From 109c56226010c7d01c18c622466a97118b9a627b Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Fri, 2 Dec 2011 19:25:12 +0100
Subject: [PATCH] [core] add method lasso_provider_set_specific_signing_key

Using this method you can specify a signing which will be used for
communication with the specified provider instead of the one configured
on the LassoServer object. The main objective is to allow shared secret
cryptography instead of public key cryptography.
---
 lasso/id-ff/provider.c | 28 ++++++++++++++++++++++++++++
 lasso/id-ff/provider.h |  4 ++++
 2 files changed, 32 insertions(+)

diff --git a/lasso/id-ff/provider.c b/lasso/id-ff/provider.c
index c1a157bd..758533e6 100644
--- a/lasso/id-ff/provider.c
+++ b/lasso/id-ff/provider.c
@@ -66,6 +66,7 @@ use this default role to access descriptors.</para>
 #include <unistd.h>
 #include "../utils.h"
 #include "../debug.h"
+#include "../keyprivate.h"
 
 static char *protocol_uris[LASSO_MD_PROTOCOL_TYPE_LAST] = {
 	"http://projectliberty.org/profiles/fedterm",
@@ -1344,6 +1345,7 @@ lasso_provider_verify_saml_signature(LassoProvider *provider,
 	/* Get provider credentials */
 	lasso_check_good_rc(lasso_provider_try_loading_ca_cert_chain(provider, &keys_manager));
 	lasso_check_good_rc(lasso_provider_try_loading_public_keys(provider, &public_keys, keys_manager == NULL));
+
 	lasso_foreach_full_begin(xmlSecKey*, public_key, it, public_keys);
 	{
 		signature_rc = lasso_verify_signature(signed_node, doc, id_attribute_name, keys_manager, public_key,
@@ -1747,3 +1749,29 @@ cleanup:
 	lasso_release_gobject(provider);
 	return ret;
 }
+
+/**
+ * lasso_provider_set_specific_signing_key:
+ * @provider: a #LassoProvider object
+ * @key: a #LassoKey object
+ *
+ * Return value: 0 if successful, an error code otherwise.
+ */
+lasso_error_t
+lasso_provider_set_specific_signing_key(LassoProvider *provider,
+		LassoKey *key)
+{
+	lasso_error_t rc = 0;
+	LassoSignatureContext context = LASSO_SIGNATURE_CONTEXT_NONE;
+
+	lasso_bad_param(PROVIDER, provider);
+	lasso_bad_param(KEY, key);
+
+	context = lasso_key_get_signature_context(key);
+	goto_cleanup_if_fail_with_rc(lasso_validate_signature_context(context),
+			LASSO_DS_ERROR_PRIVATE_KEY_LOAD_FAILED);
+	lasso_assign_signature_context(provider->private_data->signature_context,
+			context);
+cleanup:
+	return rc;
+}
diff --git a/lasso/id-ff/provider.h b/lasso/id-ff/provider.h
index 3c66541e..76c0b8a9 100644
--- a/lasso/id-ff/provider.h
+++ b/lasso/id-ff/provider.h
@@ -31,6 +31,7 @@ extern "C" {
 
 #include "../xml/xml.h"
 #include "../xml/xml_enc.h"
+#include "../key.h"
 
 #define LASSO_TYPE_PROVIDER (lasso_provider_get_type())
 #define LASSO_PROVIDER(obj) \
@@ -270,6 +271,9 @@ LASSO_EXPORT LassoProviderRole lasso_provider_get_roles(LassoProvider *provider)
 
 LASSO_EXPORT gboolean lasso_provider_match_conformance(LassoProvider *provider, LassoProvider *another_provider);
 
+LASSO_EXPORT lasso_error_t lasso_provider_set_specific_signing_key(LassoProvider *provider,
+		LassoKey *key);
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */