Added a new argument 'err' (GError *) in 5 methods:

	lasso_ds_signature_sign,
	lasso_node_add_signature,
	lasso_node_verify_signature,
	lasso_saml_assertion_set_signature,
	lasso_samlp_request_abstract_set_signature,
	lasso_samlp_response_abstract_set_signature
for reporting always more errors.

12 files changed, 237 insertions, 92 deletions

diff --git a/lasso/xml/ds_signature.c b/lasso/xml/ds_signature.c
index c60ad1de..e904ca10 100644
--- a/lasso/xml/ds_signature.c
+++ b/lasso/xml/ds_signature.c
@@ -23,6 +23,8 @@
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 
+#include "errors.h"
+
 #include <xmlsec/templates.h>
 #include <xmlsec/crypto.h>
 
@@ -34,19 +36,24 @@ The schema fragment ():
 */
 
 gint
-lasso_ds_signature_sign(LassoDsSignature *node,
-			const xmlChar    *private_key_file,
-			const xmlChar    *certificate_file)
+lasso_ds_signature_sign(LassoDsSignature  *node,
+			const xmlChar     *private_key_file,
+			const xmlChar     *certificate_file,
+			GError           **err)
 {
   xmlNodePtr signature = LASSO_NODE_GET_CLASS(node)->get_xmlNode(LASSO_NODE(node));
   xmlSecDSigCtxPtr dsig_ctx;
   gint ret = 0;
 
+  g_return_val_if_fail (err == NULL || *err == NULL, LASSO_ERR_ERROR_CHECK_FAILED);
+
   /* create signature context */
   dsig_ctx = xmlSecDSigCtxCreate(NULL);
   if(dsig_ctx == NULL) {
-    debug("Failed to create signature context.\n");
-    return(-1);
+    g_set_error(err, g_quark_from_string("Lasso"),
+		LASSO_DS_ERROR_CONTEXT_CREATION_FAILED,
+		lasso_strerror(LASSO_DS_ERROR_CONTEXT_CREATION_FAILED));
+    return(LASSO_DS_ERROR_CONTEXT_CREATION_FAILED);
   }
   
   /* load private key, assuming that there is not password */
@@ -54,22 +61,31 @@ lasso_ds_signature_sign(LassoDsSignature *node,
 					     xmlSecKeyDataFormatPem,
 					     NULL, NULL, NULL);
   if(dsig_ctx->signKey == NULL) {
-    ret = -2;
-    debug("Failed to load private pem key from \"%s\"\n", private_key_file);
+    g_set_error(err, g_quark_from_string("Lasso"),
+		LASSO_DS_ERROR_PRIVATE_KEY_LOAD_FAILED,
+		lasso_strerror(LASSO_DS_ERROR_PRIVATE_KEY_LOAD_FAILED),
+		private_key_file);
+    ret = LASSO_DS_ERROR_PRIVATE_KEY_LOAD_FAILED;
     goto done;
   }
   
   /* load certificate and add to the key */
   if(xmlSecCryptoAppKeyCertLoad(dsig_ctx->signKey, certificate_file,
 				xmlSecKeyDataFormatPem) < 0) {
-    ret = -3;
-    debug("Failed to load pem certificate \"%s\"\n", certificate_file);
+    g_set_error(err, g_quark_from_string("Lasso"),
+		LASSO_DS_ERROR_CERTIFICATE_LOAD_FAILED,
+		lasso_strerror(LASSO_DS_ERROR_CERTIFICATE_LOAD_FAILED),
+		certificate_file);
+    ret = LASSO_DS_ERROR_CERTIFICATE_LOAD_FAILED;
     goto done;
   }
 
