Added lasso_provider_set_encryption method to activate or desactive encryption

5 files changed, 23 insertions, 4 deletions

diff --git a/lasso/id-ff/provider.c b/lasso/id-ff/provider.c
index 21bc0e8e..ac6654ff 100644
--- a/lasso/id-ff/provider.c
+++ b/lasso/id-ff/provider.c
@@ -735,6 +735,8 @@ lasso_provider_new(LassoProviderRole role, const char *metadata,
 
 	lasso_provider_load_public_key(provider, LASSO_PUBLIC_KEY_ENCRYPTION);
 
+	provider->private_data->encryption = FALSE;
+	
 	return provider;
 }
 
@@ -1004,3 +1006,16 @@ int lasso_provider_verify_signature(LassoProvider *provider,
 	xmlFreeDoc(doc);
 	return 0;
 }
+
+/**
+ * lasso_provider_set_encryption:
+ * @provider: provider to set encryption for
+ * @encryption_activation: TRUE to activate, FALSE, to desactivate
+ *
+ * Activate or desactivate encryption
+ **/
+void
+lasso_provider_set_encryption(LassoProvider *provider, gboolean encryption_activation)
+{
+	provider->private_data->encryption = encryption_activation;
+}
diff --git a/lasso/id-ff/provider.h b/lasso/id-ff/provider.h
index bc343263..73072d91 100644
--- a/lasso/id-ff/provider.h
+++ b/lasso/id-ff/provider.h
@@ -176,6 +176,9 @@ LASSO_EXPORT xmlNode* lasso_provider_get_organization(LassoProvider *provider);
 LASSO_EXPORT LassoProtocolConformance lasso_provider_get_protocol_conformance(
 		LassoProvider *provider);
 
+LASSO_EXPORT void lasso_provider_set_encryption(LassoProvider *provider,
+		gboolean encryption_activation);
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */
diff --git a/lasso/id-ff/providerprivate.h b/lasso/id-ff/providerprivate.h
index 214c7257..c9a7d5f3 100644
--- a/lasso/id-ff/providerprivate.h
+++ b/lasso/id-ff/providerprivate.h
@@ -58,6 +58,7 @@ struct _LassoProviderPrivate
 	xmlNode *signing_key_descriptor;
 	xmlSecKey *encryption_public_key;
 	xmlNode *encryption_key_descriptor;
+	gboolean encryption;
 };
 
 
diff --git a/lasso/saml-2.0/login.c b/lasso/saml-2.0/login.c
index 6a44cc66..d7eccf25 100644
--- a/lasso/saml-2.0/login.c
+++ b/lasso/saml-2.0/login.c
@@ -589,7 +589,8 @@ lasso_saml20_login_build_assertion(LassoLogin *login,
 	provider = g_hash_table_lookup(profile->server->providers, profile->remote_providerID);
 
 	/* If there is a key, encrypt NameID. Maybe there should be another condition ? */
-	if (provider && provider->private_data->encryption_public_key != NULL) {
+	if (provider && provider->private_data->encryption
+			&& provider->private_data->encryption_public_key != NULL) {
 		encrypted_element = LASSO_SAML2_ENCRYPTED_ELEMENT(lasso_node_encrypt(
 			LASSO_NODE(assertion->Subject->NameID),
 			provider->private_data->encryption_public_key));
@@ -630,7 +631,8 @@ lasso_saml20_login_build_assertion(LassoLogin *login,
 	response = LASSO_SAMLP2_RESPONSE(profile->response);
 
 	/* If there is a key, encrypt Assertion. Maybe there should be another condition ? */
-	if (provider && provider->private_data->encryption_public_key != NULL) {
+	if (provider && provider->private_data->encryption
+			&& provider->private_data->encryption_public_key != NULL) {
 		encrypted_element = LASSO_SAML2_ENCRYPTED_ELEMENT(lasso_node_encrypt(
 			LASSO_NODE(assertion),
 			provider->private_data->encryption_public_key));
diff --git a/lasso/saml-2.0/provider.c b/lasso/saml-2.0/provider.c
index 74eead48..782a494c 100644
--- a/lasso/saml-2.0/provider.c
+++ b/lasso/saml-2.0/provider.c
@@ -412,5 +412,3 @@ lasso_saml20_provider_accept_http_method(LassoProvider *provider, LassoProvider
 
 	return FALSE;
 }
-
-