, NULL));
-
-  return federation;
-}
diff --git a/lasso/id-ff/logout.c b/lasso/id-ff/logout.c
index d25ca726..d4153af2 100644
--- a/lasso/id-ff/logout.c
+++ b/lasso/id-ff/logout.c
@@ -607,11 +607,9 @@ lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg)
  **/
 gint lasso_logout_reset_providerID_index(LassoLogout *logout)
 {
-  g_return_val_if_fail(LASSO_IS_LOGOUT(logout), -1);
-
-  logout->providerID_index = 0;
-
-  return 0;
+	g_return_val_if_fail(LASSO_IS_LOGOUT(logout), -1);
+	logout->providerID_index = 0;
+	return 0;
 }
 
 /**
diff --git a/lasso/id-ff/logout.h b/lasso/id-ff/logout.h
index 670a92e6..2bb69fd5 100644
--- a/lasso/id-ff/logout.h
+++ b/lasso/id-ff/logout.h
@@ -49,7 +49,7 @@ typedef struct _LassoLogoutPrivate LassoLogoutPrivate;
 
 struct _LassoLogout {
 	LassoProfile parent;
-  
+
 	/*< private >*/
 	LassoNode *initial_request;
 	LassoNode *initial_response;
diff --git a/lasso/id-ff/name_registration.c b/lasso/id-ff/name_registration.c
index a341a633..1a455de4 100644
--- a/lasso/id-ff/name_registration.c
+++ b/lasso/id-ff/name_registration.c
@@ -57,7 +57,7 @@ lasso_name_registration_build_request_msg(LassoNameRegistration *name_registrati
 	char *url, *query;
 
 	g_return_val_if_fail(LASSO_IS_NAME_REGISTRATION(name_registration), -1);
-  
+
 	profile = LASSO_PROFILE(name_registration);
 
 	remote_provider = g_hash_table_lookup(profile->server->providers,
@@ -109,7 +109,7 @@ lasso_name_registration_build_response_msg(LassoNameRegistration *name_registrat
 	LassoProfile *profile;
 	LassoProvider *remote_provider;
 	char *url, *query;
-  
+
 	g_return_val_if_fail(LASSO_IS_NAME_REGISTRATION(name_registration), -1);
 
 	profile = LASSO_PROFILE(name_registration);
@@ -410,7 +410,7 @@ lasso_name_registration_process_response_msg(LassoNameRegistration *name_registr
 		message(G_LOG_LEVEL_CRITICAL, "Federation not found");
 		return -1;
 	}
-  
+
 	remote_provider = g_hash_table_lookup(profile->server->providers,
 			profile->remote_providerID);
 	if (remote_provider == NULL) {
@@ -597,7 +597,7 @@ static void
 class_init(LassoNameRegistrationClass *klass)
 {
 	parent_class = g_type_class_peek_parent(klass);
-  
+
 	LASSO_NODE_CLASS(klass)->get_xmlNode = get_xmlNode;
 	LASSO_NODE_CLASS(klass)->init_from_xml = init_from_xml;
 
diff --git a/lasso/id-ff/profile.c b/lasso/id-ff/profile.c
index 5570fed9..dbaff3b4 100644
--- a/lasso/id-ff/profile.c
+++ b/lasso/id-ff/profile.c
@@ -243,7 +243,7 @@ lasso_profile_set_session_from_dump(LassoProfile *ctx, const gchar  *dump)
 	}
 	ctx->session->is_dirty = FALSE;
 
-  return 0;
+	return 0;
 }
 
 
diff --git a/lasso/id-ff/session.h b/lasso/id-ff/session.h
index 22c86b63..03e37384 100644
--- a/lasso/id-ff/session.h
+++ b/lasso/id-ff/session.h
@@ -68,7 +68,7 @@ LASSO_EXPORT LassoSession* lasso_session_new_from_dump(const gchar *dump);
 
 LASSO_EXPORT gint lasso_session_add_assertion(LassoSession *session,
 		char *providerID, LassoSamlAssertion *assertion);
-  
+
 LASSO_EXPORT gchar* lasso_session_dump(LassoSession *session);
 
 LASSO_EXPORT LassoSamlAssertion* lasso_session_get_assertion(
diff --git a/lasso/lasso.h b/lasso/lasso.h
index a1e68b3b..725e0245 100644
--- a/lasso/lasso.h
+++ b/lasso/lasso.h
@@ -29,7 +29,7 @@
 #ifdef __cplusplus
 extern "C" {
 #endif /* __cplusplus */ 
-    
+
 #if (defined _MSC_VER || defined MINGW32)
 #   include <windows.h>
 #endif
@@ -54,8 +54,8 @@ LASSO_EXPORT int lasso_shutdown(void);
  * The lasso library version mode.
  */
 typedef enum {
-  LASSO_CHECK_VERSION_EXACT = 0,
-  LASSO_CHECK_VERSIONABI_COMPATIBLE
+	LASSO_CHECK_VERSION_EXACT = 0,
+	LASSO_CHECK_VERSIONABI_COMPATIBLE
 } lassoCheckVersionMode;
 
 /**
@@ -66,8 +66,8 @@ typedef enum {
  * value if an error occurs.
  */
 #define lasso_check_version_exact()	\
-    lasso_check_version_ext(LASSO_VERSION_MAJOR, LASSO_VERSION_MINOR, \
-                            LASSO_VERSION_SUBMINOR, LASSO_CHECK_VERSION_EXACT)
+	lasso_check_version_ext(LASSO_VERSION_MAJOR, LASSO_VERSION_MINOR, \
+			LASSO_VERSION_SUBMINOR, LASSO_CHECK_VERSION_EXACT)
 
 /**
  * lasso_check_version:
@@ -77,9 +77,9 @@ typedef enum {
  * value if an error occurs.
  */
 #define lasso_check_version()	\
-    lasso_check_version_ext(LASSO_VERSION_MAJOR, LASSO_VERSION_MINOR, \
-			    LASSO_VERSION_SUBMINOR, \
-			    LASSO_CHECK_VERSIONABI_COMPATIBLE)
+	lasso_check_version_ext(LASSO_VERSION_MAJOR, LASSO_VERSION_MINOR, \
+			LASSO_VERSION_SUBMINOR, \
+			LASSO_CHECK_VERSIONABI_COMPATIBLE)
 
 LASSO_EXPORT int lasso_check_version_ext(int major,
 					 int minor,
diff --git a/lasso/xml/errors.c b/lasso/xml/errors.c
index 07c43ae4..a26e27b7 100644
--- a/lasso/xml/errors.c
+++ b/lasso/xml/errors.c
@@ -29,69 +29,66 @@
 const char*
 lasso_strerror(int error_code)
 {
-  switch (error_code) {
-  case LASSO_XML_ERROR_NODE_NOT_FOUND:
-    return "Unable to get '%s' child of '%s' element.";
-  case LASSO_XML_ERROR_NODE_CONTENT_NOT_FOUND:
-    return "Unable to get content of '%s' element.";
-  case LASSO_XML_ERROR_ATTR_NOT_FOUND:
-    return "Unable to get '%s' attribute of '%s' element.";
-  case LASSO_XML_ERROR_ATTR_VALUE_NOT_FOUND:
-    return "Unable to get '%s' attribute value of '%s' element.";
+	switch (error_code) {
+		case LASSO_XML_ERROR_NODE_NOT_FOUND:
+			return "Unable to get '%s' child of '%s' element.";
+		case LASSO_XML_ERROR_NODE_CONTENT_NOT_FOUND:
+			return "Unable to get content of '%s' element.";
+		case LASSO_XML_ERROR_ATTR_NOT_FOUND:
+			return "Unable to get '%s' attribute of '%s' element.";
+		case LASSO_XML_ERROR_ATTR_VALUE_NOT_FOUND:
+			return "Unable to get '%s' attribute value of '%s' element.";
+		case LASSO_DS_ERROR_SIGNATURE_NOT_FOUND:
+			return "Signature element not found in %s.";
+		case LASSO_DS_ERROR_INVALID_SIGNATURE:
+			return "The signature of %s is invalid.";
+		case LASSO_DS_ERROR_CONTEXT_CREATION_FAILED:
+			return "Failed to create signature context.";
+		case LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED:
+			return "Failed to load public key %s.";
+		case LASSO_DS_ERROR_PRIVATE_KEY_LOAD_FAILED:
+			return "Failed to load private key %s.";
+		case LASSO_DS_ERROR_CERTIFICATE_LOAD_FAILED:
+			return "Failed to load certificate %s.";
+		case LASSO_DS_ERROR_SIGNATURE_FAILED:
+			return "Failed to sign the node %s.";
+		case LASSO_DS_ERROR_KEYS_MNGR_CREATION_FAILED:
+			return "Failed to create keys manager.";
+		case LASSO_DS_ERROR_KEYS_MNGR_INIT_FAILED:
+			return "Failed to initialize keys manager.";
+		case LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED:
+			return "Failed to verify signature of %s.";
+		case LASSO_DS_ERROR_INVALID_SIGALG:
+			return "Invalid signature algorithm.";
+		case LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND:
+			return "Failed to get LassoProvider object "\
+				"with providerID %s in LassoServer object.";
+		case LASSO_LOGOUT_ERROR_UNSUPPORTED_PROFILE:
+			return "Unsupported logout protocol profile";
+		case LASSO_PROFILE_ERROR_INVALID_QUERY:
+			return "Invalid URL query";
+		case LASSO_PROFILE_ERROR_INVALID_POST_MSG:
+			return "Invalid POST message";
+		case LASSO_PROFILE_ERROR_INVALID_SOAP_MSG:
+			return "Invalid SOAP message";
+		case LASSO_PROFILE_ERROR_MISSING_REQUEST:
+			return "Missing request";
+		case LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD:
+			return "Invalid HTTP method";
+		case LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE:
+			return "Invalid protocol profile";
 
-  case LASSO_DS_ERROR_SIGNATURE_NOT_FOUND:
-    return "Signature element not found in %s.";
-  case LASSO_DS_ERROR_INVALID_SIGNATURE:
-    return "The signature of %s is invalid.";
-  case LASSO_DS_ERROR_CONTEXT_CREATION_FAILED:
-    return "Failed to create signature context.";
-  case LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED:
-    return "Failed to load public key %s.";
-  case LASSO_DS_ERROR_PRIVATE_KEY_LOAD_FAILED:
-    return "Failed to load private key %s.";
-  case LASSO_DS_ERROR_CERTIFICATE_LOAD_FAILED:
-    return "Failed to load certificate %s.";
-  case LASSO_DS_ERROR_SIGNATURE_FAILED:
-    return "Failed to sign the node %s.";
-  case LASSO_DS_ERROR_KEYS_MNGR_CREATION_FAILED:
-    return "Failed to create keys manager.";
-  case LASSO_DS_ERROR_KEYS_MNGR_INIT_FAILED:
-    return "Failed to initialize keys manager.";
-  case LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED:
-    return "Failed to verify signature of %s.";
-  case LASSO_DS_ERROR_INVALID_SIGALG:
-    return "Invalid signature algorithm.";
-    
-  case LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND:
-    return "Failed to get LassoProvider object with providerID %s in LassoServer object.";
-
-  case LASSO_LOGOUT_ERROR_UNSUPPORTED_PROFILE:
-    return "Unsupported logout protocol profile";
-
-  case LASSO_PROFILE_ERROR_INVALID_QUERY:
-    return "Invalid URL query";
-  case LASSO_PROFILE_ERROR_INVALID_POST_MSG:
-    return "Invalid POST message";
-  case LASSO_PROFILE_ERROR_INVALID_SOAP_MSG:
-    return "Invalid SOAP message";
-  case LASSO_PROFILE_ERROR_MISSING_REQUEST:
-    return "Missing request";
-  case LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD:
-    return "Invalid HTTP method";
-  case LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE:
-    return "Invalid protocol profile";
-
-  case LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ:
-    return "An object type provided as parameter is invalid or object is NULL.";
-  case LASSO_PARAM_ERROR_INVALID_VALUE:
-    return "A parameter value is invalid.";
-  case LASSO_PARAM_ERROR_CHECK_FAILED:
-    return "The error return location should be either NULL or contains a NULL error.";
-
-  case LASSO_LOGIN_ERROR_INVALID_NAMEIDPOLICY:
-    return "Invalid NameIDPolicy in lib:AuthnRequest: %s";
-
-  default:
-    return g_strdup_printf("Undefined error code %d.", error_code);
-  }
+		case LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ:
+			return "An object type provided as parameter "\
+				"is invalid or object is NULL.";
+		case LASSO_PARAM_ERROR_INVALID_VALUE:
+			return "A parameter value is invalid.";
+		case LASSO_PARAM_ERROR_CHECK_FAILED:
+			return "The error return location should be "\
+				"either NULL or contains a NULL error.";
+		case LASSO_LOGIN_ERROR_INVALID_NAMEIDPOLICY:
+			return "Invalid NameIDPolicy in lib:AuthnRequest: %s";
+		default:
+			return g_strdup_printf("Undefined error code %d.", error_code);
+	}
 }
diff --git a/lasso/xml/lib_assertion.c b/lasso/xml/lib_assertion.c
index 7906ed51..5c4f7614 100644
--- a/lasso/xml/lib_assertion.c
+++ b/lasso/xml/lib_assertion.c
@@ -26,30 +26,29 @@
 #include <lasso/xml/lib_assertion.h>
 