   /* sign the template */
   if(xmlSecDSigCtxSign(dsig_ctx, signature) < 0) {
-    debug("Signature failed.\n");
+    g_set_error(err, g_quark_from_string("Lasso"),
+		LASSO_DS_ERROR_SIGNATURE_FAILED,
+		lasso_strerror(LASSO_DS_ERROR_SIGNATURE_FAILED));
+    ret = LASSO_DS_ERROR_SIGNATURE_FAILED;
   }
 
  done:
@@ -140,28 +156,28 @@ LassoNode* lasso_ds_signature_new(LassoNode        *node,
   signature = xmlSecTmplSignatureCreate(doc, xmlSecTransformExclC14NId,
 					sign_method, NULL);
   if (signature == NULL) {
-    message(G_LOG_LEVEL_ERROR, "Failed to create signature template\n");
+    message(G_LOG_LEVEL_CRITICAL, "Failed to create signature template\n");
   }
   reference = xmlSecTmplSignatureAddReference(signature,
 					      xmlSecTransformSha1Id,
 					      NULL, NULL, NULL);
   if (reference == NULL) {
-    message(G_LOG_LEVEL_ERROR, "Failed to add reference to signature template\n");
+    message(G_LOG_LEVEL_CRITICAL, "Failed to add reference to signature template\n");
   }
 
   /* add enveloped transform */
   if (xmlSecTmplReferenceAddTransform(reference, xmlSecTransformEnvelopedId) == NULL) {
-    message(G_LOG_LEVEL_ERROR, "Failed to add enveloped transform to reference\n");
+    message(G_LOG_LEVEL_CRITICAL, "Failed to add enveloped transform to reference\n");
   }
 
   /* add <dsig:KeyInfo/> and <dsig:X509Data/> */
   key_info = xmlSecTmplSignatureEnsureKeyInfo(signature, NULL);
   if(key_info == NULL) {
-    message(G_LOG_LEVEL_ERROR, "Failed to add key info\n");
+    message(G_LOG_LEVEL_CRITICAL, "Failed to add key info\n");
   }
   
   if(xmlSecTmplKeyInfoAddX509Data(key_info) == NULL) {
-    message(G_LOG_LEVEL_ERROR, "Failed to add X509Data node\n");
+    message(G_LOG_LEVEL_CRITICAL, "Failed to add X509Data node\n");
   }
 
   LASSO_NODE_GET_CLASS(sign_node)->set_xmlNode(sign_node, signature);
diff --git a/lasso/xml/ds_signature.h b/lasso/xml/ds_signature.h
index 69386f82..ffa60145 100644
--- a/lasso/xml/ds_signature.h
+++ b/lasso/xml/ds_signature.h
@@ -57,9 +57,10 @@ LASSO_EXPORT GType lasso_ds_signature_get_type(void);
 LASSO_EXPORT LassoNode* lasso_ds_signature_new(LassoNode        *node,
 					       xmlSecTransformId sign_method);
 
-LASSO_EXPORT gint lasso_ds_signature_sign (LassoDsSignature *node,
-					   const xmlChar    *private_key_file,
-					   const xmlChar    *certificate_file);
+LASSO_EXPORT gint lasso_ds_signature_sign (LassoDsSignature  *node,
+					   const xmlChar     *private_key_file,
+					   const xmlChar     *certificate_file,
+					   GError           **err);
 
 #ifdef __cplusplus
 }
diff --git a/lasso/xml/errors.c b/lasso/xml/errors.c
index df152193..f2e823cd 100644
--- a/lasso/xml/errors.c
+++ b/lasso/xml/errors.c
@@ -24,10 +24,14 @@
  */
 
