SAML 2.0: API for Saml2EncryptedElement decrypt

 * lasso/xml/xml_enc.h:
   remove old functions
 * lasso/xml/private.h:
   remove lasso_node_(de/en)crypt from public headers API, they were not
   exported anyway. move them to internal header.
 * lasso/xml/saml-2.0/saml2_encrypted_element.{c,h}:
   add a new decrypt function to convert a EncryptedElement to the
   contained encrypted node objects.
 * bindings/overrrides.xml:
   do not export the new method, wait for implementation of output
   arguments.
 * lasso/id-ff/server.c:
   remove lasso_decrypt_nameid from lasso/id-ff/server.c

5 files changed, 44 insertions, 10 deletions

diff --git a/bindings/overrides.xml b/bindings/overrides.xml
index 061541be..4e5018ba 100644
--- a/bindings/overrides.xml
+++ b/bindings/overrides.xml
@@ -17,6 +17,7 @@
     <param name="subminor"/>
     <param name="mode" optional="true" default="c:LASSO_CHECK_VERSION_NUMERIC"/>
   </func>
+  <func name="lasso_saml2_encrypted_element_decrypt" skip="true"/>
   <func name="lasso_registry_default_add_direct_mapping" skip="true"/>
   <func name="lasso_registry_default_add_functional_mapping" skip="true"/>
   <func name="lasso_registry_default_get_mapping" skip="true"/>
diff --git a/lasso/xml/private.h b/lasso/xml/private.h
index 9bd87ac5..d8082e3b 100644
--- a/lasso/xml/private.h
+++ b/lasso/xml/private.h
@@ -146,6 +146,12 @@ gboolean lasso_node_init_from_deflated_query_part(LassoNode *node, char *deflate
 
 xmlNode* lasso_node_get_xmlnode_for_any_type(LassoNode *node, xmlNode *cur);
 
+LassoSaml2EncryptedElement* lasso_node_encrypt(LassoNode *lasso_node,
+	xmlSecKey *encryption_public_key, LassoEncryptionSymKeyType encryption_sym_key_type);
+
+LassoNode* lasso_node_decrypt(LassoSaml2EncryptedElement* encrypted_element,
+	xmlSecKey *encryption_private_key);
+
 char* lasso_concat_url_query(char *url, char *query);
 
 xmlDocPtr lasso_xml_parse_memory(const char *buffer, int size);
diff --git a/lasso/xml/saml-2.0/saml2_encrypted_element.c b/lasso/xml/saml-2.0/saml2_encrypted_element.c
index 030732a1..f1107522 100644
--- a/lasso/xml/saml-2.0/saml2_encrypted_element.c
+++ b/lasso/xml/saml-2.0/saml2_encrypted_element.c
@@ -24,11 +24,17 @@
 
 #include "../private.h"
 #include "saml2_encrypted_element.h"
+#include "../../utils.h"
+#include "../../errors.h"
+#include "../xml_enc.h"
 
 /**
  * SECTION:saml2_encrypted_element
  * @short_description: &lt;saml2:EncryptedElement&gt;
  *
+ * This element can contain an encrypted XML document fragment, use
+ * lasso_saml2_encrypted_element_decrypt() to retrieve it.
+ *
  * <figure><title>Schema fragment for saml2:EncryptedElement</title>
  * <programlisting><![CDATA[
  *
@@ -122,3 +128,33 @@ lasso_saml2_encrypted_element_new()
 {
 	return g_object_new(LASSO_TYPE_SAML2_ENCRYPTED_ELEMENT, NULL);
 }
+
+/**
+ * lasso_saml2_encrypted_element_decrypt:
+ * @encrypted_element: the #LassoSaml2EncryptedElement to decrypt
+ * @encryption_private_key: the #xmlSecKey to decrypt the node
+ *
+ *
+ * Decrypt the content of a #LassoSaml2EncryptedElement using the given #xmlSecKey.
+ * The #xmlNode resulting of decrypting it is converted into a #LassoNode object.
+ *
+ * Return value: 0 if successful, an error otherwise.
+ */
+int
+lasso_saml2_encrypted_element_decrypt(LassoSaml2EncryptedElement* encrypted_element,
+		xmlSecKey *encryption_private_key, LassoNode **decrypted_node)
+{
+	LassoNode *result;
+	int rc = 0;
+
+	result = lasso_node_decrypt(encrypted_element,
+			encryption_private_key);
+	if (result) {
+		lasso_assign_gobject(*decrypted_node, result);
+	} else {
+		rc = LASSO_DS_ERROR_DECRYPTION_FAILED;
+	}
+	lasso_release_gobject(result);
+
+	return rc;
+}
diff --git a/lasso/xml/saml-2.0/saml2_encrypted_element.h b/lasso/xml/saml-2.0/saml2_encrypted_element.h
index 1fbcdc72..81c812d5 100644
--- a/lasso/xml/saml-2.0/saml2_encrypted_element.h
+++ b/lasso/xml/saml-2.0/saml2_encrypted_element.h
@@ -67,8 +67,7 @@ struct _LassoSaml2EncryptedElementClass {
 
 LASSO_EXPORT GType lasso_saml2_encrypted_element_get_type(void);
 LASSO_EXPORT LassoNode* lasso_saml2_encrypted_element_new(void);
-
-
+LASSO_EXPORT int lasso_saml2_encrypted_element_decrypt(LassoSaml2EncryptedElement* encrypted_element, xmlSecKey *encryption_private_key, LassoNode** decrypted_node);
 
 #ifdef __cplusplus
 }
diff --git a/lasso/xml/xml_enc.h b/lasso/xml/xml_enc.h
index 506536dc..70f2f629 100644
--- a/lasso/xml/xml_enc.h
+++ b/lasso/xml/xml_enc.h
@@ -32,7 +32,6 @@ extern "C" {
 #include <xmlsec/xmlenc.h>
 
 #include <lasso/xml/xml.h>
-#include <lasso/xml/saml-2.0/saml2_encrypted_element.h>
 
 /**
  * LassoEncryptionSymKeyType:
@@ -50,13 +49,6 @@ typedef enum {
 	LASSO_ENCRYPTION_SYM_KEY_TYPE_3DES
 } LassoEncryptionSymKeyType;
 
-LassoSaml2EncryptedElement* lasso_node_encrypt(LassoNode *lasso_node,
-				xmlSecKey *encryption_public_key,
-				LassoEncryptionSymKeyType encryption_sym_key_type);
-LassoNode* lasso_node_decrypt(LassoSaml2EncryptedElement* encrypted_element,
-				xmlSecKey *encryption_private_key);
-
-
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */