+ void registerEncryptionMethod(const XMLCh* alg) {
+ if (XMLToolingConfig::getConfig().isXMLAlgorithmSupported(alg, XMLToolingConfig::ALGTYPE_ENCRYPT) ||
+ XMLToolingConfig::getConfig().isXMLAlgorithmSupported(alg, XMLToolingConfig::ALGTYPE_KEYENCRYPT) ||
+ XMLToolingConfig::getConfig().isXMLAlgorithmSupported(alg, XMLToolingConfig::ALGTYPE_KEYAGREE)) {
+ // Non-default builder needed to override namespace/prefix.
+ if (!m_encryptionBuilder)
+ m_encryptionBuilder = XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_NS, EncryptionMethod::LOCAL_NAME));
+ EncryptionMethod* em = dynamic_cast<EncryptionMethod*>(
+ m_encryptionBuilder->buildObject(
+ samlconstants::SAML20MD_NS, EncryptionMethod::LOCAL_NAME, samlconstants::SAML20MD_PREFIX
+ )
+ );
+ em->setAlgorithm(alg);
+ m_encryptions.push_back(em);
+
+ if (
+#ifdef URI_ID_RSA_OAEP
+ XMLString::equals(alg, DSIGConstants::s_unicodeStrURIRSA_OAEP) ||
+#endif
+ XMLString::equals(alg, DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1)) {
+ // Check for non-support of SHA-256. This is a reasonable guess as to whether
+ // "all" standard digests and MGF variants will be supported or not, and if not, we
+ // explicitly advertise only SHA-1.
+ if (!XMLToolingConfig::getConfig().isXMLAlgorithmSupported(DSIGConstants::s_unicodeStrURISHA256, XMLToolingConfig::ALGTYPE_DIGEST)) {
+ if (!m_digestBuilder)
+ m_digestBuilder = XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_ALGSUPPORT_NS, DigestMethod::LOCAL_NAME));
+
+#ifdef URI_ID_RSA_OAEP
+ // Add MGF for new OAEP variant.
+ if (XMLString::equals(alg, DSIGConstants::s_unicodeStrURIRSA_OAEP)) {
+ MGF* mgf = MGFBuilder::buildMGF();
+ mgf->setAlgorithm(DSIGConstants::s_unicodeStrURIMGF1_SHA1);
+ em->getUnknownXMLObjects().push_back(mgf);
+ }
+#endif
+
+ DigestMethod* dm = dynamic_cast<DigestMethod*>(
+ m_digestBuilder->buildObject(xmlconstants::XMLSIG_NS, DigestMethod::LOCAL_NAME, xmlconstants::XMLSIG_PREFIX)
+ );
+ dm->setAlgorithm(DSIGConstants::s_unicodeStrURISHA1);
+ em->getUnknownXMLObjects().push_back(dm);
+ }
+ }
+ }
+ }
+
+ void registerDigestMethod(const XMLCh* alg) {
+ if (XMLToolingConfig::getConfig().isXMLAlgorithmSupported(alg, XMLToolingConfig::ALGTYPE_DIGEST)) {
+ DigestMethod* dm = DigestMethodBuilder::buildDigestMethod();
+ dm->setAlgorithm(alg);
+ m_digests.push_back(dm);
+ }
+ }
+
+ void registerSigningMethod(const XMLCh* alg) {
+ if (XMLToolingConfig::getConfig().isXMLAlgorithmSupported(alg, XMLToolingConfig::ALGTYPE_SIGN)) {
+ SigningMethod* sm = SigningMethodBuilder::buildSigningMethod();
+ sm->setAlgorithm(alg);
+ m_signings.push_back(sm);
+ }
+ }
+