 #include "errors.h"
+#include <stdio.h>
+#include <string.h>
 
 const char*
 lasso_strerror(int error_code)
 {
+  char msg[256];
+
   switch (error_code) {
   case LASSO_XML_ERROR_NODE_NOTFOUND:
     return "Unable to get '%s' child of '%s' element.\n";
@@ -37,7 +41,35 @@ lasso_strerror(int error_code)
     return "Unable to get '%s' attribute of '%s' element.\n";
   case LASSO_XML_ERROR_ATTR_VALUE_NOTFOUND:
     return "Unable to get '%s' attribute value of '%s' element.\n";
+
+  case LASSO_DS_ERROR_CONTEXT_CREATION_FAILED:
+    return "Failed to create signature context.\n";
+  case LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED:
+    return "Failed to load public key %s.\n";
+  case LASSO_DS_ERROR_PRIVATE_KEY_LOAD_FAILED:
+    return "Failed to load private key %s.\n";
+  case LASSO_DS_ERROR_CERTIFICATE_LOAD_FAILED:
+    return "Failed to load certificate %s.\n";
+  case LASSO_DS_ERROR_SIGNATURE_FAILED:
+    return "Failed to sign the node.\n";
+  case LASSO_DS_ERROR_SIGNATURE_NOTFOUND:
+    return "Signature element not found in %s.\n";
+  case LASSO_DS_ERROR_KEYS_MNGR_CREATION_FAILED:
+    return "Failed to create keys manager.\n";
+  case LASSO_DS_ERROR_KEYS_MNGR_INIT_FAILED:
+    return "Failed to initialize keys manager.\n";
+  case LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED:
+    return "Failed to verify signature of %s.\n";
+  case LASSO_DS_ERROR_INVALID_SIGNATURE:
+    return "The signature of %s is invalid.\n";
+
+  case LASSO_PARAM_ERROR_INVALID_OBJ_TYPE:
+    return "The type of an object provided as parameter is invalid.\n";
+  case LASSO_PARAM_ERROR_INVALID_VALUE:
+    return "The value of a parameter is invalid.\n";
+
   default:
-    return "Undefined error code !!!\n";
+    sprintf(msg, "Undefined error code %d !!!", error_code);
+    return(strdup(msg));
   }
 }
diff --git a/lasso/xml/errors.h b/lasso/xml/errors.h
index 61e0a844..a127148e 100644
--- a/lasso/xml/errors.h
+++ b/lasso/xml/errors.h
@@ -28,4 +28,22 @@
 #define LASSO_XML_ERROR_ATTR_NOTFOUND  -3
 #define LASSO_XML_ERROR_ATTR_VALUE_NOTFOUND  -4
 
+#define LASSO_XML_ERROR_UNDEFINED  -99
+
+#define LASSO_DS_ERROR_CONTEXT_CREATION_FAILED       -101
+#define LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED        -102
+#define LASSO_DS_ERROR_PRIVATE_KEY_LOAD_FAILED       -103
+#define LASSO_DS_ERROR_CERTIFICATE_LOAD_FAILED       -104
+#define LASSO_DS_ERROR_SIGNATURE_FAILED              -105
+#define LASSO_DS_ERROR_SIGNATURE_NOTFOUND            -106
+#define LASSO_DS_ERROR_KEYS_MNGR_CREATION_FAILED     -107
+#define LASSO_DS_ERROR_KEYS_MNGR_INIT_FAILED         -108
+#define LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED -109
+#define LASSO_DS_ERROR_INVALID_SIGNATURE             -110
+
+#define LASSO_PARAM_ERROR_INVALID_OBJ_TYPE -201
+#define LASSO_PARAM_ERROR_INVALID_VALUE    -202
+
+#define LASSO_ERR_ERROR_CHECK_FAILED  -666
+
 const char* lasso_strerror(int error_code);
diff --git a/lasso/xml/saml_assertion.c b/lasso/xml/saml_assertion.c
index 75a8c19d..a845ad70 100644
--- a/lasso/xml/saml_assertion.c
+++ b/lasso/xml/saml_assertion.c
@@ -23,6 +23,8 @@
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 
+#include "errors.h"
+
 #include <lasso/xml/saml_assertion.h>
 
 /*
@@ -245,18 +247,29 @@ lasso_saml_assertion_set_minorVersion(LassoSamlAssertion *node,
 }
 
 gint
-lasso_saml_assertion_set_signature(LassoSamlAssertion *node,
-				   gint                sign_method,
-				   const xmlChar      *private_key_file,
-				   const xmlChar      *certificate_file)
+lasso_saml_assertion_set_signature(LassoSamlAssertion  *node,
+				   gint                 sign_method,
+				   const xmlChar       *private_key_file,
+				   const xmlChar       *certificate_file,
+				   GError             **err)
 {
+  gint ret;
+  GError *tmp_err = NULL;
+
   g_assert(LASSO_IS_SAML_ASSERTION(node));
   g_assert(private_key_file != NULL);
   g_assert(certificate_file != NULL);
+  g_return_val_if_fail (err == NULL || *err == NULL, LASSO_ERR_ERROR_CHECK_FAILED);
 
