From 0986fa439a1d76349d50abf2c02577e7b5fc0b2b Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Thu, 10 Jun 2010 13:38:02 +0000 Subject: [PATCH] Core: add method lasso_server_set_encryption_private_key_with_password * fixes #91. --- docs/reference/lasso/lasso-sections.txt | 1 + lasso/id-ff/server.c | 37 +++++++++++++++++++++---- lasso/id-ff/server.h | 5 +++- 3 files changed, 36 insertions(+), 7 deletions(-) diff --git a/docs/reference/lasso/lasso-sections.txt b/docs/reference/lasso/lasso-sections.txt index 2e2908f0..2a317336 100644 --- a/docs/reference/lasso/lasso-sections.txt +++ b/docs/reference/lasso/lasso-sections.txt @@ -11,6 +11,7 @@ lasso_server_destroy lasso_server_dump lasso_server_get_provider lasso_server_set_encryption_private_key +lasso_server_set_encryption_private_key_with_password lasso_server_load_affiliation lasso_server_saml2_assertion_setup_signature diff --git a/lasso/id-ff/server.c b/lasso/id-ff/server.c index 6d646557..a4e2dadd 100644 --- a/lasso/id-ff/server.c +++ b/lasso/id-ff/server.c @@ -140,18 +140,44 @@ lasso_server_destroy(LassoServer *server) /** * lasso_server_set_encryption_private_key: * @server: a #LassoServer - * @filename:(allow-none): file name of the encryption key to load + * @filename_or_buffer:(allow-none): file name of the encryption key to load or its content as a + * NULL-terminated string. * * Load an encryption private key from a file and set it in the server object * + * If @filename_or_buffer is NULL, it frees the currently setted key. + * * Return value: 0 on success; another value if an error occured. + * Deprecated: 2.3: Use lasso_server_set_encryption_private_key_with_password() instead. **/ int -lasso_server_set_encryption_private_key(LassoServer *server, const gchar *filename) +lasso_server_set_encryption_private_key(LassoServer *server, const gchar *filename_or_buffer) { - /* FIXME: add a password argument */ - if (filename) { - xmlSecKey *key = lasso_xmlsec_load_private_key(filename, NULL); + return lasso_server_set_encryption_private_key_with_password(server, filename_or_buffer, + NULL); +} + +/** + * lasso_server_set_encryption_private_key_with_password: + * @server: a #LassoServer + * @filename_or_buffer:(allow-none): file name of the encryption key to load or its content as a + * NULL-terminated string. + * @password:(allow-none): an optional password to decrypt the encryption key. + * + * Load an encryption private key from a file and set it in the server object. If @password is + * non-NULL try to decrypt the key with it. + * + * If @filename_or_buffer is NULL, it frees the currently setted key. + * + * Return value: 0 on success; another value if an error occured. + * Since: 2.3 + **/ +int +lasso_server_set_encryption_private_key_with_password(LassoServer *server, + const gchar *filename_or_buffer, const gchar *password) +{ + if (filename_or_buffer) { + xmlSecKey *key = lasso_xmlsec_load_private_key(filename_or_buffer, password); if (! key || ! (xmlSecKeyGetType(key) & xmlSecKeyDataTypePrivate)) { return LASSO_SERVER_ERROR_SET_ENCRYPTION_PRIVATE_KEY_FAILED; } @@ -164,7 +190,6 @@ lasso_server_set_encryption_private_key(LassoServer *server, const gchar *filena return 0; } - /** * lasso_server_load_affiliation: * @server: a #LassoServer diff --git a/lasso/id-ff/server.h b/lasso/id-ff/server.h index fe8f5ae1..86c18cc4 100644 --- a/lasso/id-ff/server.h +++ b/lasso/id-ff/server.h @@ -96,10 +96,13 @@ LASSO_EXPORT LassoProvider* lasso_server_get_provider(const LassoServer *server, const gchar *providerID); LASSO_EXPORT int lasso_server_set_encryption_private_key(LassoServer *server, - const gchar *filename); + const gchar *filename_or_buffer); LASSO_EXPORT int lasso_server_load_affiliation(LassoServer *server, const gchar* filename); +LASSO_EXPORT int lasso_server_set_encryption_private_key_with_password(LassoServer *server, + const gchar *filename_or_buffer, const gchar *password); + #ifdef __cplusplus } #endif /* __cplusplus */