From 57241e3e86c40faf95e6dd5141b3fac2c67f9b4d Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Mon, 5 Dec 2011 12:00:30 +0100
Subject: [PATCH] [core] add lasso_provider_add_key to add other key for
 signature validation

The added key can be appended or prepended, depending on the need for the key:
 - rollover
 - improving performances (using simpler cryptographic algorithmss using shared secret keys)
---
 lasso/id-ff/provider.c | 41 +++++++++++++++++++++++++++++++++++++++++
 lasso/id-ff/provider.h |  2 ++
 2 files changed, 43 insertions(+)

diff --git a/lasso/id-ff/provider.c b/lasso/id-ff/provider.c
index 758533e6..6a03660d 100644
--- a/lasso/id-ff/provider.c
+++ b/lasso/id-ff/provider.c
@@ -1750,6 +1750,47 @@ cleanup:
 	return ret;
 }
 
+/**
+ * lasso_provider_add_key:
+ * @provider: a #LassoProvider object
+ * @key: a #LassoKey object
+ * @after:(default FALSE): add the key at the end of the list, not on front.
+ *
+ * Add a new signature key for validating message received from @provider.
+ * If the key is used to improve verification time add it first with @after as true, it the key is
+ * ther for coninuitý of service (when doing a key rollover for example) at it last with @after as
+ * false.
+ *
+ * Return value: 0 if successful, an error code otherwise.
+ */
+lasso_error_t
+lasso_provider_add_key(LassoProvider *provider, LassoKey *key, gboolean after)
+{
+	LassoSignatureContext context;
+	lasso_error_t rc = 0;
+	GList **list = NULL;
+	xmlSecKey *xml_sec_key;
+
+	lasso_bad_param(PROVIDER, provider);
+	lasso_bad_param(KEY, key);
+
+	switch (lasso_key_get_key_type(key)) {
+		case LASSO_KEY_TYPE_FOR_SIGNATURE:
+			context = lasso_key_get_signature_context(key);
+			list = &provider->private_data->signing_public_keys;
+			xml_sec_key = xmlSecKeyDuplicate(context.signature_key);
+			break;
+	}
+	goto_cleanup_if_fail_with_rc(list && xml_sec_key, LASSO_PARAM_ERROR_INVALID_VALUE);
+	if (after) {
+		*list = g_list_append(*list, xml_sec_key);
+	} else {
+		*list = g_list_prepend(*list, xml_sec_key);
+	}
+cleanup:
+	return rc;
+}
+
 /**
  * lasso_provider_set_specific_signing_key:
  * @provider: a #LassoProvider object
diff --git a/lasso/id-ff/provider.h b/lasso/id-ff/provider.h
index 76c0b8a9..a9bc6a94 100644
--- a/lasso/id-ff/provider.h
+++ b/lasso/id-ff/provider.h
@@ -274,6 +274,8 @@ LASSO_EXPORT gboolean lasso_provider_match_conformance(LassoProvider *provider,
 LASSO_EXPORT lasso_error_t lasso_provider_set_specific_signing_key(LassoProvider *provider,
 		LassoKey *key);
 
+LASSO_EXPORT lasso_error_t lasso_provider_add_key(LassoProvider *provider, LassoKey *key, gboolean after);
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */