diff options
| author | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2010-01-04 09:14:25 +0000 |
|---|---|---|
| committer | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2010-01-04 09:14:25 +0000 |
| commit | 1dece2447decac4efc6aa2aa1fa4008bcad3201c (patch) | |
| tree | d20772de2bde872cb90b3f7601b384ae24c08bd6 | |
| parent | 689aa794b76c7bdee36f2882a23ca4fb1c3c90af (diff) | |
| download | lasso-1dece2447decac4efc6aa2aa1fa4008bcad3201c.tar.gz lasso-1dece2447decac4efc6aa2aa1fa4008bcad3201c.tar.xz lasso-1dece2447decac4efc6aa2aa1fa4008bcad3201c.zip | |
Core: in provider.c, add lasso_provider_verify_single_node_signature
* lasso/id-ff/provider.c lasso/id-ff/provider.h:
add a new function to check an enclosed single signature on a
LassoNode, given that the LassoNode retained its original xml node
content.
| -rw-r--r-- | lasso/id-ff/provider.c | 28 | ||||
| -rw-r--r-- | lasso/id-ff/provider.h | 3 |
2 files changed, 31 insertions, 0 deletions
diff --git a/lasso/id-ff/provider.c b/lasso/id-ff/provider.c index a7df20ba..0fd8de69 100644 --- a/lasso/id-ff/provider.c +++ b/lasso/id-ff/provider.c @@ -1371,3 +1371,31 @@ lasso_provider_get_sp_name_qualifier(LassoProvider *provider) return NULL; } } + +/** + * lasso_provider_verify_single_node_signature: + * @provider: a #LassoProvider object + * @node: a #LassoNode object, still having its originalXmlnode content, and containing an XML + * signature. + * @id_attr_name: the name of the ID attribute to lookup. + * + * Return wheter the provider signed this node. + * + * Return value: 0 if the node is signed by this provider, an error code otherwise. + */ +int +lasso_provider_verify_single_node_signature (LassoProvider *provider, LassoNode *node, const char *id_attr_name) +{ + xmlNode *xmlnode = NULL; + xmlSecKey *xmlseckey = NULL; + + xmlnode = lasso_node_get_original_xmlnode (node); + if (xmlnode == NULL) { + return LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED; + } + xmlseckey = lasso_provider_get_public_key (provider); + if (xmlseckey == NULL) { + return LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED; + } + return lasso_verify_signature(xmlnode, NULL, id_attr_name, NULL, xmlseckey, NO_SINGLE_REFERENCE, NULL); +} diff --git a/lasso/id-ff/provider.h b/lasso/id-ff/provider.h index 454aa339..cd85e8e3 100644 --- a/lasso/id-ff/provider.h +++ b/lasso/id-ff/provider.h @@ -206,6 +206,9 @@ LASSO_EXPORT gchar* lasso_provider_get_default_name_id_format(const LassoProvide LASSO_EXPORT char* lasso_provider_get_sp_name_qualifier(LassoProvider *provider); +LASSO_EXPORT int lasso_provider_verify_single_node_signature (LassoProvider *provider, + LassoNode *node, const char *id_attr_name); + #ifdef __cplusplus } #endif /* __cplusplus */ |