[core] add lasso_provider_add_key to add other key for signature validation
The added key can be appended or prepended, depending on the need for the key: - rollover - improving performances (using simpler cryptographic algorithmss using shared secret keys)
This commit is contained in:
parent
109c562260
commit
57241e3e86
|
@ -1750,6 +1750,47 @@ cleanup:
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* lasso_provider_add_key:
|
||||||
|
* @provider: a #LassoProvider object
|
||||||
|
* @key: a #LassoKey object
|
||||||
|
* @after:(default FALSE): add the key at the end of the list, not on front.
|
||||||
|
*
|
||||||
|
* Add a new signature key for validating message received from @provider.
|
||||||
|
* If the key is used to improve verification time add it first with @after as true, it the key is
|
||||||
|
* ther for coninuitý of service (when doing a key rollover for example) at it last with @after as
|
||||||
|
* false.
|
||||||
|
*
|
||||||
|
* Return value: 0 if successful, an error code otherwise.
|
||||||
|
*/
|
||||||
|
lasso_error_t
|
||||||
|
lasso_provider_add_key(LassoProvider *provider, LassoKey *key, gboolean after)
|
||||||
|
{
|
||||||
|
LassoSignatureContext context;
|
||||||
|
lasso_error_t rc = 0;
|
||||||
|
GList **list = NULL;
|
||||||
|
xmlSecKey *xml_sec_key;
|
||||||
|
|
||||||
|
lasso_bad_param(PROVIDER, provider);
|
||||||
|
lasso_bad_param(KEY, key);
|
||||||
|
|
||||||
|
switch (lasso_key_get_key_type(key)) {
|
||||||
|
case LASSO_KEY_TYPE_FOR_SIGNATURE:
|
||||||
|
context = lasso_key_get_signature_context(key);
|
||||||
|
list = &provider->private_data->signing_public_keys;
|
||||||
|
xml_sec_key = xmlSecKeyDuplicate(context.signature_key);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
goto_cleanup_if_fail_with_rc(list && xml_sec_key, LASSO_PARAM_ERROR_INVALID_VALUE);
|
||||||
|
if (after) {
|
||||||
|
*list = g_list_append(*list, xml_sec_key);
|
||||||
|
} else {
|
||||||
|
*list = g_list_prepend(*list, xml_sec_key);
|
||||||
|
}
|
||||||
|
cleanup:
|
||||||
|
return rc;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* lasso_provider_set_specific_signing_key:
|
* lasso_provider_set_specific_signing_key:
|
||||||
* @provider: a #LassoProvider object
|
* @provider: a #LassoProvider object
|
||||||
|
|
|
@ -274,6 +274,8 @@ LASSO_EXPORT gboolean lasso_provider_match_conformance(LassoProvider *provider,
|
||||||
LASSO_EXPORT lasso_error_t lasso_provider_set_specific_signing_key(LassoProvider *provider,
|
LASSO_EXPORT lasso_error_t lasso_provider_set_specific_signing_key(LassoProvider *provider,
|
||||||
LassoKey *key);
|
LassoKey *key);
|
||||||
|
|
||||||
|
LASSO_EXPORT lasso_error_t lasso_provider_add_key(LassoProvider *provider, LassoKey *key, gboolean after);
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
#endif /* __cplusplus */
|
#endif /* __cplusplus */
|
||||||
|
|
Loading…
Reference in New Issue