   LassoNodeClass *class = LASSO_NODE_GET_CLASS(node);
-  return (class->add_signature(LASSO_NODE (node), sign_method,
-			       private_key_file, certificate_file));
+
+  ret = class->add_signature(LASSO_NODE (node), sign_method,
+			     private_key_file, certificate_file, &tmp_err);
+  if (ret < 0) {
+    g_propagate_error (err, tmp_err);
+  }
+
+  return (ret);
 }
 
 /*****************************************************************************/
diff --git a/lasso/xml/saml_assertion.h b/lasso/xml/saml_assertion.h
index 4e83803b..95962d02 100644
--- a/lasso/xml/saml_assertion.h
+++ b/lasso/xml/saml_assertion.h
@@ -90,10 +90,11 @@ LASSO_EXPORT void lasso_saml_assertion_set_majorVersion            (LassoSamlAss
 LASSO_EXPORT void lasso_saml_assertion_set_minorVersion            (LassoSamlAssertion *node,
 								    const xmlChar *minorVersion);
 
-LASSO_EXPORT gint lasso_saml_assertion_set_signature               (LassoSamlAssertion *node,
-								    gint                sign_method,
-								    const xmlChar      *private_key_file,
-								    const xmlChar      *certificate_file);
+LASSO_EXPORT gint lasso_saml_assertion_set_signature               (LassoSamlAssertion  *node,
+								    gint                 sign_method,
+								    const xmlChar       *private_key_file,
+								    const xmlChar       *certificate_file,
+								    GError             **err);
 
 #ifdef __cplusplus
 }
diff --git a/lasso/xml/samlp_request_abstract.c b/lasso/xml/samlp_request_abstract.c
index 12263a41..c6995d28 100644
--- a/lasso/xml/samlp_request_abstract.c
+++ b/lasso/xml/samlp_request_abstract.c
@@ -23,6 +23,8 @@
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 
+#include "errors.h"
+
 #include <lasso/xml/samlp_request_abstract.h>
 
 /*
@@ -111,19 +113,30 @@ lasso_samlp_request_abstract_set_requestID(LassoSamlpRequestAbstract *node,
   class->set_prop(LASSO_NODE (node), "RequestID", requestID);
 }
 
-void
-lasso_samlp_request_abstract_set_signature(LassoSamlpRequestAbstract *node,
-					   gint                       sign_method,
-					   const xmlChar             *private_key_file,
-					   const xmlChar             *certificate_file)
+gint
+lasso_samlp_request_abstract_set_signature(LassoSamlpRequestAbstract  *node,
+					   gint                        sign_method,
+					   const xmlChar              *private_key_file,
+					   const xmlChar              *certificate_file,
+					   GError                    **err)
 {
+  gint ret;
+  GError *tmp_err = NULL;
+
   g_assert(LASSO_IS_SAMLP_REQUEST_ABSTRACT(node));
   g_assert(private_key_file != NULL);
   g_assert(certificate_file != NULL);
+  g_return_val_if_fail (err == NULL || *err == NULL, LASSO_ERR_ERROR_CHECK_FAILED);
 
   LassoNodeClass *class = LASSO_NODE_GET_CLASS(node);
-  class->add_signature(LASSO_NODE (node), sign_method,
-		       private_key_file, certificate_file);
+
+  ret = class->add_signature(LASSO_NODE (node), sign_method,
+			     private_key_file, certificate_file, &tmp_err);
+  if (ret < 0) {
+    g_propagate_error (err, tmp_err);
+  }
+
+  return (ret);
 }
 
 /*****************************************************************************/
diff --git a/lasso/xml/samlp_request_abstract.h b/lasso/xml/samlp_request_abstract.h
index 0a913714..8e72ce9e 100644
--- a/lasso/xml/samlp_request_abstract.h
+++ b/lasso/xml/samlp_request_abstract.h
@@ -70,10 +70,11 @@ LASSO_EXPORT void lasso_samlp_request_abstract_set_minorVersion  (LassoSamlpRequ
 LASSO_EXPORT void lasso_samlp_request_abstract_set_requestID     (LassoSamlpRequestAbstract *node,
 								  const xmlChar *requestID);
 
-LASSO_EXPORT void lasso_samlp_request_abstract_set_signature     (LassoSamlpRequestAbstract *node,
-								  gint                       sign_method,
-								  const xmlChar             *private_key_file,
-								  const xmlChar             *certificate_file);
+LASSO_EXPORT gint lasso_samlp_request_abstract_set_signature     (LassoSamlpRequestAbstract  *node,
+								  gint                        sign_method,
+								  const xmlChar              *private_key_file,
+								  const xmlChar              *certificate_file,
+								  GError                    **err);
 
 #ifdef __cplusplus
 }
diff --git a/lasso/xml/samlp_response_abstract.c b/lasso/xml/samlp_response_abstract.c
index e66dead3..1823e6ff 100644
--- a/lasso/xml/samlp_response_abstract.c
+++ b/lasso/xml/samlp_response_abstract.c
@@ -23,6 +23,8 @@
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 
+#include "errors.h"
+
 #include <lasso/xml/samlp_response_abstract.h>
 
 /*
@@ -126,19 +128,30 @@ lasso_samlp_response_abstract_set_responseID(LassoSamlpResponseAbstract *node,
   class->set_prop(LASSO_NODE (node), "ResponseID", responseID);
 }
 
-void
-lasso_samlp_response_abstract_set_signature(LassoSamlpResponseAbstract *node,
-					    gint                       sign_method,
-					    const xmlChar             *private_key_file,
-					    const xmlChar             *certificate_file)
+gint
+lasso_samlp_response_abstract_set_signature(LassoSamlpResponseAbstract  *node,
+					    gint                         sign_method,
+					    const xmlChar               *private_key_file,
+					    const xmlChar               *certificate_file,
+					    GError                     **err)
 {
+  gint ret;
+  GError *tmp_err = NULL;
+
   g_assert(LASSO_IS_SAMLP_RESPONSE_ABSTRACT(node));
   g_assert(private_key_file != NULL);
   g_assert(certificate_file != NULL);
-  
+  g_return_val_if_fail (err == NULL || *err == NULL, LASSO_ERR_ERROR_CHECK_FAILED);
+
   LassoNodeClass *class = LASSO_NODE_GET_CLASS(node);
-  class->add_signature(LASSO_NODE (node), sign_method,
-		       private_key_file, certificate_file);
+
+  ret = class->add_signature(LASSO_NODE (node), sign_method,
+			     private_key_file, certificate_file, &tmp_err);
+  if (ret < 0) {
+    g_propagate_error (err, tmp_err);
+  }
+
+  return (ret);
 }
 
 /*****************************************************************************/
diff --git a/lasso/xml/samlp_response_abstract.h b/lasso/xml/samlp_response_abstract.h
index c834cac3..2c6771e7 100644
--- a/lasso/xml/samlp_response_abstract.h
+++ b/lasso/xml/samlp_response_abstract.h
@@ -73,10 +73,11 @@ LASSO_EXPORT void lasso_samlp_response_abstract_set_recipient     (LassoSamlpRes
 LASSO_EXPORT void lasso_samlp_response_abstract_set_responseID    (LassoSamlpResponseAbstract *node,
 								   const xmlChar *responseID);
 
-LASSO_EXPORT void lasso_samlp_response_abstract_set_signature     (LassoSamlpResponseAbstract *node,
-								   gint                        sign_method,
-								   const xmlChar              *private_key_file,
-								   const xmlChar              *certificate_file);
+LASSO_EXPORT gint lasso_samlp_response_abstract_set_signature     (LassoSamlpResponseAbstract  *node,
+								   gint                         sign_method,
+								   const xmlChar               *private_key_file,
+								   const xmlChar               *certificate_file,
+								   GError                     **err);
 
 #ifdef __cplusplus
 }
diff --git a/lasso/xml/xml.c b/lasso/xml/xml.c
index ff11a045..10f60824 100644
--- a/lasso/xml/xml.c
+++ b/lasso/xml/xml.c
@@ -399,13 +399,14 @@ lasso_node_rename_prop(LassoNode     *node,
  * Return value: 1 if signature is valid, 0 if invalid. -1 if an error occurs.
  **/
 gint
-lasso_node_verify_signature(LassoNode   *node,
-			    const gchar *certificate_file)
+lasso_node_verify_signature(LassoNode    *node,
+			    const gchar  *certificate_file,
+			    GError      **err)
 {
   g_return_val_if_fail (LASSO_IS_NODE(node), -1);
 
   LassoNodeClass *class = LASSO_NODE_GET_CLASS(node);
-  return (class->verify_signature(node, certificate_file));
+  return (class->verify_signature(node, certificate_file, err));
 }
 
 /*****************************************************************************/
@@ -424,15 +425,17 @@ lasso_node_add_child(LassoNode *node,
 }
 
 static gint
-lasso_node_add_signature(LassoNode         *node,
-			 gint               sign_method,
-			 const xmlChar     *private_key_file,
-			 const xmlChar     *certificate_file)
+lasso_node_add_signature(LassoNode      *node,
+			 gint            sign_method,
+			 const xmlChar  *private_key_file,
+			 const xmlChar  *certificate_file,
+			 GError        **err)
 {
   g_return_val_if_fail(LASSO_IS_NODE(node), -1);
 
   LassoNodeClass *class = LASSO_NODE_GET_CLASS(node);
-  return (class->add_signature(node, sign_method, private_key_file, certificate_file));
+  return (class->add_signature(node, sign_method, private_key_file,
+			       certificate_file, err));
 }
 
 static gchar *
@@ -968,18 +971,19 @@ lasso_node_impl_rename_prop(LassoNode     *node,
 }
 
 static gint
-lasso_node_impl_verify_signature(LassoNode   *node,
-				 const gchar *certificate_file)
+lasso_node_impl_verify_signature(LassoNode    *node,
+				 const gchar  *certificate_file,
+				 GError      **err)
 {
   xmlDocPtr doc = xmlNewDoc("1.0");
   xmlNodePtr xmlNode_copy = NULL;
   xmlNodePtr signature = NULL;
   xmlSecKeysMngrPtr mngr = NULL;
   xmlSecDSigCtxPtr dsigCtx = NULL;
-  gint ret = -3;
+  gint ret = 0;
 
-  g_return_val_if_fail (LASSO_IS_NODE(node), -4);
-  g_return_val_if_fail (certificate_file != NULL, -5);
+  g_return_val_if_fail (LASSO_IS_NODE(node), LASSO_PARAM_ERROR_INVALID_OBJ_TYPE);
+  g_return_val_if_fail (certificate_file != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
 
   /* create a copy of the xmlNode (node->private->node) of @node */
   xmlNode_copy = xmlCopyNode(lasso_node_get_xmlNode(node), 1);
@@ -991,20 +995,28 @@ lasso_node_impl_verify_signature(LassoNode   *node,
   signature = xmlSecFindNode(xmlNode_copy, xmlSecNodeSignature, 
 			     xmlSecDSigNs);
   if (signature == NULL) {
-    message(G_LOG_LEVEL_ERROR, "Signature element not found.\n");
-    ret = -2;
+    g_set_error(err, g_quark_from_string("Lasso"),
+		LASSO_DS_ERROR_SIGNATURE_NOTFOUND,
+		lasso_strerror(LASSO_DS_ERROR_SIGNATURE_NOTFOUND));
+    ret = LASSO_DS_ERROR_SIGNATURE_NOTFOUND;
     goto done;	
   }
 