 /*
-Authentication assertions provided in an <AuthnResponse> element MUST be of
-type AssertionType, which is an extension of saml:AssertionType, so that the
-RequestID attribute from the original <AuthnRequest> MAY be included in the
-InResponseTo attribute in the <Assertion> element. This is done because it is
-not required that the <AuthnResponse> element itself be signed. Instead, the
-individual <Assertion> elements contained MUST each be signed. Note that it is
-optional for the InResponseTo to be present. Its absence indicates that the
-<AuthnResponse> has been unilaterally sent by the identity provider without a
-corresponding <AuthnRequest> message from the service provider. If the
-attribute is present, it MUST be set to the RequestID of the original
-<AuthnRequest>.
-
-The schema fragment is as follows:
-
-<xs:element name="Assertion" type="AssertionType" substitutionGroup="saml:Assertion" />
-<xs:complexType name="AssertionType">
-  <xs:complexContent>
-    <xs:extension base="saml:AssertionType">
-      <xs:attribute name="InResponseTo" type="xs:NCName" use="optional"/>
-    </xs:extension>
-  </xs:complexContent>
-</xs:complexType>
-
-*/
+ * Authentication assertions provided in an <AuthnResponse> element MUST be of
+ * type AssertionType, which is an extension of saml:AssertionType, so that the
+ * RequestID attribute from the original <AuthnRequest> MAY be included in the
+ * InResponseTo attribute in the <Assertion> element. This is done because it is
+ * not required that the <AuthnResponse> element itself be signed. Instead, the
+ * individual <Assertion> elements contained MUST each be signed. Note that it is
+ * optional for the InResponseTo to be present. Its absence indicates that the
+ * <AuthnResponse> has been unilaterally sent by the identity provider without a
+ * corresponding <AuthnRequest> message from the service provider. If the
+ * attribute is present, it MUST be set to the RequestID of the original
+ * <AuthnRequest>.
+ *
+ * The schema fragment is as follows:
+
+ * <xs:element name="Assertion" type="AssertionType" substitutionGroup="saml:Assertion" />
+ * <xs:complexType name="AssertionType">
+ *   <xs:complexContent>
+ *     <xs:extension base="saml:AssertionType">
+ *       <xs:attribute name="InResponseTo" type="xs:NCName" use="optional"/>
+ *     </xs:extension>
+ *   </xs:complexContent>
+ * </xs:complexType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_authentication_statement.c b/lasso/xml/lib_authentication_statement.c
index 6c5dcaa1..97552702 100644
--- a/lasso/xml/lib_authentication_statement.c
+++ b/lasso/xml/lib_authentication_statement.c
@@ -27,21 +27,21 @@
 #include <lasso/xml/lib_subject.h>
 
 /*
-The schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="AuthenticationStatement" type="AuthenticationStatementType"
-  substitutionGroup="saml:Statement"/>
-<xs:complexType name="AuthenticationStatementType">
-  <xs:complexContent>
-    <xs:extension base="saml:AuthenticationStatementType">
-      <xs:sequence>
-        <xs:element ref="AuthnContext" minOccurs="0"/>
-      </xs:sequence>
-      <xs:attribute name="ReauthenticateOnOrAfter" type="xs:dateTime" use="optional"/>
-      <xs:attribute name="SessionIndex" type="xs:string" use="required"/>
-    </xs:extension>
-  </xs:complexContent>
-</xs:complexType>
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ *
+ * <xs:element name="AuthenticationStatement" type="AuthenticationStatementType"
+ *   substitutionGroup="saml:Statement"/>
+ * <xs:complexType name="AuthenticationStatementType">
+ *   <xs:complexContent>
+ *     <xs:extension base="saml:AuthenticationStatementType">
+ *       <xs:sequence>
+ *         <xs:element ref="AuthnContext" minOccurs="0"/>
+ *       </xs:sequence>
+ *       <xs:attribute name="ReauthenticateOnOrAfter" type="xs:dateTime" use="optional"/>
+ *       <xs:attribute name="SessionIndex" type="xs:string" use="required"/>
+ *     </xs:extension>
+ *   </xs:complexContent>
+ * </xs:complexType>
 */
 
 /*****************************************************************************/
diff --git a/lasso/xml/lib_authentication_statement.h b/lasso/xml/lib_authentication_statement.h
index 09e887ba..9ddd61fe 100644
--- a/lasso/xml/lib_authentication_statement.h
+++ b/lasso/xml/lib_authentication_statement.h
@@ -54,7 +54,7 @@ typedef struct _LassoLibAuthenticationStatementClass LassoLibAuthenticationState
 struct _LassoLibAuthenticationStatement {
 	LassoSamlAuthenticationStatement parent;
 
-        /* <xs:element ref="AuthnContext" minOccurs="0"/> */
+	/* <xs:element ref="AuthnContext" minOccurs="0"/> */
 	LassoLibAuthnContext *AuthnContext;
 	/* <xs:attribute name="ReauthenticateOnOrAfter" type="xs:dateTime" use="optional"/> */
 	char *ReauthenticateOnOrAfter;
diff --git a/lasso/xml/lib_authn_context.c b/lasso/xml/lib_authn_context.c
index cbdbb03a..415eb1d2 100644
--- a/lasso/xml/lib_authn_context.c
+++ b/lasso/xml/lib_authn_context.c
@@ -26,31 +26,31 @@
 #include <lasso/xml/lib_authn_context.h>
 
 /*
-The Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="AuthnContext">
-  <xs:complexType>
-    <xs:sequence>
-      <xs:element name="AuthnContextClassRef" type="xs:anyURI" minOccurs="0"/>
-      <xs:choice>
-        <xs:element ref="ac:AuthenticationContextStatement"/>
-        <xs:element name="AuthnContextStatementRef" type="xs:anyURI"/>
-      </xs:choice>
-    </xs:sequence>
-  </xs:complexType>
-</xs:element>
-
-From schema liberty-authentication-context-v1.2.xsd:
-<xs:element name="AuthenticationContextStatement" type="AuthenticationContextStatementType">
-  <xs:annotation>
-    <xs:documentation>
-      A particular assertion on an identity
-      provider's part with respect to the authentication
-      context associated with an authentication assertion. 
-    </xs:documentation>
-  </xs:annotation>
-</xs:element>
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:element name="AuthnContext">
+ *   <xs:complexType>
+ *     <xs:sequence>
+ *       <xs:element name="AuthnContextClassRef" type="xs:anyURI" minOccurs="0"/>
+ *       <xs:choice>
+ *         <xs:element ref="ac:AuthenticationContextStatement"/>
+ *         <xs:element name="AuthnContextStatementRef" type="xs:anyURI"/>
+ *       </xs:choice>
+ *     </xs:sequence>
+ *   </xs:complexType>
+ * </xs:element>
+ * 
+ * From schema liberty-authentication-context-v1.2.xsd:
+ * <xs:element name="AuthenticationContextStatement" type="AuthenticationContextStatementType">
+ *   <xs:annotation>
+ *     <xs:documentation>
+ *       A particular assertion on an identity
+ *       provider's part with respect to the authentication
+ *       context associated with an authentication assertion. 
+ *     </xs:documentation>
+ *   </xs:annotation>
+ * </xs:element>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_authn_request.c b/lasso/xml/lib_authn_request.c
index d55ce07a..186bcb1f 100644
--- a/lasso/xml/lib_authn_request.c
+++ b/lasso/xml/lib_authn_request.c
@@ -27,58 +27,58 @@
 #include <libxml/uri.h>
 
 /*
-The <AuthnRequest> is defined as an extension of samlp:RequestAbstractType.
-The RequestID attribute in samlp:RequestAbstractType has uniqueness
-requirements placed on it by [SAMLCore11], which require it to have the
-properties of a nonce.
-
-Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="AuthnRequest" type="AuthnRequestType" />
-<xs:complexType name="AuthnRequestType">
-  <xs:complexContent>
-    <xs:extension base="samlp:RequestAbstractType">
-      <xs:sequence>
-        <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-        <xs:element ref="ProviderID"/>
-	<xs:element ref="AffiliationID" minOccurs="0"/>
-        <xs:element ref="NameIDPolicy" minOccurs="0"/>
-        <xs:element name="ForceAuthn" type="xs:boolean" minOccurs="0"/>
-        <xs:element name="IsPassive" type="xs:boolean "minOccurs="0"/>
-        <xs:element ref="ProtocolProfile" minOccurs="0"/>
-        <xs:element name="AssertionConsumerServiceID" type="xs:string" minOccurs="0"/>
-        <xs:element ref="RequestAuthnContext" minOccurs="0"/>
-        <xs:element ref="RelayState" minOccurs="0"/>
-        <xs:element ref="Scoping" minOccurs="0 "/>
-      </xs:sequence>
-      <xs:attribute ref="consent" use="optional"/>
-    </xs:extension>
-  </xs:complexContent>
-</xs:complexType>
-
-<xs:element name="ProviderID" type="md:entityIDType"/>
-<xs:element name="AffiliationID" type="md:entityIDType"/>
-
-From liberty-metadata-v1.0.xsd:
-<xs:simpleType name="entityIDType">
-  <xs:restriction base="xs:anyURI">
-    <xs:maxLength value="1024" id="maxlengthid"/>
-  </xs:restriction>
-</xs:simpleType>
-
-<xs:element name="NameIDPolicy" type="NameIDPolicyType"/>
-<xs:simpleType name="NameIDPolicyType">
-  <xs:restriction base="xs:string">
-    <xs:enumeration value="none"/>
-    <xs:enumeration value="onetime"/>
-    <xs:enumeration value="federated"/>
-    <xs:enumeration value="any"/ >
-  </xs:restriction>
-</xs:simpleType>
-
-<xs:element name="ProtocolProfile" type="xs:anyURI"/>
-<xs:element name="RelayState" type="xs:string"/>
-*/
+ * The <AuthnRequest> is defined as an extension of samlp:RequestAbstractType.
+ * The RequestID attribute in samlp:RequestAbstractType has uniqueness
+ * requirements placed on it by [SAMLCore11], which require it to have the
+ * properties of a nonce.
+ * 
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:element name="AuthnRequest" type="AuthnRequestType" />
+ * <xs:complexType name="AuthnRequestType">
+ *   <xs:complexContent>
+ *     <xs:extension base="samlp:RequestAbstractType">
+ *       <xs:sequence>
+ *         <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+ *         <xs:element ref="ProviderID"/>
+ * 	<xs:element ref="AffiliationID" minOccurs="0"/>
+ *         <xs:element ref="NameIDPolicy" minOccurs="0"/>
+ *         <xs:element name="ForceAuthn" type="xs:boolean" minOccurs="0"/>
+ *         <xs:element name="IsPassive" type="xs:boolean "minOccurs="0"/>
+ *         <xs:element ref="ProtocolProfile" minOccurs="0"/>
+ *         <xs:element name="AssertionConsumerServiceID" type="xs:string" minOccurs="0"/>
+ *         <xs:element ref="RequestAuthnContext" minOccurs="0"/>
+ *         <xs:element ref="RelayState" minOccurs="0"/>
+ *         <xs:element ref="Scoping" minOccurs="0 "/>
+ *       </xs:sequence>
+ *       <xs:attribute ref="consent" use="optional"/>
+ *     </xs:extension>
+ *   </xs:complexContent>
+ * </xs:complexType>
+ * 
+ * <xs:element name="ProviderID" type="md:entityIDType"/>
+ * <xs:element name="AffiliationID" type="md:entityIDType"/>
+ * 
+ * From liberty-metadata-v1.0.xsd:
+ * <xs:simpleType name="entityIDType">
+ *   <xs:restriction base="xs:anyURI">
+ *     <xs:maxLength value="1024" id="maxlengthid"/>
+ *   </xs:restriction>
+ * </xs:simpleType>
+ * 
+ * <xs:element name="NameIDPolicy" type="NameIDPolicyType"/>
+ * <xs:simpleType name="NameIDPolicyType">
+ *   <xs:restriction base="xs:string">
+ *     <xs:enumeration value="none"/>
+ *     <xs:enumeration value="onetime"/>
+ *     <xs:enumeration value="federated"/>
+ *     <xs:enumeration value="any"/ >
+ *   </xs:restriction>
+ * </xs:simpleType>
+ * 
+ * <xs:element name="ProtocolProfile" type="xs:anyURI"/>
+ * <xs:element name="RelayState" type="xs:string"/>
+ */
 
 
 /*****************************************************************************/
diff --git a/lasso/xml/lib_authn_response.c b/lasso/xml/lib_authn_response.c
index 238c888b..08e01d2a 100644
--- a/lasso/xml/lib_authn_response.c
+++ b/lasso/xml/lib_authn_response.c
@@ -26,32 +26,32 @@
 #include <lasso/xml/lib_authn_response.h>
 
 /*
-Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="AuthnResponse" type="AuthnResponseType"/>
-<xs:complexType name="AuthnResponseType">
-  <xs:complexContent>
-    <xs:extension base="samlp:ResponseType">
-      <xs:sequence>
-        <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-	<xs:element ref="ProviderID"/>
-	<xs:element ref="RelayState" minOccurs="0"/>
-      </xs:sequence>
-      <xs:attribute ref="consent" use="optional"/>
-    </xs:extension>
-  </xs:complexContent>
-</xs:complexType>
-
-<xs:element name="ProviderID" type="md:entityIDType"/>
-From liberty-metadata-v1.0.xsd:
-<xs:simpleType name="entityIDType">
-  <xs:restriction base="xs:anyURI">
-    <xs:maxLength value="1024" id="maxlengthid"/>
-  </xs:restriction>
-</xs:simpleType>
-<xs:element name="RelayState" type="xs:string"/>
-
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:element name="AuthnResponse" type="AuthnResponseType"/>
+ * <xs:complexType name="AuthnResponseType">
+ *   <xs:complexContent>
+ *     <xs:extension base="samlp:ResponseType">
+ *       <xs:sequence>
+ *         <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+ * 	<xs:element ref="ProviderID"/>
+ * 	<xs:element ref="RelayState" minOccurs="0"/>
+ *       </xs:sequence>
+ *       <xs:attribute ref="consent" use="optional"/>
+ *     </xs:extension>
+ *   </xs:complexContent>
+ * </xs:complexType>
+ * 
+ * <xs:element name="ProviderID" type="md:entityIDType"/>
+ * From liberty-metadata-v1.0.xsd:
+ * <xs:simpleType name="entityIDType">
+ *   <xs:restriction base="xs:anyURI">
+ *     <xs:maxLength value="1024" id="maxlengthid"/>
+ *   </xs:restriction>
+ * </xs:simpleType>
+ * <xs:element name="RelayState" type="xs:string"/>
+ * 
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_authn_response.h b/lasso/xml/lib_authn_response.h
index 0b1a5ce5..1d14241e 100644
--- a/lasso/xml/lib_authn_response.h
+++ b/lasso/xml/lib_authn_response.h
@@ -53,7 +53,7 @@ typedef struct _LassoLibAuthnResponseClass LassoLibAuthnResponseClass;
 struct _LassoLibAuthnResponse {
 	LassoSamlpResponse parent;
 
