add a pem-public-key runtime flag

We want to deprecate support for loading PEM formatted key from ds:KeyValue nodes, before final removal it will have to be activated through a runtime flag (using LASSO_FLAG environment variable).
2018-05-01 10:51:46 +02:00 · 2018-05-01 10:51:46 +02:00 · 81a628202d
parent 760eb947ab
commit 81a628202d
2 changed files with 10 additions and 0 deletions
--- a/lasso/debug.h
+++ b/lasso/debug.h
@ -37,6 +37,7 @@ LASSO_EXPORT extern gboolean lasso_flag_strict_checking;
 LASSO_EXPORT extern gboolean lasso_flag_add_signature;
 LASSO_EXPORT extern gboolean lasso_flag_sign_messages;
 LASSO_EXPORT extern gboolean lasso_flag_thin_sessions;
+LASSO_EXPORT extern gboolean lasso_flag_pem_public_key;

 #ifdef __cplusplus
 }
--- a/lasso/lasso.c
+++ b/lasso/lasso.c
@ -61,6 +61,10 @@
 * <entry><literal>no-sign-messages</literal></entry>
 * <entry><para>Disable signatures on messages.</para></entry>
 * </rows>
+ * <rows>
+ * <entry><literal>pem-public-key</literal></entry>
+ * <entry><para>Allow PEM key in ds:KeyValue nodes, it's outside the XMLSig specification.</para></entry>
+ * </rows>
 * </tbody>
 * </tgroup>
 * </informaltable>
@ -97,6 +101,8 @@ static void lasso_flag_parse_environment_variable();
 gboolean lasso_flag_sign_messages = TRUE;
 /* thin sessions */
 gboolean lasso_flag_thin_sessions = FALSE;
+/* PEM public key */
+gboolean lasso_flag_pem_public_key = FALSE;

 #ifndef LASSO_FLAG_ENV_VAR
 #define LASSO_FLAG_ENV_VAR "LASSO_FLAG"
@ -329,6 +335,9 @@ void lasso_set_flag(char *flag) {
 		if (lasso_strisequal(flag,"thin-sessions")) {
 			lasso_flag_thin_sessions = value;
 		}
+		if (lasso_strisequal(flag,"pem-public-key")) {
+			lasso_flag_pem_public_key = value;
+		}
 	} while (FALSE);
 }