   /* create simple keys mngr */
   mngr = xmlSecKeysMngrCreate();
   if (mngr == NULL) {
-    message(G_LOG_LEVEL_ERROR, "Failed to create keys manager.\n");
+    g_set_error(err, g_quark_from_string("Lasso"),
+		LASSO_DS_ERROR_KEYS_MNGR_CREATION_FAILED,
+		lasso_strerror(LASSO_DS_ERROR_KEYS_MNGR_CREATION_FAILED));
+    ret = LASSO_DS_ERROR_KEYS_MNGR_CREATION_FAILED;
     goto done;
   }
 
   if (xmlSecCryptoAppDefaultKeysMngrInit(mngr) < 0) {
-    message(G_LOG_LEVEL_ERROR, "Failed to initialize keys manager.\n");
+    g_set_error(err, g_quark_from_string("Lasso"),
+		LASSO_DS_ERROR_KEYS_MNGR_INIT_FAILED,
+		lasso_strerror(LASSO_DS_ERROR_KEYS_MNGR_INIT_FAILED));
+    ret = LASSO_DS_ERROR_KEYS_MNGR_INIT_FAILED;
     goto done;
   }
   
@@ -1012,21 +1024,30 @@ lasso_node_impl_verify_signature(LassoNode   *node,
   if (xmlSecCryptoAppKeysMngrCertLoad(mngr, certificate_file,
 				      xmlSecKeyDataFormatPem,
 				      xmlSecKeyDataTypeTrusted) < 0) {
-    message(G_LOG_LEVEL_ERROR, "Failed to load pem certificate from \"%s\".\n",
-	    certificate_file);
+    g_set_error(err, g_quark_from_string("Lasso"),
+		LASSO_DS_ERROR_CERTIFICATE_LOAD_FAILED,
+		lasso_strerror(LASSO_DS_ERROR_CERTIFICATE_LOAD_FAILED),
+		certificate_file);
+    ret = LASSO_DS_ERROR_CERTIFICATE_LOAD_FAILED;
     goto done;
   }
 
   /* create signature context */
   dsigCtx = xmlSecDSigCtxCreate(mngr);
   if (dsigCtx == NULL) {
-    message(G_LOG_LEVEL_ERROR, "Failed to create signature context.\n");
+    g_set_error(err, g_quark_from_string("Lasso"),
+		LASSO_DS_ERROR_CONTEXT_CREATION_FAILED,
+		lasso_strerror(LASSO_DS_ERROR_CONTEXT_CREATION_FAILED));
+    ret = LASSO_DS_ERROR_CONTEXT_CREATION_FAILED;
     goto done;
   }
 
   /* verify signature */
   if (xmlSecDSigCtxVerify(dsigCtx, signature) < 0) {
-    message(G_LOG_LEVEL_ERROR, "Failed to verify signature.\n");
+    g_set_error(err, g_quark_from_string("Lasso"),
+		LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED,
+		lasso_strerror(LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED));
+    ret = LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED;
     goto done;
   }
 
@@ -1034,8 +1055,11 @@ lasso_node_impl_verify_signature(LassoNode   *node,
     ret = 0;
   }
   else {
-    message(G_LOG_LEVEL_ERROR, "The signature of response is invalid.\n");
-    ret = -1;
+    g_set_error(err, g_quark_from_string("Lasso"),
+		LASSO_DS_ERROR_INVALID_SIGNATURE,
+		lasso_strerror(LASSO_DS_ERROR_INVALID_SIGNATURE),
+		node->private->node->name);
+    ret = LASSO_DS_ERROR_INVALID_SIGNATURE;
   }
 
  done:
@@ -1058,7 +1082,7 @@ lasso_node_impl_add_child(LassoNode *node,
 			  gboolean   unbounded)
 {
   xmlNodePtr old_child = NULL;
-  const xmlChar   *href = NULL;
+  const xmlChar *href = NULL;
 
   g_return_if_fail (LASSO_IS_NODE(node));
   g_return_if_fail (LASSO_IS_NODE(child));
@@ -1085,13 +1109,17 @@ lasso_node_impl_add_child(LassoNode *node,
 }
 