-        /* <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/> */
+	/* <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/> */
 	LassoNode *Extension;
 	/* <xs:element ref="ProviderID"/> */
 	char *ProviderID;
diff --git a/lasso/xml/lib_federation_termination_notification.c b/lasso/xml/lib_federation_termination_notification.c
index 6f1c3ba9..f9153d42 100644
--- a/lasso/xml/lib_federation_termination_notification.c
+++ b/lasso/xml/lib_federation_termination_notification.c
@@ -27,32 +27,32 @@
 #include <libxml/uri.h>
 
 /*
-Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="FederationTerminationNotification" type="FederationTerminationNotificationType"/>
-  <xs:complexType name="FederationTerminationNotificationType">
-    <xs:complexContent>
-      <xs:extension base="samlp:RequestAbstractType">
-        <xs:sequence>
-          <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          <xs:element ref="ProviderID"/>
-          <xs:element ref="saml:NameIdentifier"/>
-        </xs:sequence>
-      <xs:attribute ref="consent" use="optional"/>
-    </xs:extension>
-  </xs:complexContent>
-</xs:complexType>
-
-<xs:element name="ProviderID" type="md:entityIDType"/>
-
-From liberty-metadata-v1.0.xsd:
-<xs:simpleType name="entityIDType">
-  <xs:restriction base="xs:anyURI">
-    <xs:maxLength value="1024" id="maxlengthid"/>
-  </xs:restriction>
-</xs:simpleType>
-
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:element name="FederationTerminationNotification" 
+ *     type="FederationTerminationNotificationType"/>
+ *   <xs:complexType name="FederationTerminationNotificationType">
+ *     <xs:complexContent>
+ *       <xs:extension base="samlp:RequestAbstractType">
+ *         <xs:sequence>
+ *           <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+ *           <xs:element ref="ProviderID"/>
+ *           <xs:element ref="saml:NameIdentifier"/>
+ *         </xs:sequence>
+ *       <xs:attribute ref="consent" use="optional"/>
+ *     </xs:extension>
+ *   </xs:complexContent>
+ * </xs:complexType>
+ * 
+ * <xs:element name="ProviderID" type="md:entityIDType"/>
+ * 
+ * From liberty-metadata-v1.0.xsd:
+ * <xs:simpleType name="entityIDType">
+ *   <xs:restriction base="xs:anyURI">
+ *     <xs:maxLength value="1024" id="maxlengthid"/>
+ *   </xs:restriction>
+ * </xs:simpleType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_federation_termination_notification.h b/lasso/xml/lib_federation_termination_notification.h
index f82cef90..eac80eb4 100644
--- a/lasso/xml/lib_federation_termination_notification.h
+++ b/lasso/xml/lib_federation_termination_notification.h
@@ -57,11 +57,11 @@ typedef struct _LassoLibFederationTerminationNotificationClass \
 struct _LassoLibFederationTerminationNotification {
 	LassoSamlpRequestAbstract parent;
 
-        /* <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/> */
+	/* <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/> */
 	LassoNode *Extension;
 	/* <xs:element ref="ProviderID"/> */
 	char *ProviderID;
-        /* <xs:element ref="saml:NameIdentifier"/> */
+	/* <xs:element ref="saml:NameIdentifier"/> */
 	LassoSamlNameIdentifier *NameIdentifier;
 	/* <xs:attribute ref="consent" use="optional"/> */
 	char *consent;
diff --git a/lasso/xml/lib_idp_entries.c b/lasso/xml/lib_idp_entries.c
index 94088971..e364d0a0 100644
--- a/lasso/xml/lib_idp_entries.c
+++ b/lasso/xml/lib_idp_entries.c
@@ -26,16 +26,16 @@
 #include <lasso/xml/lib_idp_entries.h>
 
 /*
-Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="IDPEntries">
-  <xs:complexType>
-    <xs:sequence>
-      <xs:element ref="IDPEntry" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-</xs:element>
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:element name="IDPEntries">
+ *   <xs:complexType>
+ *     <xs:sequence>
+ *       <xs:element ref="IDPEntry" maxOccurs="unbounded"/>
+ *     </xs:sequence>
+ *   </xs:complexType>
+ * </xs:element>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_idp_entry.c b/lasso/xml/lib_idp_entry.c
index dbe9ff2c..2c758f44 100644
--- a/lasso/xml/lib_idp_entry.c
+++ b/lasso/xml/lib_idp_entry.c
@@ -26,18 +26,18 @@
 #include <lasso/xml/lib_idp_entry.h>
 
 /*
-Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="IDPEntry">
-  <xs:complexType>
-    <xs:sequence>
-      <xs:element ref="ProviderID"/>
-      <xs:element name="ProviderName" type="xs:string" minOccurs="0"/>
-      <xs:element name="Loc" type="xs:anyURI"/>
-    </xs:sequence>
-  </xs:complexType>
-</xs:element>
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:element name="IDPEntry">
+ *   <xs:complexType>
+ *     <xs:sequence>
+ *       <xs:element ref="ProviderID"/>
+ *       <xs:element name="ProviderName" type="xs:string" minOccurs="0"/>
+ *       <xs:element name="Loc" type="xs:anyURI"/>
+ *     </xs:sequence>
+ *   </xs:complexType>
+ * </xs:element>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_idp_entry.h b/lasso/xml/lib_idp_entry.h
index c438244f..ddd9984c 100644
--- a/lasso/xml/lib_idp_entry.h
+++ b/lasso/xml/lib_idp_entry.h
@@ -50,7 +50,7 @@ typedef struct _LassoLibIDPEntryClass LassoLibIDPEntryClass;
 struct _LassoLibIDPEntry{
 	LassoNode parent;
 
-        /* <xs:element ref="ProviderID"/> */
+	/* <xs:element ref="ProviderID"/> */
 	char *ProviderID;
 	/* <xs:element name="ProviderName" type="xs:string" minOccurs="0"/> */
 	char *ProviderName;
diff --git a/lasso/xml/lib_idp_list.c b/lasso/xml/lib_idp_list.c
index f6265dbb..e35244bf 100644
--- a/lasso/xml/lib_idp_list.c
+++ b/lasso/xml/lib_idp_list.c
@@ -26,18 +26,18 @@
 #include <lasso/xml/lib_idp_list.h>
 
 /*
-Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="IDPList" type="IDPListType"/>
-<xs:complexType name="IDPListType">
-  <xs:sequence>
-    <xs:element ref="IDPEntries"/>
-    <xs:element ref="GetComplete" minOccurs="0"/>
-  </xs:sequence>
-</xs:complexType>
-
-<xs:element name="GetComplete" type="xs:anyURI"/>
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:element name="IDPList" type="IDPListType"/>
+ * <xs:complexType name="IDPListType">
+ *   <xs:sequence>
+ *     <xs:element ref="IDPEntries"/>
+ *     <xs:element ref="GetComplete" minOccurs="0"/>
+ *   </xs:sequence>
+ * </xs:complexType>
+ * 
+ * <xs:element name="GetComplete" type="xs:anyURI"/>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
@@ -77,7 +77,7 @@ init_from_xml(LassoNode *node, xmlNode *xmlnode)
 	return 0;
 }
 
-  
+
 /*****************************************************************************/
 /* instance and class init functions                                         */
 /*****************************************************************************/
diff --git a/lasso/xml/lib_logout_request.c b/lasso/xml/lib_logout_request.c
index c0010aff..5e0e16d4 100644
--- a/lasso/xml/lib_logout_request.c
+++ b/lasso/xml/lib_logout_request.c
@@ -27,35 +27,34 @@
 #include <lasso/xml/lib_logout_request.h>
 
 /*
-The Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="LogoutRequest" type="LogoutRequestType"/>
-<xs:complexType name="LogoutRequestType">
-  <xs:complexContent>
-    <xs:extension base="samlp:RequestAbstractType">
-      <xs:sequence>
-        <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-        <xs:element ref="ProviderID"/>
-        <xs:element ref="saml:NameIdentifier"/>
-        <xs:element name="SessionIndex" type="xs:string" minOccurs="0"/>
-        <xs:element ref="RelayState" minOccurs="0"/>
-      </xs:sequence>
-      <xs:attribute ref="consent" use="optional"/>
-    </xs:extension>
-  </xs:complexContent>
-</xs:complexType>
-
-<xs:element name="ProviderID" type="md:entityIDType"/>
-<xs:element name="RelayState" type="xs:string"/>
-
-From liberty-metadata-v1.0.xsd:
-<xs:simpleType name="entityIDType">
-  <xs:restriction base="xs:anyURI">
-    <xs:maxLength value="1024" id="maxlengthid"/>
-  </xs:restriction>
-</xs:simpleType>
-
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:element name="LogoutRequest" type="LogoutRequestType"/>
+ * <xs:complexType name="LogoutRequestType">
+ *   <xs:complexContent>
+ *     <xs:extension base="samlp:RequestAbstractType">
+ *       <xs:sequence>
+ *         <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+ *         <xs:element ref="ProviderID"/>
+ *         <xs:element ref="saml:NameIdentifier"/>
+ *         <xs:element name="SessionIndex" type="xs:string" minOccurs="0"/>
+ *         <xs:element ref="RelayState" minOccurs="0"/>
+ *       </xs:sequence>
+ *       <xs:attribute ref="consent" use="optional"/>
+ *     </xs:extension>
+ *   </xs:complexContent>
+ * </xs:complexType>
+ * 
+ * <xs:element name="ProviderID" type="md:entityIDType"/>
+ * <xs:element name="RelayState" type="xs:string"/>
+ * 
+ * From liberty-metadata-v1.0.xsd:
+ * <xs:simpleType name="entityIDType">
+ *   <xs:restriction base="xs:anyURI">
+ *     <xs:maxLength value="1024" id="maxlengthid"/>
+ *   </xs:restriction>
+ * </xs:simpleType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_logout_request.h b/lasso/xml/lib_logout_request.h
index eb6069d1..e9d3626a 100644
--- a/lasso/xml/lib_logout_request.h
+++ b/lasso/xml/lib_logout_request.h
@@ -52,22 +52,22 @@ typedef struct _LassoLibLogoutRequestClass LassoLibLogoutRequestClass;
 
 struct _LassoLibLogoutRequest {
 	LassoSamlpRequestAbstract parent;
-        /* <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/> */
+	/* <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/> */
 	char *Extension;
-        /* <xs:element ref="ProviderID"/> */
+	/* <xs:element ref="ProviderID"/> */
 	char *ProviderID;
-        /* <xs:element ref="saml:NameIdentifier"/> */
+	/* <xs:element ref="saml:NameIdentifier"/> */
 	LassoSamlNameIdentifier *NameIdentifier;
-        /* <xs:element name="SessionIndex" type="xs:string" minOccurs="0"/> */
+	/* <xs:element name="SessionIndex" type="xs:string" minOccurs="0"/> */
 	char *SessionIndex;
-        /* <xs:element ref="RelayState" minOccurs="0"/> */
+	/* <xs:element ref="RelayState" minOccurs="0"/> */
 	char *RelayState;
-        /* <xs:attribute ref="consent" use="optional"/> */
+	/* <xs:attribute ref="consent" use="optional"/> */
 	char *consent;
 };
 
 struct _LassoLibLogoutRequestClass {
-  LassoSamlpRequestAbstractClass parent;
+	LassoSamlpRequestAbstractClass parent;
 };
 
 LASSO_EXPORT GType lasso_lib_logout_request_get_type(void);
diff --git a/lasso/xml/lib_logout_response.c b/lasso/xml/lib_logout_response.c
index eb8199c2..57b10554 100644
--- a/lasso/xml/lib_logout_response.c
+++ b/lasso/xml/lib_logout_response.c
@@ -26,11 +26,10 @@
 #include <lasso/xml/lib_logout_response.h>
 
 /*
-The Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="LogoutResponse" type="StatusResponseType"/>
-
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:element name="LogoutResponse" type="StatusResponseType"/>
+ */
 
 
 /*****************************************************************************/
@@ -120,7 +119,7 @@ lasso_lib_logout_response_new_full(char *providerID, const char *statusCodeValue
 	response->Status = lasso_samlp_status_new();
 	response->Status->StatusCode = lasso_samlp_status_code_new();
 	response->Status->StatusCode->Value = g_strdup(statusCodeValue);
-  
+
 	return LASSO_NODE(response);
 }
 
diff --git a/lasso/xml/lib_name_identifier_mapping_request.c b/lasso/xml/lib_name_identifier_mapping_request.c
index 1f6c0b90..f31c4f82 100644
--- a/lasso/xml/lib_name_identifier_mapping_request.c
+++ b/lasso/xml/lib_name_identifier_mapping_request.c
@@ -26,33 +26,32 @@
 #include <lasso/xml/lib_name_identifier_mapping_request.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-protocol-1.0.xsd):
-
-<xs:element name="NameIdentifierMappingRequest" type="NameIdentifierMappingRequestType"/>
-<xs:complexType name="NameIdentifierMappingRequestType">
-  <xs:complexContent>
-    <xs:extension base="samlp:RequestAbstractType">
-      <xs:sequence>
-        <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-        <xs:element ref="ProviderID"/>
-        <xs:element ref="saml:NameIdentifier"/>
-        <xs:element name="TargetNamespace" type="md:entityIDType"/>
-      </xs:sequence>
-      <xs:attribute ref="consent" use="optional"/>
-    </xs:extension>
-  </xs:complexContent>
-</xs:complexType>
-
-<xs:element name="ProviderID" type="md:entityIDType"/>
-
-From liberty-metadata-v1.0.xsd:
-<xs:simpleType name="entityIDType">
-  <xs:restriction base="xs:anyURI">
-    <xs:maxLength value="1024" id="maxlengthid"/>
-  </xs:restriction>
-</xs:simpleType>
-
-*/
+ * Schema fragment (oasis-sstc-saml-schema-protocol-1.0.xsd):
+ * 
+ * <xs:element name="NameIdentifierMappingRequest" type="NameIdentifierMappingRequestType"/>
+ * <xs:complexType name="NameIdentifierMappingRequestType">
+ *   <xs:complexContent>
+ *     <xs:extension base="samlp:RequestAbstractType">
+ *       <xs:sequence>
+ *         <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+ *         <xs:element ref="ProviderID"/>
+ *         <xs:element ref="saml:NameIdentifier"/>
+ *         <xs:element name="TargetNamespace" type="md:entityIDType"/>
+ *       </xs:sequence>
+ *       <xs:attribute ref="consent" use="optional"/>
+ *     </xs:extension>
+ *   </xs:complexContent>
+ * </xs:complexType>
+ * 
+ * <xs:element name="ProviderID" type="md:entityIDType"/>
+ * 
+ * From liberty-metadata-v1.0.xsd:
+ * <xs:simpleType name="entityIDType">
+ *   <xs:restriction base="xs:anyURI">
+ *     <xs:maxLength value="1024" id="maxlengthid"/>
+ *   </xs:restriction>
+ * </xs:simpleType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_name_identifier_mapping_response.c b/lasso/xml/lib_name_identifier_mapping_response.c
index b1caba6a..5ff71dfe 100644
--- a/lasso/xml/lib_name_identifier_mapping_response.c
+++ b/lasso/xml/lib_name_identifier_mapping_response.c
@@ -26,23 +26,22 @@
 #include <lasso/xml/lib_name_identifier_mapping_response.h>
 
 /*
-The Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="NameIdentifierMappingResponse" type="NameIdentifierMappingResponseType"/>
-<xs:complexType name="NameIdentifierMappingResponseType">
-  <xs:complexContent>
-    <xs:extension base="samlp:ResponseAbstractType">
-      <xs:sequence>
-        <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-        <xs:element ref="ProviderID"/>
-        <xs:element ref="samlp:Status"/>
-        <xs:element ref="saml:NameIdentifier" minOccurs="0"/>
-      </xs:sequence>
-    </xs:extension>
-  </xs:complexContent>
-</xs:complexType>
-
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:element name="NameIdentifierMappingResponse" type="NameIdentifierMappingResponseType"/>
+ * <xs:complexType name="NameIdentifierMappingResponseType">
+ *   <xs:complexContent>
+ *     <xs:extension base="samlp:ResponseAbstractType">
+ *       <xs:sequence>
+ *         <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+ *         <xs:element ref="ProviderID"/>
+ *         <xs:element ref="samlp:Status"/>
+ *         <xs:element ref="saml:NameIdentifier" minOccurs="0"/>
+ *       </xs:sequence>
+ *     </xs:extension>
+ *   </xs:complexContent>
+ * </xs:complexType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_name_identifier_mapping_response.h b/lasso/xml/lib_name_identifier_mapping_response.h
index 09315f65..6af696b2 100644
--- a/lasso/xml/lib_name_identifier_mapping_response.h
+++ b/lasso/xml/lib_name_identifier_mapping_response.h
@@ -58,13 +58,13 @@ typedef struct _LassoLibNameIdentifierMappingResponseClass \
 struct _LassoLibNameIdentifierMappingResponse {
 	LassoSamlpResponseAbstract parent;
 
-        /* <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/> */
+	/* <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/> */
 	LassoNode *Extension;
-        /* <xs:element ref="ProviderID"/> */
+	/* <xs:element ref="ProviderID"/> */
 	char *ProviderID;
-        /* <xs:element ref="samlp:Status"/> */
+	/* <xs:element ref="samlp:Status"/> */
 	LassoSamlpStatus *Status;
-        /* <xs:element ref="saml:NameIdentifier" minOccurs="0"/> */
+	/* <xs:element ref="saml:NameIdentifier" minOccurs="0"/> */
 	LassoSamlNameIdentifier *NameIdentifier;
 };
 
diff --git a/lasso/xml/lib_register_name_identifier_request.c b/lasso/xml/lib_register_name_identifier_request.c
index ef20f239..627ffa63 100644
--- a/lasso/xml/lib_register_name_identifier_request.c
+++ b/lasso/xml/lib_register_name_identifier_request.c
@@ -27,38 +27,37 @@
 #include <lasso/xml/lib_register_name_identifier_request.h>
 
 /*
-The Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="RegisterNameIdentifierRequest" type="RegisterNameIdentifierRequestType"/>
-<xs:complexType name="RegisterNameIdentifierRequestType">
-  <xs:complexContent>
-    <xs:extension base="samlp:RequestAbstractType">
-      <xs:sequence>
-        <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-        <xs:element ref="ProviderID"/>
-        <xs:element ref="IDPProvidedNameIdentifier"/>
-        <xs:element ref="SPProvidedNameIdentifier" minOccurs="0"/>
-        <xs:element ref="OldProvidedNameIdentifier"/>
-        <xs:element ref="RelayState" minOccurs="0"/>
-      </xs:sequence>
-    </xs:extension>
-  </xs:complexContent>
-</xs:complexType>
-<xs:element name="IDPProvidedNameIdentifier" type="saml:NameIdentifierType"/>
-<xs:element name="SPProvidedNameIdentifier" type="saml:NameIdentifierType"/>
-<xs:element name="OldProvidedNameIdentifier" type="saml:NameIdentifierType"/>
-
-<xs:element name="ProviderID" type="md:entityIDType"/>
-<xs:element name="RelayState" type="xs:string"/>
-
-From liberty-metadata-v1.0.xsd:
-<xs:simpleType name="entityIDType">
-  <xs:restriction base="xs:anyURI">
-    <xs:maxLength value="1024" id="maxlengthid"/>
-  </xs:restriction>
-</xs:simpleType>
-
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:element name="RegisterNameIdentifierRequest" type="RegisterNameIdentifierRequestType"/>
+ * <xs:complexType name="RegisterNameIdentifierRequestType">
+ *   <xs:complexContent>
+ *     <xs:extension base="samlp:RequestAbstractType">
+ *       <xs:sequence>
+ *         <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+ *         <xs:element ref="ProviderID"/>
+ *         <xs:element ref="IDPProvidedNameIdentifier"/>
+ *         <xs:element ref="SPProvidedNameIdentifier" minOccurs="0"/>
+ *         <xs:element ref="OldProvidedNameIdentifier"/>
+ *         <xs:element ref="RelayState" minOccurs="0"/>
+ *       </xs:sequence>
+ *     </xs:extension>
+ *   </xs:complexContent>
+ * </xs:complexType>
+ * <xs:element name="IDPProvidedNameIdentifier" type="saml:NameIdentifierType"/>
+ * <xs:element name="SPProvidedNameIdentifier" type="saml:NameIdentifierType"/>
+ * <xs:element name="OldProvidedNameIdentifier" type="saml:NameIdentifierType"/>
+ * 
+ * <xs:element name="ProviderID" type="md:entityIDType"/>
+ * <xs:element name="RelayState" type="xs:string"/>
+ * 
+ * From liberty-metadata-v1.0.xsd:
+ * <xs:simpleType name="entityIDType">
+ *   <xs:restriction base="xs:anyURI">
+ *     <xs:maxLength value="1024" id="maxlengthid"/>
+ *   </xs:restriction>
+ * </xs:simpleType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_register_name_identifier_response.c b/lasso/xml/lib_register_name_identifier_response.c
index 6887fc2b..bee94e96 100644
--- a/lasso/xml/lib_register_name_identifier_response.c
+++ b/lasso/xml/lib_register_name_identifier_response.c
@@ -26,11 +26,10 @@
 #include <lasso/xml/lib_register_name_identifier_response.h>
 
 /*
-The Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="RegisterNameIdentifierResponse" type="StatusResponseType"/>
-
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:element name="RegisterNameIdentifierResponse" type="StatusResponseType"/>
+ */
 
 
 /*****************************************************************************/
@@ -116,7 +115,7 @@ lasso_lib_register_name_identifier_response_new_full(char *providerID,
 	response->Status = lasso_samlp_status_new();
 	response->Status->StatusCode = lasso_samlp_status_code_new();
 	response->Status->StatusCode->Value = g_strdup(statusCodeValue);
-  
+
 	return LASSO_NODE(response);
 }
 
diff --git a/lasso/xml/lib_request_authn_context.c b/lasso/xml/lib_request_authn_context.c
index 4a72216f..08aa817b 100644
--- a/lasso/xml/lib_request_authn_context.c
+++ b/lasso/xml/lib_request_authn_context.c
@@ -26,23 +26,24 @@
 #include <lasso/xml/lib_request_authn_context.h>
 
 /*
-Information describing which authentication context the requester desires the
-identity provider to use in authenticating the Principal.
-
-Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:element name="RequestAuthnContext">
-  <xs:complexType>
-    <xs:sequence>
-      <xs:choice>
-        <xs:element name="AuthnContextClassRef" type="xs:anyURI" maxOccurs="unbounded"/>
-        <xs:element name="AuthnContextStatementRef" type="xs:anyURI" maxOccurs="unbounded"/>
-      </xs:choice>
-      <xs:element name="AuthnContextComparison" type="AuthnContextComparisonType" minOccurs="0"/>
-    </xs:sequence>
-  </xs:complexType>
-</xs:element>
-*/
+ * Information describing which authentication context the requester desires the
+ * identity provider to use in authenticating the Principal.
+ * 
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:element name="RequestAuthnContext">
+ *   <xs:complexType>
+ *     <xs:sequence>
+ *       <xs:choice>
+ *         <xs:element name="AuthnContextClassRef" type="xs:anyURI" maxOccurs="unbounded"/>
+ *         <xs:element name="AuthnContextStatementRef" type="xs:anyURI" maxOccurs="unbounded"/>
+ *       </xs:choice>
+ *       <xs:element name="AuthnContextComparison" 
+ *           type="AuthnContextComparisonType" minOccurs="0"/>
+ *     </xs:sequence>
+ *   </xs:complexType>
+ * </xs:element>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_scoping.c b/lasso/xml/lib_scoping.c
index 72be82fd..75421bb5 100644
--- a/lasso/xml/lib_scoping.c
+++ b/lasso/xml/lib_scoping.c
@@ -26,16 +26,16 @@
 #include <lasso/xml/lib_scoping.h>
 
 /*
-Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:complexType name="ScopingType">
-  <xs:sequence>
-    <xs:element name="ProxyCount" type="xs:nonNegativeInteger" minOccurs="0"/>
-    <xs:element ref="IDPList" minOccurs="0"/>
-  </xs:sequence>
-</xs:complexType>
-<xs:element name="Scoping" type="ScopingType"/>
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:complexType name="ScopingType">
+ *   <xs:sequence>
+ *     <xs:element name="ProxyCount" type="xs:nonNegativeInteger" minOccurs="0"/>
+ *     <xs:element ref="IDPList" minOccurs="0"/>
+ *   </xs:sequence>
+ * </xs:complexType>
+ * <xs:element name="Scoping" type="ScopingType"/>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_status_response.c b/lasso/xml/lib_status_response.c
index 31789662..75221b8e 100644
--- a/lasso/xml/lib_status_response.c
+++ b/lasso/xml/lib_status_response.c
@@ -27,32 +27,31 @@
 #include <libxml/uri.h>
 
 /*
-Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:complexType name="StatusResponseType">
-  <xs:complexContent>
-    <xs:extension base="samlp:ResponseAbstractType">
-      <xs:sequence>
-        <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-        <xs:element ref="ProviderID"/>
-        <xs:element ref="samlp:Status"/>
-        <xs:element ref="RelayState" minOccurs="0"/>
-      </xs:sequence>
-    </xs:extension>
-  </xs:complexContent>
-</xs:complexType>
-
-<xs:element name="ProviderID" type="md:entityIDType"/>
-<xs:element name="RelayState" type="xs:string"/>
-
-From liberty-metadata-v1.0.xsd:
-<xs:simpleType name="entityIDType">
-  <xs:restriction base="xs:anyURI">
-    <xs:maxLength value="1024" id="maxlengthid"/>
-  </xs:restriction>
-</xs:simpleType>
-
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:complexType name="StatusResponseType">
+ *   <xs:complexContent>
+ *     <xs:extension base="samlp:ResponseAbstractType">
+ *       <xs:sequence>
+ *         <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+ *         <xs:element ref="ProviderID"/>
+ *         <xs:element ref="samlp:Status"/>
+ *         <xs:element ref="RelayState" minOccurs="0"/>
+ *       </xs:sequence>
+ *     </xs:extension>
+ *   </xs:complexContent>
+ * </xs:complexType>
+ * 
+ * <xs:element name="ProviderID" type="md:entityIDType"/>
+ * <xs:element name="RelayState" type="xs:string"/>
+ * 
+ * From liberty-metadata-v1.0.xsd:
+ * <xs:simpleType name="entityIDType">
+ *   <xs:restriction base="xs:anyURI">
+ *     <xs:maxLength value="1024" id="maxlengthid"/>
+ *   </xs:restriction>
+ * </xs:simpleType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_status_response.h b/lasso/xml/lib_status_response.h
index 512a496a..a0c07e71 100644
--- a/lasso/xml/lib_status_response.h
+++ b/lasso/xml/lib_status_response.h
@@ -55,7 +55,7 @@ struct _LassoLibStatusResponse {
 
 	/* <xs:element ref="ProviderID"/> */
 	char *ProviderID;
-        /* <xs:element ref="samlp:Status"/> */
+	/* <xs:element ref="samlp:Status"/> */
 	LassoSamlpStatus *Status;
 	/* <xs:element ref="RelayState" minOccurs="0"/> */
 	char *RelayState;
diff --git a/lasso/xml/lib_subject.c b/lasso/xml/lib_subject.c
index 88a9b020..6a8cb30e 100644
--- a/lasso/xml/lib_subject.c
+++ b/lasso/xml/lib_subject.c
@@ -26,20 +26,19 @@
 #include <lasso/xml/lib_subject.h>
 
