summaryrefslogtreecommitdiffstats
path: root/lasso/id-ff/provider.c
diff options
context:
space:
mode:
authorBenjamin Dauvergne <bdauvergne@entrouvert.com>2011-12-05 12:00:30 +0100
committerBenjamin Dauvergne <bdauvergne@entrouvert.com>2011-12-05 12:03:31 +0100
commit57241e3e86c40faf95e6dd5141b3fac2c67f9b4d (patch)
treebe6b3762d60089f96c14f1ab088aa95a514b5815 /lasso/id-ff/provider.c
parent109c56226010c7d01c18c622466a97118b9a627b (diff)
downloadlasso-57241e3e86c40faf95e6dd5141b3fac2c67f9b4d.tar.gz
lasso-57241e3e86c40faf95e6dd5141b3fac2c67f9b4d.tar.xz
lasso-57241e3e86c40faf95e6dd5141b3fac2c67f9b4d.zip
[core] add lasso_provider_add_key to add other key for signature validation
The added key can be appended or prepended, depending on the need for the key: - rollover - improving performances (using simpler cryptographic algorithmss using shared secret keys)
Diffstat (limited to 'lasso/id-ff/provider.c')
-rw-r--r--lasso/id-ff/provider.c41
1 files changed, 41 insertions, 0 deletions
diff --git a/lasso/id-ff/provider.c b/lasso/id-ff/provider.c
index 758533e6..6a03660d 100644
--- a/lasso/id-ff/provider.c
+++ b/lasso/id-ff/provider.c
@@ -1751,6 +1751,47 @@ cleanup:
}
/**
+ * lasso_provider_add_key:
+ * @provider: a #LassoProvider object
+ * @key: a #LassoKey object
+ * @after:(default FALSE): add the key at the end of the list, not on front.
+ *
+ * Add a new signature key for validating message received from @provider.
+ * If the key is used to improve verification time add it first with @after as true, it the key is
+ * ther for coninuitý of service (when doing a key rollover for example) at it last with @after as
+ * false.
+ *
+ * Return value: 0 if successful, an error code otherwise.
+ */
+lasso_error_t
+lasso_provider_add_key(LassoProvider *provider, LassoKey *key, gboolean after)
+{
+ LassoSignatureContext context;
+ lasso_error_t rc = 0;
+ GList **list = NULL;
+ xmlSecKey *xml_sec_key;
+
+ lasso_bad_param(PROVIDER, provider);
+ lasso_bad_param(KEY, key);
+
+ switch (lasso_key_get_key_type(key)) {
+ case LASSO_KEY_TYPE_FOR_SIGNATURE:
+ context = lasso_key_get_signature_context(key);
+ list = &provider->private_data->signing_public_keys;
+ xml_sec_key = xmlSecKeyDuplicate(context.signature_key);
+ break;
+ }
+ goto_cleanup_if_fail_with_rc(list && xml_sec_key, LASSO_PARAM_ERROR_INVALID_VALUE);
+ if (after) {
+ *list = g_list_append(*list, xml_sec_key);
+ } else {
+ *list = g_list_prepend(*list, xml_sec_key);
+ }
+cleanup:
+ return rc;
+}
+
+/**
* lasso_provider_set_specific_signing_key:
* @provider: a #LassoProvider object
* @key: a #LassoKey object
generated by cgit (git 2.34.1) at 2026-01-06 23:28:24 +0000