 static gint
-lasso_node_impl_add_signature(LassoNode     *node,
-			      gint           sign_method,
-			      const xmlChar *private_key_file,
-			      const xmlChar *certificate_file)
+lasso_node_impl_add_signature(LassoNode      *node,
+			      gint            sign_method,
+			      const xmlChar  *private_key_file,
+			      const xmlChar  *certificate_file,
+			      GError        **err)
 {
   LassoNode *signature = NULL;
   gint ret = 0;
+  GError *tmp_err = NULL;
+
+  g_return_val_if_fail (err == NULL || *err == NULL, LASSO_ERR_ERROR_CHECK_FAILED);
 
   switch (sign_method) {
   case lassoSignatureMethodRsaSha1:
@@ -1104,8 +1132,13 @@ lasso_node_impl_add_signature(LassoNode     *node,
   lasso_node_add_child(node, signature, TRUE);
   ret = lasso_ds_signature_sign(LASSO_DS_SIGNATURE(signature),
 				private_key_file,
-				certificate_file);
+				certificate_file,
+				&tmp_err);
   lasso_node_destroy(signature);
+  if (ret < 0) {
+    ret = tmp_err->code;
+    g_propagate_error(err, tmp_err);
+  }
 
   return (ret);
 }
@@ -1192,7 +1225,7 @@ lasso_node_impl_new_child(LassoNode     *node,
 {
   /* LassoNode *old_child = NULL; */
   xmlNodePtr old_child = NULL;
-  const xmlChar   *href = NULL;
+  const xmlChar *href = NULL;
 
   g_return_if_fail (LASSO_IS_NODE(node));
   g_return_if_fail (name != NULL);
@@ -1451,8 +1484,8 @@ lasso_node_class_init(LassoNodeClass *class)
   class->set_prop      = lasso_node_impl_set_prop;
   class->set_xmlNode   = lasso_node_impl_set_xmlNode;
   /* override parent class methods */
-  gobject_class->dispose  = lasso_node_dispose;
-  gobject_class->finalize = lasso_node_finalize;
+  gobject_class->dispose  = (void *)lasso_node_dispose;
+  gobject_class->finalize = (void *)lasso_node_finalize;
 }
 
 GType lasso_node_get_type() {
diff --git a/lasso/xml/xml.h b/lasso/xml/xml.h
index c519bf1d..20e146fb 100644
--- a/lasso/xml/xml.h
+++ b/lasso/xml/xml.h
@@ -106,15 +106,17 @@ struct _LassoNodeClass {
 				       const xmlChar *old_name,
 				       const xmlChar *new_name);
   gint           (* verify_signature) (LassoNode     *node,
-				       const gchar   *certificate_file);
+				       const gchar   *certificate_file,
+				       GError       **err);
   /*< private >*/
   void       (* add_child)     (LassoNode     *node,
 				LassoNode     *child,
 				gboolean       unbounded);
-  gint       (* add_signature) (LassoNode     *node,
-				gint           sign_method,
-				const xmlChar *private_key_file,
-				const xmlChar *certificate_file);
+  gint       (* add_signature) (LassoNode      *node,
+				gint            sign_method,
+				const xmlChar  *private_key_file,
+				const xmlChar  *certificate_file,
+				GError        **err);
   gchar*     (* build_query)   (LassoNode     *node);
   xmlNodePtr (* get_xmlNode)   (LassoNode     *node);
   void       (* new_child)     (LassoNode     *node,
@@ -192,12 +194,13 @@ LASSO_EXPORT void           lasso_node_import           (LassoNode     *node,
 LASSO_EXPORT void           lasso_node_import_from_node (LassoNode *node,
 							 LassoNode *imported_node);
 
-LASSO_EXPORT void           lasso_node_rename_prop      (LassoNode *node,
+LASSO_EXPORT void           lasso_node_rename_prop      (LassoNode     *node,
 							 const xmlChar *old_name,
 							 const xmlChar *new_name);
 
-LASSO_EXPORT gint           lasso_node_verify_signature (LassoNode *node,
-							 const gchar *certificate_file);
+LASSO_EXPORT gint           lasso_node_verify_signature (LassoNode    *node,
+							 const gchar  *certificate_file,
+							 GError      **err);
 
 #ifdef __cplusplus
 }