 /*
-The schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
-
-<xs:complexType name="SubjectType">
-  <xs:complexContent>
-    <xs:extension base="saml:SubjectType">
-      <xs:sequence>
-        <xs:element ref="IDPProvidedNameIdentifier"/>
-      </xs:sequence>
-    </xs:extension>
-  </xs:complexContent>
-</xs:complexType>
-<xs:element name="Subject" type="SubjectType" substitutionGroup="saml:Subject"/>
-
-*/
+ * Schema fragment (liberty-idff-protocols-schema-v1.2.xsd):
+ * 
+ * <xs:complexType name="SubjectType">
+ *   <xs:complexContent>
+ *     <xs:extension base="saml:SubjectType">
+ *       <xs:sequence>
+ *         <xs:element ref="IDPProvidedNameIdentifier"/>
+ *       </xs:sequence>
+ *     </xs:extension>
+ *   </xs:complexContent>
+ * </xs:complexType>
+ * <xs:element name="Subject" type="SubjectType" substitutionGroup="saml:Subject"/>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/lib_subject.h b/lasso/xml/lib_subject.h
index 1cff67fc..bc8c4cf1 100644
--- a/lasso/xml/lib_subject.h
+++ b/lasso/xml/lib_subject.h
@@ -49,7 +49,7 @@ typedef struct _LassoLibSubjectClass LassoLibSubjectClass;
 
 struct _LassoLibSubject {
 	LassoSamlSubject parent;
-        /* <xs:element ref="IDPProvidedNameIdentifier"/> */
+	/* <xs:element ref="IDPProvidedNameIdentifier"/> */
 	LassoSamlNameIdentifier *IDPProvidedNameIdentifier;
 };
 
diff --git a/lasso/xml/saml_advice.c b/lasso/xml/saml_advice.c
index 3b2f355d..53095f60 100644
--- a/lasso/xml/saml_advice.c
+++ b/lasso/xml/saml_advice.c
@@ -27,22 +27,22 @@
 #include <lasso/xml/saml_assertion.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
-
-<element name="Advice" type="saml:AdviceType"/>
-<complexType name="AdviceType">
-  <choice minOccurs="0" maxOccurs="unbounded">
-    <element ref="saml:AssertionIDReference"/>
-    <element ref="saml:Assertion"/>
-    <any namespace="##other" processContents="lax"/>
-  </choice>
-</complexType>
-
-<element name="AssertionIDReference" type="saml:IDReferenceType"/>
-<simpleType name="IDReferenceType">
-  <restriction base="string"/>
-</simpleType>
-*/
+ * Schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
+ * 
+ * <element name="Advice" type="saml:AdviceType"/>
+ * <complexType name="AdviceType">
+ *   <choice minOccurs="0" maxOccurs="unbounded">
+ *     <element ref="saml:AssertionIDReference"/>
+ *     <element ref="saml:Assertion"/>
+ *     <any namespace="##other" processContents="lax"/>
+ *   </choice>
+ * </complexType>
+ * 
+ * <element name="AssertionIDReference" type="saml:IDReferenceType"/>
+ * <simpleType name="IDReferenceType">
+ *   <restriction base="string"/>
+ * </simpleType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/saml_assertion.c b/lasso/xml/saml_assertion.c
index e264b3f9..e5d4b5cc 100644
--- a/lasso/xml/saml_assertion.c
+++ b/lasso/xml/saml_assertion.c
@@ -26,34 +26,34 @@
 #include <lasso/xml/saml_assertion.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
-
-<element name="Assertion" type="saml:AssertionType"/>
-<complexType name="AssertionType">
-  <sequence>
-    <element ref="saml:Conditions" minOccurs="0"/>
-    <element ref="saml:Advice" minOccurs="0"/>
-    <choice maxOccurs="unbounded">
-      <element ref="saml:Statement"/>
-      <element ref="saml:SubjectStatement"/>
-      <element ref="saml:AuthenticationStatement"/>
-      <element ref="saml:AuthorizationDecisionStatement"/>
-      <element ref="saml:AttributeStatement"/>
-    </choice>
-    <element ref="ds:Signature" minOccurs="0"/>
-  </sequence>
-  <attribute name="MajorVersion" type="integer" use="required"/>
-  <attribute name="MinorVersion" type="integer" use="required"/>
-  <attribute name="AssertionID" type="saml:IDType" use="required"/>
-  <attribute name="Issuer" type="string" use="required"/>
-  <attribute name="IssueInstant" type="dateTime" use="required"/>
-</complexType>
-
-From oasis-sstc-saml-schema-assertion-1.0.xsd:
-<simpleType name="IDType">
-  <restriction base="string"/>
-</simpleType>
-*/
+ * Schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
+ * 
+ * <element name="Assertion" type="saml:AssertionType"/>
+ * <complexType name="AssertionType">
+ *   <sequence>
+ *     <element ref="saml:Conditions" minOccurs="0"/>
+ *     <element ref="saml:Advice" minOccurs="0"/>
+ *     <choice maxOccurs="unbounded">
+ *       <element ref="saml:Statement"/>
+ *       <element ref="saml:SubjectStatement"/>
+ *       <element ref="saml:AuthenticationStatement"/>
+ *       <element ref="saml:AuthorizationDecisionStatement"/>
+ *       <element ref="saml:AttributeStatement"/>
+ *     </choice>
+ *     <element ref="ds:Signature" minOccurs="0"/>
+ *   </sequence>
+ *   <attribute name="MajorVersion" type="integer" use="required"/>
+ *   <attribute name="MinorVersion" type="integer" use="required"/>
+ *   <attribute name="AssertionID" type="saml:IDType" use="required"/>
+ *   <attribute name="Issuer" type="string" use="required"/>
+ *   <attribute name="IssueInstant" type="dateTime" use="required"/>
+ * </complexType>
+ * 
+ * From oasis-sstc-saml-schema-assertion-1.0.xsd:
+ * <simpleType name="IDType">
+ *   <restriction base="string"/>
+ * </simpleType>
+ */
 
 
 /*****************************************************************************/
@@ -162,18 +162,18 @@ lasso_saml_assertion_set_signature(LassoSamlAssertion  *node,
 {
 	return 0;
 #if 0 /* XXX: signatures are done differently */
-  gint ret;
-  LassoNodeClass *class;
+	gint ret;
+	LassoNodeClass *class;
 
-  g_return_val_if_fail(LASSO_IS_SAML_ASSERTION(node),
-		       LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
+	g_return_val_if_fail(LASSO_IS_SAML_ASSERTION(node),
+			LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
 
-  class = LASSO_NODE_GET_CLASS(node);
+	class = LASSO_NODE_GET_CLASS(node);
 
-  ret = class->add_signature(LASSO_NODE (node), sign_method,
-			     private_key_file, certificate_file);
+	ret = class->add_signature(LASSO_NODE (node), sign_method,
+			private_key_file, certificate_file);
 
-  return ret;
+	return ret;
 #endif
 }
 
diff --git a/lasso/xml/saml_audience_restriction_condition.c b/lasso/xml/saml_audience_restriction_condition.c
index e1fcb3eb..ada6af29 100644
--- a/lasso/xml/saml_audience_restriction_condition.c
+++ b/lasso/xml/saml_audience_restriction_condition.c
@@ -26,21 +26,21 @@
 #include <lasso/xml/saml_audience_restriction_condition.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
-
-<element name="AudienceRestrictionCondition" type="saml:AudienceRestrictionConditionType"/>
-<complexType name="AudienceRestrictionConditionType">
-  <complexContent>
-    <extension base="saml:ConditionAbstractType">
-      <sequence>
-        <element ref="saml:Audience" maxOccurs="unbounded"/>
-      </sequence>
-    </extension>
-  </complexContent>
-</complexType>
-
-<element name="Audience" type="anyURI"/>
-*/
+ * schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
+ * 
+ * <element name="AudienceRestrictionCondition" type="saml:AudienceRestrictionConditionType"/>
+ * <complexType name="AudienceRestrictionConditionType">
+ *   <complexContent>
+ *     <extension base="saml:ConditionAbstractType">
+ *       <sequence>
+ *         <element ref="saml:Audience" maxOccurs="unbounded"/>
+ *       </sequence>
+ *     </extension>
+ *   </complexContent>
+ * </complexType>
+ * 
+ * <element name="Audience" type="anyURI"/>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/saml_authentication_statement.c b/lasso/xml/saml_authentication_statement.c
index 60bd3d96..d822aca0 100644
--- a/lasso/xml/saml_authentication_statement.c
+++ b/lasso/xml/saml_authentication_statement.c
@@ -26,21 +26,21 @@
 #include <lasso/xml/saml_authentication_statement.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
-
-<element name="AuthenticationStatement" type="saml:AuthenticationStatementType"/>
-<complexType name="AuthenticationStatementType">
-  <complexContent>
-    <extension base="saml:SubjectStatementAbstractType">
-      <sequence>
-        <element ref="saml:SubjectLocality" minOccurs="0"/>
-        <element ref="saml:AuthorityBinding" minOccurs="0" maxOccurs="unbounded"/>
-      </sequence>
-      <attribute name="AuthenticationMethod" type="anyURI" use="required"/>
-      <attribute name="AuthenticationInstant" type="dateTime" use="required"/>
-    </extension>
-  </complexContent>
-</complexType>
+ * Schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
+ * 
+ * <element name="AuthenticationStatement" type="saml:AuthenticationStatementType"/>
+ * <complexType name="AuthenticationStatementType">
+ *   <complexContent>
+ *     <extension base="saml:SubjectStatementAbstractType">
+ *       <sequence>
+ *         <element ref="saml:SubjectLocality" minOccurs="0"/>
+ *         <element ref="saml:AuthorityBinding" minOccurs="0" maxOccurs="unbounded"/>
+ *       </sequence>
+ *       <attribute name="AuthenticationMethod" type="anyURI" use="required"/>
+ *       <attribute name="AuthenticationInstant" type="dateTime" use="required"/>
+ *     </extension>
+ *   </complexContent>
+ * </complexType>
 */
 
 /*****************************************************************************/
diff --git a/lasso/xml/saml_authority_binding.c b/lasso/xml/saml_authority_binding.c
index 9b5dab33..e12a58b0 100644
--- a/lasso/xml/saml_authority_binding.c
+++ b/lasso/xml/saml_authority_binding.c
@@ -26,16 +26,15 @@
 #include <lasso/xml/saml_authority_binding.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
-
-<element name="AuthorityBinding" type="saml:AuthorityBindingType"/>
-<complexType name="AuthorityBindingType">
-  <attribute name="AuthorityKind" type="QName" use="required"/>
-  <attribute name="Location" type="anyURI" use="required"/>
-  <attribute name="Binding" type="anyURI" use="required"/>
-</complexType>
-
-*/
+ * Schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
+ * 
+ * <element name="AuthorityBinding" type="saml:AuthorityBindingType"/>
+ * <complexType name="AuthorityBindingType">
+ *   <attribute name="AuthorityKind" type="QName" use="required"/>
+ *   <attribute name="Location" type="anyURI" use="required"/>
+ *   <attribute name="Binding" type="anyURI" use="required"/>
+ * </complexType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/saml_conditions.c b/lasso/xml/saml_conditions.c
index ae97f630..962b625a 100644
--- a/lasso/xml/saml_conditions.c
+++ b/lasso/xml/saml_conditions.c
@@ -26,18 +26,18 @@
 #include <lasso/xml/saml_conditions.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
-
-<element name="Conditions" type="saml:ConditionsType"/>
-<complexType name="ConditionsType">
-  <choice minOccurs="0" maxOccurs="unbounded">
-    <element ref="saml:AudienceRestrictionCondition"/>
-    <element ref="saml:Condition"/>
-  </choice>
-  <attribute name="NotBefore" type="dateTime" use="optional"/>
-  <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
-</complexType>
-*/
+ * Schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
+ * 
+ * <element name="Conditions" type="saml:ConditionsType"/>
+ * <complexType name="ConditionsType">
+ *   <choice minOccurs="0" maxOccurs="unbounded">
+ *     <element ref="saml:AudienceRestrictionCondition"/>
+ *     <element ref="saml:Condition"/>
+ *   </choice>
+ *   <attribute name="NotBefore" type="dateTime" use="optional"/>
+ *   <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
+ * </complexType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/saml_name_identifier.c b/lasso/xml/saml_name_identifier.c
index 1711acf1..14c93e0f 100644
--- a/lasso/xml/saml_name_identifier.c
+++ b/lasso/xml/saml_name_identifier.c
@@ -27,18 +27,18 @@
 #include <libxml/uri.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
-
-<element name="NameIdentifier" type="saml:NameIdentifierType"/>
-<complexType name="NameIdentifierType">
-  <simpleContent>
-    <extension base="string">
-      <attribute name="NameQualifier" type="string" use="optional"/>
-      <attribute name="Format" type="anyURI" use="optional"/>
-    </extension>
-  </simpleContent>
-</complexType>
-*/
+ * Schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
+ * 
+ * <element name="NameIdentifier" type="saml:NameIdentifierType"/>
+ * <complexType name="NameIdentifierType">
+ *   <simpleContent>
+ *     <extension base="string">
+ *       <attribute name="NameQualifier" type="string" use="optional"/>
+ *       <attribute name="Format" type="anyURI" use="optional"/>
+ *     </extension>
+ *   </simpleContent>
+ * </complexType>
+ */
 
 /*****************************************************************************/
 /* public methods                                                            */
diff --git a/lasso/xml/saml_subject.c b/lasso/xml/saml_subject.c
index 3a5f9279..e2dd869d 100644
--- a/lasso/xml/saml_subject.c
+++ b/lasso/xml/saml_subject.c
@@ -26,19 +26,19 @@
 #include <lasso/xml/saml_subject.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
-
-<element name="Subject" type="saml:SubjectType"/>
-<complexType name="SubjectType">
-  <choice>
-    <sequence>
-      <element ref="saml:NameIdentifier"/>
-      <element ref="saml:SubjectConfirmation" minOccurs="0"/>
-    </sequence>
-    <element ref="saml:SubjectConfirmation"/>
-  </choice>
-</complexType>
-*/
+ * Schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
+ * 
+ * <element name="Subject" type="saml:SubjectType"/>
+ * <complexType name="SubjectType">
+ *   <choice>
+ *     <sequence>
+ *       <element ref="saml:NameIdentifier"/>
+ *       <element ref="saml:SubjectConfirmation" minOccurs="0"/>
+ *     </sequence>
+ *     <element ref="saml:SubjectConfirmation"/>
+ *   </choice>
+ * </complexType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/saml_subject_confirmation.c b/lasso/xml/saml_subject_confirmation.c
index d25c65c3..7229ceea 100644
--- a/lasso/xml/saml_subject_confirmation.c
+++ b/lasso/xml/saml_subject_confirmation.c
@@ -26,20 +26,20 @@
 #include <lasso/xml/saml_subject_confirmation.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
-
-<element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
-<complexType name="SubjectConfirmationType">
-  <sequence>
-    <element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/>
-    <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
-    <element ref="ds:KeyInfo" minOccurs="0"/>
-  </sequence>
-</complexType>
-
-<element name="SubjectConfirmationData" type="anyType"/>
-<element name="ConfirmationMethod" type="anyURI"/>
-*/
+ * Schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
+ * 
+ * <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
+ * <complexType name="SubjectConfirmationType">
+ *   <sequence>
+ *     <element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/>
+ *     <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
+ *     <element ref="ds:KeyInfo" minOccurs="0"/>
+ *   </sequence>
+ * </complexType>
+ * 
+ * <element name="SubjectConfirmationData" type="anyType"/>
+ * <element name="ConfirmationMethod" type="anyURI"/>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/saml_subject_locality.c b/lasso/xml/saml_subject_locality.c
index d00cfad5..90984772 100644
--- a/lasso/xml/saml_subject_locality.c
+++ b/lasso/xml/saml_subject_locality.c
@@ -26,14 +26,14 @@
 #include <lasso/xml/saml_subject_locality.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
-
-<element name="SubjectLocality" type="saml:SubjectLocalityType"/>
-<complexType name="SubjectLocalityType">
-  <attribute name="IPAddress" type="string" use="optional"/>
-  <attribute name="DNSAddress" type="string" use="optional"/>
-</complexType>
-*/
+ * Schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
+ * 
+ * <element name="SubjectLocality" type="saml:SubjectLocalityType"/>
+ * <complexType name="SubjectLocalityType">
+ *   <attribute name="IPAddress" type="string" use="optional"/>
+ *   <attribute name="DNSAddress" type="string" use="optional"/>
+ * </complexType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/saml_subject_statement_abstract.c b/lasso/xml/saml_subject_statement_abstract.c
index 8c95d15c..f98f7847 100644
--- a/lasso/xml/saml_subject_statement_abstract.c
+++ b/lasso/xml/saml_subject_statement_abstract.c
@@ -26,18 +26,18 @@
 #include <lasso/xml/saml_subject_statement_abstract.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
-
-<complexType name="SubjectStatementAbstractType" abstract="true">
-  <complexContent>
-    <extension base="saml:StatementAbstractType">
-      <sequence>
-        <element ref="saml:Subject"/>
-      </sequence>
-    </extension>
-  </complexContent>
-</complexType>
-*/
+ * Schema fragment (oasis-sstc-saml-schema-assertion-1.0.xsd):
+ * 
+ * <complexType name="SubjectStatementAbstractType" abstract="true">
+ *   <complexContent>
+ *     <extension base="saml:StatementAbstractType">
+ *       <sequence>
+ *         <element ref="saml:Subject"/>
+ *       </sequence>
+ *     </extension>
+ *   </complexContent>
+ * </complexType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/saml_subject_statement_abstract.h b/lasso/xml/saml_subject_statement_abstract.h
index b53c7dc5..d2e61526 100644
--- a/lasso/xml/saml_subject_statement_abstract.h
+++ b/lasso/xml/saml_subject_statement_abstract.h
@@ -54,7 +54,7 @@ typedef struct _LassoSamlSubjectStatementAbstractClass LassoSamlSubjectStatement
 
 struct _LassoSamlSubjectStatementAbstract {
 	LassoSamlStatementAbstract parent;
-        /* <element ref="saml:Subject"/> */
+	/* <element ref="saml:Subject"/> */
 	LassoSamlSubject *Subject;
 };
 
diff --git a/lasso/xml/samlp_request.c b/lasso/xml/samlp_request.c
index e6a17bb2..27f01c41 100644
--- a/lasso/xml/samlp_request.c
+++ b/lasso/xml/samlp_request.c
@@ -26,26 +26,25 @@
 #include <lasso/xml/samlp_request.h>
 
 /*
-<element name="Request" type="samlp:RequestType"/>
-<complexType name="RequestType">
-   <complexContent>
-     <extension base="samlp:RequestAbstractType">
-	<choice>
-	   <element ref="samlp:Query"/>
-	   <element ref="samlp:SubjectQuery"/>
-	   <element ref="samlp:AuthenticationQuery"/>
-	   <element ref="samlp:AttributeQuery"/>
-	   <element ref="samlp:AuthorizationDecisionQuery"/>
-	   <element ref="saml:AssertionIDReference" maxOccurs="unbounded"/>
-	   <element ref="samlp:AssertionArtifact" maxOccurs="unbounded"/>
-	</choice>
-     </extension>
-   </complexContent>
-</complexType>
-
-<element name="AssertionArtifact" type="string"/>
-
-*/
+ * <element name="Request" type="samlp:RequestType"/>
+ * <complexType name="RequestType">
+ *    <complexContent>
+ *      <extension base="samlp:RequestAbstractType">
+ * 	<choice>
+ * 	   <element ref="samlp:Query"/>
+ * 	   <element ref="samlp:SubjectQuery"/>
+ * 	   <element ref="samlp:AuthenticationQuery"/>
+ * 	   <element ref="samlp:AttributeQuery"/>
+ * 	   <element ref="samlp:AuthorizationDecisionQuery"/>
+ * 	   <element ref="saml:AssertionIDReference" maxOccurs="unbounded"/>
+ * 	   <element ref="samlp:AssertionArtifact" maxOccurs="unbounded"/>
+ * 	</choice>
+ *      </extension>
+ *    </complexContent>
+ * </complexType>
+ * 
+ * <element name="AssertionArtifact" type="string"/>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/samlp_request_abstract.c b/lasso/xml/samlp_request_abstract.c
index 1861d4b9..bb680c2f 100644
--- a/lasso/xml/samlp_request_abstract.c
+++ b/lasso/xml/samlp_request_abstract.c
@@ -29,27 +29,26 @@
 #include <lasso/xml/samlp_request_abstract.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-protocol-1.0.xsd):
-
-<complexType name="RequestAbstractType" abstract="true">
-  <sequence>
-    <element ref="samlp:RespondWith" minOccurs="0" maxOccurs="unbounded"/>
-    <element ref="ds:Signature" minOccurs="0"/>
-  </sequence>
-  <attribute name="RequestID" type="saml:IDType" use="required"/>
-  <attribute name="MajorVersion" type="integer" use="required"/>
-  <attribute name="MinorVersion" type="integer" use="required"/>
-  <attribute name="IssueInstant" type="dateTime" use="required"/>
-</complexType>
-
-<element name="RespondWith" type="QName"/>
-
-From oasis-sstc-saml-schema-assertion-1.0.xsd:
-<simpleType name="IDType">
-  <restriction base="string"/>
-</simpleType>
-
-*/
+ * Schema fragment (oasis-sstc-saml-schema-protocol-1.0.xsd):
+ * 
+ * <complexType name="RequestAbstractType" abstract="true">
+ *   <sequence>
+ *     <element ref="samlp:RespondWith" minOccurs="0" maxOccurs="unbounded"/>
+ *     <element ref="ds:Signature" minOccurs="0"/>
+ *   </sequence>
+ *   <attribute name="RequestID" type="saml:IDType" use="required"/>
+ *   <attribute name="MajorVersion" type="integer" use="required"/>
+ *   <attribute name="MinorVersion" type="integer" use="required"/>
+ *   <attribute name="IssueInstant" type="dateTime" use="required"/>
+ * </complexType>
+ * 
+ * <element name="RespondWith" type="QName"/>
+ * 
+ * From oasis-sstc-saml-schema-assertion-1.0.xsd:
+ * <simpleType name="IDType">
+ *   <restriction base="string"/>
+ * </simpleType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
@@ -210,7 +209,7 @@ class_init(LassoSamlpRequestAbstractClass *klass)
 	parent_class = g_type_class_peek_parent(klass);
 	LASSO_NODE_CLASS(klass)->build_query = build_query;
 	LASSO_NODE_CLASS(klass)->get_xmlNode = get_xmlNode;
-  	LASSO_NODE_CLASS(klass)->init_from_query = init_from_query;
+	LASSO_NODE_CLASS(klass)->init_from_query = init_from_query;
 	LASSO_NODE_CLASS(klass)->init_from_xml = init_from_xml;
 	LASSO_NODE_CLASS(klass)->get_sign_attr_name = get_sign_attr_name;
 }
diff --git a/lasso/xml/samlp_response.c b/lasso/xml/samlp_response.c
index 8a089432..775aaf00 100644
--- a/lasso/xml/samlp_response.c
+++ b/lasso/xml/samlp_response.c
@@ -27,21 +27,20 @@
 #include <libxml/tree.h>
 
 /*
-Schema fragment (oasis-sstc-saml-schema-protocol-1.0.xsd):
-
-<element name="Response" type="samlp:ResponseType"/>
-<complexType name="ResponseType">
-  <complexContent>
-    <extension base="samlp:ResponseAbstractType">
-      <sequence>
-        <element ref="samlp:Status"/>
-        <element ref="saml:Assertion" minOccurs="0" maxOccurs="unbounded"/>
-      </sequence>
-    </extension>
-  </complexContent>
-</complexType>
-
-*/
+ * Schema fragment (oasis-sstc-saml-schema-protocol-1.0.xsd):
+ * 
+ * <element name="Response" type="samlp:ResponseType"/>
+ * <complexType name="ResponseType">
+ *   <complexContent>
+ *     <extension base="samlp:ResponseAbstractType">
+ *       <sequence>
+ *         <element ref="samlp:Status"/>
+ *         <element ref="saml:Assertion" minOccurs="0" maxOccurs="unbounded"/>
+ *       </sequence>
+ *     </extension>
+ *   </complexContent>
+ * </complexType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/samlp_response_abstract.c b/lasso/xml/samlp_response_abstract.c
index c0c3f3f5..c3bb7201 100644
--- a/lasso/xml/samlp_response_abstract.c
+++ b/lasso/xml/samlp_response_abstract.c
@@ -29,28 +29,28 @@
 #include <lasso/xml/samlp_response_abstract.h>
 
 /*
-The schema fragment (oasis-sstc-saml-schema-protocol-1.0.xsd):
-
-<complexType name="ResponseAbstractType" abstract="true">
-  <sequence>
-     <element ref="ds:Signature" minOccurs="0"/>
-  </sequence>
-  <attribute name="ResponseID" type="saml:IDType" use="required"/>
-  <attribute name="InResponseTo" type="saml:IDReferenceType" use="optional"/>
-  <attribute name="MajorVersion" type="integer" use="required"/>
-  <attribute name="MinorVersion" type="integer" use="required"/>
-  <attribute name="IssueInstant" type="dateTime" use="required"/>
-  <attribute name="Recipient" type="anyURI" use="optional"/>
-</complexType>
-
-From oasis-sstc-saml-schema-assertion-1.0.xsd:
-<simpleType name="IDType">
-  <restriction base="string"/>
-</simpleType>
-<simpleType name="IDReferenceType">
-  <restriction base="string"/>
-</simpleType>
-*/
+ * Schema fragment (oasis-sstc-saml-schema-protocol-1.0.xsd):
+ * 
+ * <complexType name="ResponseAbstractType" abstract="true">
+ *   <sequence>
+ *      <element ref="ds:Signature" minOccurs="0"/>
+ *   </sequence>
+ *   <attribute name="ResponseID" type="saml:IDType" use="required"/>
+ *   <attribute name="InResponseTo" type="saml:IDReferenceType" use="optional"/>
+ *   <attribute name="MajorVersion" type="integer" use="required"/>
+ *   <attribute name="MinorVersion" type="integer" use="required"/>
+ *   <attribute name="IssueInstant" type="dateTime" use="required"/>
+ *   <attribute name="Recipient" type="anyURI" use="optional"/>
+ * </complexType>
+ * 
+ * From oasis-sstc-saml-schema-assertion-1.0.xsd:
+ * <simpleType name="IDType">
+ *   <restriction base="string"/>
+ * </simpleType>
+ * <simpleType name="IDReferenceType">
+ *   <restriction base="string"/>
+ * </simpleType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
@@ -229,7 +229,7 @@ class_init(LassoSamlpResponseAbstractClass *klass)
 	LASSO_NODE_CLASS(klass)->get_xmlNode = get_xmlNode;
 	LASSO_NODE_CLASS(klass)->init_from_xml = init_from_xml;
 	LASSO_NODE_CLASS(klass)->build_query = build_query;
-  	LASSO_NODE_CLASS(klass)->init_from_query = init_from_query;
+	LASSO_NODE_CLASS(klass)->init_from_query = init_from_query;
 	LASSO_NODE_CLASS(klass)->get_sign_attr_name = get_sign_attr_name;
 }
 
diff --git a/lasso/xml/samlp_status.c b/lasso/xml/samlp_status.c
index 9e0c1659..5b4e4df1 100644
--- a/lasso/xml/samlp_status.c
+++ b/lasso/xml/samlp_status.c
@@ -26,19 +26,19 @@
 #include <lasso/xml/samlp_status.h>
 
 /*
-Schema fragment (oasis-sstc-saml-schema-protocol-1.0.xsd):
-
-<element name="Status" type="samlp:StatusType"/>
-<complexType name="StatusType">
-  <sequence>
-    <element ref="samlp:StatusCode"/>
-    <element ref="samlp:StatusMessage" minOccurs="0" maxOccurs="1"/>
-    <element ref="samlp:StatusDetail" minOccurs="0"/>
-  </sequence>
-</complexType>
-
-<element name="StatusMessage" type="string"/>
-*/
+ * Schema fragment (oasis-sstc-saml-schema-protocol-1.0.xsd):
+ * 
+ * <element name="Status" type="samlp:StatusType"/>
+ * <complexType name="StatusType">
+ *   <sequence>
+ *     <element ref="samlp:StatusCode"/>
+ *     <element ref="samlp:StatusMessage" minOccurs="0" maxOccurs="1"/>
+ *     <element ref="samlp:StatusDetail" minOccurs="0"/>
+ *   </sequence>
+ * </complexType>
+ * 
+ * <element name="StatusMessage" type="string"/>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/samlp_status_code.c b/lasso/xml/samlp_status_code.c
index 87846c1a..f0cd7dc7 100644
--- a/lasso/xml/samlp_status_code.c
+++ b/lasso/xml/samlp_status_code.c
@@ -26,16 +26,16 @@
 #include <lasso/xml/samlp_status_code.h>
 
 /*
-Schema fragment (oasis-sstc-saml-schema-protocol-1.0.xsd):
-
-<element name="StatusCode" type="samlp:StatusCodeType"/>
-<complexType name="StatusCodeType">
-  <sequence>
-    <element ref="samlp:StatusCode" minOccurs="0"/>
-  </sequence>
-  <attribute name="Value" type="QName" use="required"/>
-</complexType>
-*/
+ * Schema fragment (oasis-sstc-saml-schema-protocol-1.0.xsd):
+ * 
+ * <element name="StatusCode" type="samlp:StatusCodeType"/>
+ * <complexType name="StatusCodeType">
+ *   <sequence>
+ *     <element ref="samlp:StatusCode" minOccurs="0"/>
+ *   </sequence>
+ *   <attribute name="Value" type="QName" use="required"/>
+ * </complexType>
+ */
 
 /*****************************************************************************/
 /* private methods                                                           */
diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c
index 4ea851c7..1f81cb85 100644
--- a/lasso/xml/tools.c
+++ b/lasso/xml/tools.c
@@ -304,104 +304,102 @@ lasso_load_certs_from_pem_certs_chain_file(const char* pem_certs_chain_file)
  * Return value: a newly allocated query signed or NULL if an error occurs.
  **/
 xmlChar*
-lasso_query_sign(xmlChar              *query,
-		 lassoSignatureMethod  sign_method,
-		 const char           *private_key_file)
+lasso_query_sign(xmlChar *query, lassoSignatureMethod  sign_method, const char *private_key_file)
 {
-  BIO *bio = NULL;
-  xmlChar *digest = NULL; /* 160 bit buffer */
-  RSA *rsa = NULL;
-  DSA *dsa = NULL;
-  unsigned char *sigret = NULL;
-  unsigned int siglen;
-  xmlChar *b64_sigret = NULL, *e_b64_sigret = NULL;
-  xmlChar *new_query = NULL, *s_new_query = NULL;
-  int status = 0;
-  char *t;
-
-  g_return_val_if_fail(query != NULL, NULL);
-  g_return_val_if_fail(sign_method == LASSO_SIGNATURE_METHOD_RSA_SHA1 || \
-		       sign_method == LASSO_SIGNATURE_METHOD_DSA_SHA1, NULL);
-  g_return_val_if_fail(private_key_file != NULL, NULL);
-
-  bio = BIO_new_file(private_key_file, "rb");
-  if (bio == NULL) {
-    message(G_LOG_LEVEL_CRITICAL, "Failed to open %s private key file",
-	    private_key_file);
-    return NULL;
-  }
-
-  /* add SigAlg */
-  switch (sign_method) {
-  case LASSO_SIGNATURE_METHOD_RSA_SHA1:
-    t = xmlURIEscapeStr(xmlSecHrefRsaSha1, NULL);
-    new_query = g_strdup_printf("%s&SigAlg=%s", query, t);
-    xmlFree(t);
-    break;
-  case LASSO_SIGNATURE_METHOD_DSA_SHA1:
-    t = xmlURIEscapeStr(xmlSecHrefDsaSha1, NULL);
-    new_query = g_strdup_printf("%s&SigAlg=%s", query, t);
-    xmlFree(t);
-    break;
-  }
-
-  /* build buffer digest */
-  digest = lasso_sha1(new_query);
-  if (digest == NULL) {
-    message(G_LOG_LEVEL_CRITICAL, "Failed to build the buffer digest");
-    goto done;
-  }
-
-  /* calculate signature value */
-  if (sign_method == LASSO_SIGNATURE_METHOD_RSA_SHA1) {
-    /* load private key */
-    rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL);
-    if (rsa == NULL) {
-      goto done;
-    }
-    /* alloc memory for sigret */
-    sigret = (unsigned char *)g_malloc (RSA_size(rsa));
-    /* sign digest message */
-    status = RSA_sign(NID_sha1, digest, 20, sigret, &siglen, rsa);
-    RSA_free(rsa);
-  }
-  else if (sign_method == LASSO_SIGNATURE_METHOD_DSA_SHA1) {
-    dsa = PEM_read_bio_DSAPrivateKey(bio, NULL, NULL, NULL);
-    if (dsa == NULL) {
-      goto done;
-    }
-    sigret = (unsigned char *)g_malloc (DSA_size(dsa));
-    status = DSA_sign(NID_sha1, digest, 20, sigret, &siglen, dsa);
-    DSA_free(dsa);
-  }
-  if (status == 0) {
-    goto done;
-  }
-
-  /* Base64 encode the signature value */
-  b64_sigret = xmlSecBase64Encode(sigret, siglen, 0);
-  /* escape b64_sigret */
-  e_b64_sigret = xmlURIEscapeStr(b64_sigret, NULL);
-
-  /* add signature */
-  switch (sign_method) {
-  case LASSO_SIGNATURE_METHOD_RSA_SHA1:
-    s_new_query = g_strdup_printf("%s&Signature=%s", new_query, e_b64_sigret);
-    break;
-  case LASSO_SIGNATURE_METHOD_DSA_SHA1:
-    s_new_query = g_strdup_printf("%s&Signature=%s", new_query, e_b64_sigret);
-    break;
-  }
-
- done:
-  g_free(new_query);
-  xmlFree(digest);
-  BIO_free(bio);
-  free(sigret);
-  xmlFree(b64_sigret);
-  free(e_b64_sigret);
-
-  return s_new_query;
+	BIO *bio = NULL;
+	xmlChar *digest = NULL; /* 160 bit buffer */
+	RSA *rsa = NULL;
+	DSA *dsa = NULL;
+	unsigned char *sigret = NULL;
+	unsigned int siglen;
+	xmlChar *b64_sigret = NULL, *e_b64_sigret = NULL;
+	xmlChar *new_query = NULL, *s_new_query = NULL;
+	int status = 0;
+	char *t;
+
+	g_return_val_if_fail(query != NULL, NULL);
+	g_return_val_if_fail(sign_method == LASSO_SIGNATURE_METHOD_RSA_SHA1 ||
+			sign_method == LASSO_SIGNATURE_METHOD_DSA_SHA1, NULL);
+	g_return_val_if_fail(private_key_file != NULL, NULL);
+
+	bio = BIO_new_file(private_key_file, "rb");
+	if (bio == NULL) {
+		message(G_LOG_LEVEL_CRITICAL, "Failed to open %s private key file",
+				private_key_file);
+		return NULL;
+	}
+
+	/* add SigAlg */
+	switch (sign_method) {
+		case LASSO_SIGNATURE_METHOD_RSA_SHA1:
+			t = xmlURIEscapeStr(xmlSecHrefRsaSha1, NULL);
+			new_query = g_strdup_printf("%s&SigAlg=%s", query, t);
+			xmlFree(t);
+			break;
+		case LASSO_SIGNATURE_METHOD_DSA_SHA1:
+			t = xmlURIEscapeStr(xmlSecHrefDsaSha1, NULL);
+			new_query = g_strdup_printf("%s&SigAlg=%s", query, t);
+			xmlFree(t);
+			break;
+	}
+
+	/* build buffer digest */
+	digest = lasso_sha1(new_query);
+	if (digest == NULL) {
+		message(G_LOG_LEVEL_CRITICAL, "Failed to build the buffer digest");
+		goto done;
+	}
+
+	/* calculate signature value */
+	if (sign_method == LASSO_SIGNATURE_METHOD_RSA_SHA1) {
+		/* load private key */
+		rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL);
+		if (rsa == NULL) {
+			goto done;
+		}
+		/* alloc memory for sigret */
+		sigret = (unsigned char *)g_malloc (RSA_size(rsa));
+		/* sign digest message */
+		status = RSA_sign(NID_sha1, digest, 20, sigret, &siglen, rsa);
+		RSA_free(rsa);
+	}
+	else if (sign_method == LASSO_SIGNATURE_METHOD_DSA_SHA1) {
+		dsa = PEM_read_bio_DSAPrivateKey(bio, NULL, NULL, NULL);
+		if (dsa == NULL) {
+			goto done;
+		}
+		sigret = (unsigned char *)g_malloc (DSA_size(dsa));
+		status = DSA_sign(NID_sha1, digest, 20, sigret, &siglen, dsa);
+		DSA_free(dsa);
+	}
+	if (status == 0) {
+		goto done;
+	}
+
+	/* Base64 encode the signature value */
+	b64_sigret = xmlSecBase64Encode(sigret, siglen, 0);
+	/* escape b64_sigret */
+	e_b64_sigret = xmlURIEscapeStr(b64_sigret, NULL);
+
+	/* add signature */
+	switch (sign_method) {
+		case LASSO_SIGNATURE_METHOD_RSA_SHA1:
+			s_new_query = g_strdup_printf("%s&Signature=%s", new_query, e_b64_sigret);
+			break;
+		case LASSO_SIGNATURE_METHOD_DSA_SHA1:
+			s_new_query = g_strdup_printf("%s&Signature=%s", new_query, e_b64_sigret);
+			break;
+	}
+
+done:
+	g_free(new_query);
+	xmlFree(digest);
+	BIO_free(bio);
+	free(sigret);
+	xmlFree(b64_sigret);
+	free(e_b64_sigret);
+
+	return s_new_query;
 }
 
 /**
@@ -416,103 +414,104 @@ lasso_query_sign(xmlChar              *query,
  * a negative value if an error occurs during verification
  **/
 int
-lasso_query_verify_signature(const char   *query,
-			     const char *sender_public_key_file)
+lasso_query_verify_signature(const char *query, const char *sender_public_key_file)
 {
-  BIO *bio = NULL;
-  RSA *rsa = NULL;
-  DSA *dsa = NULL;
-  gchar **str_split = NULL;
-  lassoSignatureMethod  sign_method;
-  xmlChar *digest = NULL, *b64_signature = NULL;
-  xmlChar *e_rsa_alg = NULL, *e_dsa_alg = NULL;
-  xmlSecByte *signature;
-  int key_size, status = 0, ret = 0;
-
-  g_return_val_if_fail(query != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
-  g_return_val_if_fail(sender_public_key_file != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
-
-  /* split query, the signature MUST be the last param of the query */
-  str_split = g_strsplit(query, "&Signature=", 0);
-  if (str_split[1] == NULL) {
-    ret = LASSO_DS_ERROR_SIGNATURE_NOT_FOUND;
-    goto done;
-  }
-
-  /* create bio to read public key */
-  bio = BIO_new_file(sender_public_key_file, "rb");
-  if (bio == NULL) {
-    message(G_LOG_LEVEL_CRITICAL, lasso_strerror(LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED),
-	    sender_public_key_file);
-    ret = LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED;
-    goto done;
-  }  
-
-  /* get signature method (algorithm) and read public key */
-  e_rsa_alg = xmlURIEscapeStr(xmlSecHrefRsaSha1, NULL);
-  e_dsa_alg = xmlURIEscapeStr(xmlSecHrefDsaSha1, NULL);
-  if (g_strrstr(str_split[0], e_rsa_alg) != NULL) {
-    sign_method = LASSO_SIGNATURE_METHOD_RSA_SHA1;
-    rsa = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
-    /* rsa = PEM_read_bio_RSAPublicKey(bio, NULL, NULL, NULL); */
-    if (rsa == NULL) {
-      ret = LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED;
-      goto done;
-    }
-    key_size = RSA_size(rsa);
-  }
-  else if (g_strrstr(str_split[0], e_dsa_alg) != NULL) {
-    sign_method = LASSO_SIGNATURE_METHOD_DSA_SHA1;
-    dsa = PEM_read_bio_DSA_PUBKEY(bio, NULL, NULL, NULL);
-    if (dsa == NULL) {
-      ret = LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED;
-      goto done;
-    }
-    key_size = DSA_size(dsa);
-  }
-  else {
-    message(G_LOG_LEVEL_CRITICAL, lasso_strerror(LASSO_DS_ERROR_INVALID_SIGALG));
-    ret = LASSO_DS_ERROR_INVALID_SIGALG;
-    goto done;
-  }
-
-  /* get signature (unescape + base64 decode) */
-  signature = (xmlSecByte *)xmlMalloc(key_size+1);
-  b64_signature = xmlURIUnescapeString(str_split[1], 0, NULL);
-  xmlSecBase64Decode(b64_signature, signature, key_size+1);
-
-  /* calculate signature digest */
-  digest = lasso_sha1(str_split[0]);
-  if (digest == NULL) {
-    message(G_LOG_LEVEL_CRITICAL, lasso_strerror(LASSO_DS_ERROR_DIGEST_COMPUTE_FAILED));
-    ret = LASSO_DS_ERROR_DIGEST_COMPUTE_FAILED;
-    goto done;
-  }
-
-  if (sign_method == LASSO_SIGNATURE_METHOD_RSA_SHA1) {
-    status = RSA_verify(NID_sha1, digest, 20, signature, RSA_size(rsa), rsa);
-    /* printf("OpenSSL %s\n", ERR_error_string(ERR_get_error(), NULL)); */
-    /* printf("OpenSSL %s\n", ERR_error_string(ERR_peek_last_error(), NULL)); */
-  }
-  else if (sign_method == LASSO_SIGNATURE_METHOD_DSA_SHA1) {
-    status = DSA_verify(NID_sha1, digest, 20, signature, DSA_size(dsa), dsa);
-  }
-  if (status == 0) {
-    ret = LASSO_DS_ERROR_INVALID_SIGNATURE;
-  }
-
- done:
-  xmlFree(b64_signature);
-  xmlFree(signature);
-  xmlFree(digest);
-  xmlFree(e_rsa_alg);
-  xmlFree(e_dsa_alg);
-  g_strfreev(str_split);
-  BIO_free(bio);
-  RSA_free(rsa);
-  DSA_free(dsa);
-
-  return ret;
+	BIO *bio = NULL;
+	RSA *rsa = NULL;
+	DSA *dsa = NULL;
+	gchar **str_split = NULL;
+	lassoSignatureMethod  sign_method;
+	xmlChar *digest = NULL, *b64_signature = NULL;
+	xmlChar *e_rsa_alg = NULL, *e_dsa_alg = NULL;
+	xmlSecByte *signature;
+	int key_size, status = 0, ret = 0;
+
+	g_return_val_if_fail(query != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
+	g_return_val_if_fail(sender_public_key_file != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
+
+	/* split query, the signature MUST be the last param of the query */
+	str_split = g_strsplit(query, "&Signature=", 0);
+	if (str_split[1] == NULL) {
+		ret = LASSO_DS_ERROR_SIGNATURE_NOT_FOUND;
+		goto done;
+	}
+
+	/* create bio to read public key */
+	bio = BIO_new_file(sender_public_key_file, "rb");
+	if (bio == NULL) {
+		message(G_LOG_LEVEL_CRITICAL, 
+				lasso_strerror(LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED),
+				sender_public_key_file);
+		ret = LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED;
+		goto done;
+	}  
+
+	/* get signature method (algorithm) and read public key */
+	e_rsa_alg = xmlURIEscapeStr(xmlSecHrefRsaSha1, NULL);
+	e_dsa_alg = xmlURIEscapeStr(xmlSecHrefDsaSha1, NULL);
+	if (g_strrstr(str_split[0], e_rsa_alg) != NULL) {
+		sign_method = LASSO_SIGNATURE_METHOD_RSA_SHA1;
+		rsa = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
+		/* rsa = PEM_read_bio_RSAPublicKey(bio, NULL, NULL, NULL); */
+		if (rsa == NULL) {
+			ret = LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED;
+			goto done;
+		}
+		key_size = RSA_size(rsa);
+	}
+	else if (g_strrstr(str_split[0], e_dsa_alg) != NULL) {
+		sign_method = LASSO_SIGNATURE_METHOD_DSA_SHA1;
+		dsa = PEM_read_bio_DSA_PUBKEY(bio, NULL, NULL, NULL);
+		if (dsa == NULL) {
+			ret = LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED;
+			goto done;
+		}
+		key_size = DSA_size(dsa);
+	}
+	else {
+		message(G_LOG_LEVEL_CRITICAL, lasso_strerror(LASSO_DS_ERROR_INVALID_SIGALG));
+		ret = LASSO_DS_ERROR_INVALID_SIGALG;
+		goto done;
+	}
+
+	/* get signature (unescape + base64 decode) */
+	signature = (xmlSecByte *)xmlMalloc(key_size+1);
+	b64_signature = xmlURIUnescapeString(str_split[1], 0, NULL);
+	xmlSecBase64Decode(b64_signature, signature, key_size+1);
+
+	/* calculate signature digest */
+	digest = lasso_sha1(str_split[0]);
+	if (digest == NULL) {
+		message(G_LOG_LEVEL_CRITICAL, 
+				lasso_strerror(LASSO_DS_ERROR_DIGEST_COMPUTE_FAILED));
+		ret = LASSO_DS_ERROR_DIGEST_COMPUTE_FAILED;
+		goto done;
+	}
+
+	if (sign_method == LASSO_SIGNATURE_METHOD_RSA_SHA1) {
+		status = RSA_verify(NID_sha1, digest, 20, signature, RSA_size(rsa), rsa);
+		/* printf("OpenSSL %s\n", ERR_error_string(ERR_get_error(), NULL)); */
+		/* printf("OpenSSL %s\n", ERR_error_string(ERR_peek_last_error(), NULL)); */
+	}
+	else if (sign_method == LASSO_SIGNATURE_METHOD_DSA_SHA1) {
+		status = DSA_verify(NID_sha1, digest, 20, signature, DSA_size(dsa), dsa);
+	}
+	if (status == 0) {
+		ret = LASSO_DS_ERROR_INVALID_SIGNATURE;
+	}
+
+done:
+	xmlFree(b64_signature);
+	xmlFree(signature);
+	xmlFree(digest);
+	xmlFree(e_rsa_alg);
+	xmlFree(e_dsa_alg);
+	g_strfreev(str_split);
+	BIO_free(bio);
+	RSA_free(rsa);
+	DSA_free(dsa);
+
+	return ret;
 }
 
 /**
diff --git a/lasso/xml/xml.c b/lasso/xml/xml.c
index 7e1034af..e4e644b9 100644
--- a/lasso/xml/xml.c
+++ b/lasso/xml/xml.c
@@ -299,117 +299,118 @@ lasso_node_verify_signature(LassoNode *node,
 {
 	return 0;
 #if 0 /* XXX: signature should be verified when importing request */
-  xmlDocPtr doc = NULL;
-  xmlNodePtr xmlNode = NULL;
-  xmlNodePtr signature = NULL;
-  xmlNodePtr x509data = NULL;
-  xmlSecKeysMngrPtr keys_mngr = NULL;
-  xmlSecDSigCtxPtr dsigCtx = NULL;
-  xmlIDPtr id;
-  xmlAttrPtr id_attr;
-  xmlChar *id_value;
-  lassoPemFileType public_key_file_type;
-  gint ret = 0;
-
-  doc = xmlNewDoc("1.0");
-  /* Don't use xmlCopyNode here because it changes the attrs and ns order :-( */
-  xmlNode = lasso_node_get_xmlNode(node);
-  xmlAddChild((xmlNodePtr)doc, xmlNode);
-
-  /* FIXME : register 'AssertionID' ID attribute manually */
-  id_attr = lasso_node_get_attr(node, "AssertionID", NULL);
-  if (id_attr != NULL) {
-    id_value = xmlNodeListGetString(doc, id_attr->children, 1);
-    id = xmlAddID(NULL, doc, id_value, id_attr);
-    xmlFree(id_value);
-  }
-
-  /* find start node */
-  signature = xmlSecFindNode(xmlNode, xmlSecNodeSignature,
-			     xmlSecDSigNs);
-  if (signature == NULL) {
-    message(G_LOG_LEVEL_CRITICAL,
-	    lasso_strerror(LASSO_DS_ERROR_SIGNATURE_NOT_FOUND),
-	    node->private->node->name);
-    ret = LASSO_DS_ERROR_SIGNATURE_NOT_FOUND;
-    goto done;	
-  }
-
-  x509data = xmlSecFindNode(xmlNode, xmlSecNodeX509Data,
-			    xmlSecDSigNs);
-  if (x509data != NULL && ca_cert_chain_file != NULL) {
-    /* create a keys manager */
-    keys_mngr = lasso_load_certs_from_pem_certs_chain_file(ca_cert_chain_file);
-    if (keys_mngr == NULL) {
-      message(G_LOG_LEVEL_CRITICAL,
-	      lasso_strerror(LASSO_DS_ERROR_CA_CERT_CHAIN_LOAD_FAILED));
-      ret = LASSO_DS_ERROR_CA_CERT_CHAIN_LOAD_FAILED;
-      goto done;
-    }
-  }
-
-  /* create signature context */
-  dsigCtx = xmlSecDSigCtxCreate(keys_mngr);
-  if (dsigCtx == NULL) {
-    message(G_LOG_LEVEL_CRITICAL,
-	    lasso_strerror(LASSO_DS_ERROR_CONTEXT_CREATION_FAILED));
-    ret = LASSO_DS_ERROR_CONTEXT_CREATION_FAILED;
-    goto done;
-  }
-
-  if (keys_mngr == NULL) {
-    if (public_key_file != NULL) {
-      /* auto-detect public_key_file type */
-      public_key_file_type = lasso_get_pem_file_type(public_key_file);
-      if (public_key_file_type == LASSO_PEM_FILE_TYPE_CERT) {
-	/* public_key_file is a certificate file => get public key in it */
-	dsigCtx->signKey = lasso_get_public_key_from_pem_cert_file(public_key_file);
-      }
-      else {
-	/* load public key */
-	dsigCtx->signKey = xmlSecCryptoAppKeyLoad(public_key_file,
-						  xmlSecKeyDataFormatPem,
-						  NULL, NULL, NULL);
-      }
-    }
-    if (dsigCtx->signKey == NULL) {
-      message(G_LOG_LEVEL_CRITICAL,
-	      lasso_strerror(LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED),
-	      public_key_file);
-      ret = LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED;
-      goto done;
-    }
-  }
-
-  /* verify signature */
-  if (xmlSecDSigCtxVerify(dsigCtx, signature) < 0) {
-    message(G_LOG_LEVEL_CRITICAL,
-	    lasso_strerror(LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED),
-	    node->private->node->name);
-    ret = LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED;
-    goto done;
-  }
-
-  if (dsigCtx->status == xmlSecDSigStatusSucceeded) {
-    ret = 0;
-  }
-  else {
-    message(G_LOG_LEVEL_CRITICAL,
-	    lasso_strerror(LASSO_DS_ERROR_INVALID_SIGNATURE),
-	    node->private->node->name);
-    ret = LASSO_DS_ERROR_INVALID_SIGNATURE;
-  }
-
- done:
-  /* cleanup */
-  if(dsigCtx != NULL) {
-    xmlSecDSigCtxDestroy(dsigCtx);
-  }
-  if(keys_mngr != NULL) {
-    xmlSecKeysMngrDestroy(keys_mngr);
-  }
-  /* FIXME xmlFreeDoc(doc); */
-  return ret;
+	xmlDocPtr doc = NULL;
+	xmlNodePtr xmlNode = NULL;
+	xmlNodePtr signature = NULL;
+	xmlNodePtr x509data = NULL;
+	xmlSecKeysMngrPtr keys_mngr = NULL;
+	xmlSecDSigCtxPtr dsigCtx = NULL;
+	xmlIDPtr id;
+	xmlAttrPtr id_attr;
+	xmlChar *id_value;
+	lassoPemFileType public_key_file_type;
+	gint ret = 0;
+
+	doc = xmlNewDoc("1.0");
+	/* Don't use xmlCopyNode here because it changes the attrs and ns order :-( */
+	xmlNode = lasso_node_get_xmlNode(node);
+	xmlAddChild((xmlNodePtr)doc, xmlNode);
+
+	/* FIXME : register 'AssertionID' ID attribute manually */
+	id_attr = lasso_node_get_attr(node, "AssertionID", NULL);
+	if (id_attr != NULL) {
+		id_value = xmlNodeListGetString(doc, id_attr->children, 1);
+		id = xmlAddID(NULL, doc, id_value, id_attr);
+		xmlFree(id_value);
+	}
+
+	/* find start node */
+	signature = xmlSecFindNode(xmlNode, xmlSecNodeSignature,
+			xmlSecDSigNs);
+	if (signature == NULL) {
+		message(G_LOG_LEVEL_CRITICAL,
+				lasso_strerror(LASSO_DS_ERROR_SIGNATURE_NOT_FOUND),
+				node->private->node->name);
+		ret = LASSO_DS_ERROR_SIGNATURE_NOT_FOUND;
+		goto done;	
+	}
+
+	x509data = xmlSecFindNode(xmlNode, xmlSecNodeX509Data,
+			xmlSecDSigNs);
+	if (x509data != NULL && ca_cert_chain_file != NULL) {
+		/* create a keys manager */
+		keys_mngr = lasso_load_certs_from_pem_certs_chain_file(ca_cert_chain_file);
+		if (keys_mngr == NULL) {
+			message(G_LOG_LEVEL_CRITICAL,
+					lasso_strerror(LASSO_DS_ERROR_CA_CERT_CHAIN_LOAD_FAILED));
+			ret = LASSO_DS_ERROR_CA_CERT_CHAIN_LOAD_FAILED;
+			goto done;
+		}
+	}
+
+	/* create signature context */
+	dsigCtx = xmlSecDSigCtxCreate(keys_mngr);
+	if (dsigCtx == NULL) {
+		message(G_LOG_LEVEL_CRITICAL,
+				lasso_strerror(LASSO_DS_ERROR_CONTEXT_CREATION_FAILED));
+		ret = LASSO_DS_ERROR_CONTEXT_CREATION_FAILED;
+		goto done;
+	}
+
+	if (keys_mngr == NULL) {
+		if (public_key_file != NULL) {
+			/* auto-detect public_key_file type */
+			public_key_file_type = lasso_get_pem_file_type(public_key_file);
+			if (public_key_file_type == LASSO_PEM_FILE_TYPE_CERT) {
+				/* public_key_file is a certificate file => get public key in it */
+				dsigCtx->signKey = lasso_get_public_key_from_pem_cert_file(
+						public_key_file);
+			}
+			else {
+				/* load public key */
+				dsigCtx->signKey = xmlSecCryptoAppKeyLoad(public_key_file,
+						xmlSecKeyDataFormatPem,
+						NULL, NULL, NULL);
+			}
+		}
+		if (dsigCtx->signKey == NULL) {
+			message(G_LOG_LEVEL_CRITICAL,
+					lasso_strerror(LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED),
+					public_key_file);
+			ret = LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED;
+			goto done;
+		}
+	}
+
+	/* verify signature */
+	if (xmlSecDSigCtxVerify(dsigCtx, signature) < 0) {
+		message(G_LOG_LEVEL_CRITICAL,
+				lasso_strerror(LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED),
+				node->private->node->name);
+		ret = LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED;
+		goto done;
+	}
+
+	if (dsigCtx->status == xmlSecDSigStatusSucceeded) {
+		ret = 0;
+	}
+	else {
+		message(G_LOG_LEVEL_CRITICAL,
+				lasso_strerror(LASSO_DS_ERROR_INVALID_SIGNATURE),
+				node->private->node->name);
+		ret = LASSO_DS_ERROR_INVALID_SIGNATURE;
+	}
+
+done:
+	/* cleanup */
+	if(dsigCtx != NULL) {
+		xmlSecDSigCtxDestroy(dsigCtx);
+	}
+	if(keys_mngr != NULL) {
+		xmlSecKeysMngrDestroy(keys_mngr);
+	}
+	/* FIXME xmlFreeDoc(doc); */
+	return ret;
 #endif
 }
 
@@ -432,9 +433,6 @@ lasso_node_get_xmlNode(LassoNode *node)
 {
 	LassoNodeClass *class;
 	g_return_val_if_fail (LASSO_IS_NODE(node), NULL);
-#if 0
-	fprintf(stderr, "lasso_node_get_xmlNode for %p (%s)\n", node, G_OBJECT_TYPE_NAME(node));
-#endif
 	class = LASSO_NODE_GET_CLASS(node);
 	return class->get_xmlNode(node);
 }