2 * Licensed to UCAID under one or more contributor license agreements.
3 * See the NOTICE file distributed with this work for additional information
4 * regarding copyright ownership. The ASF licenses this file to you under
5 * the Apache License, Version 2.0 (the "License"); you may not use this
6 * file except in compliance with the License. You may obtain a copy of the
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
19 * XMLToolingConfig.cpp
21 * Library configuration.
25 #include "exceptions.h"
27 #include "XMLToolingConfig.h"
28 #include "encryption/Encryption.h"
29 #include "encryption/Encrypter.h"
30 #include "impl/UnknownElement.h"
31 #include "io/HTTPResponse.h"
32 #include "security/TrustEngine.h"
33 #include "security/OpenSSLCryptoX509CRL.h"
34 #include "security/CredentialResolver.h"
35 #include "security/KeyInfoResolver.h"
36 #include "signature/KeyInfo.h"
37 #include "signature/Signature.h"
38 #include "soap/SOAP.h"
40 #include "util/PathResolver.h"
41 #include "util/ReplayCache.h"
42 #include "util/StorageService.h"
43 #include "util/TemplateEngine.h"
44 #include "util/Threads.h"
45 #include "util/URLEncoder.h"
46 #include "validation/ValidatorSuite.h"
53 #if defined(XMLTOOLING_LOG4SHIB)
54 # include <log4shib/PropertyConfigurator.hh>
55 # include <log4shib/OstreamAppender.hh>
56 #elif defined(XMLTOOLING_LOG4CPP)
57 # include <log4cpp/PropertyConfigurator.hh>
58 # include <log4cpp/OstreamAppender.hh>
60 #include <xercesc/util/PlatformUtils.hpp>
61 #include <xercesc/util/XMLUniDefs.hpp>
62 #ifndef XMLTOOLING_NO_XMLSEC
63 # include <curl/curl.h>
64 # include <openssl/err.h>
65 # include <openssl/evp.h>
66 # include <xsec/framework/XSECAlgorithmMapper.hpp>
67 # include <xsec/framework/XSECException.hpp>
68 # include <xsec/framework/XSECProvider.hpp>
69 # include <xsec/transformers/TXFMBase.hpp>
72 using namespace soap11;
73 using namespace xmltooling::logging;
74 using namespace xmltooling;
75 using namespace xercesc;
79 # if (OPENSSL_VERSION_NUMBER >= 0x00908000)
80 # define XMLTOOLING_OPENSSL_HAVE_SHA2 1
85 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLParserException,xmltooling);
86 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLObjectException,xmltooling);
87 DECL_XMLTOOLING_EXCEPTION_FACTORY(MarshallingException,xmltooling);
88 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnmarshallingException,xmltooling);
89 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownElementException,xmltooling);
90 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownAttributeException,xmltooling);
91 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownExtensionException,xmltooling);
92 DECL_XMLTOOLING_EXCEPTION_FACTORY(ValidationException,xmltooling);
93 DECL_XMLTOOLING_EXCEPTION_FACTORY(IOException,xmltooling);
95 #ifndef XMLTOOLING_NO_XMLSEC
96 using namespace xmlencryption;
97 using namespace xmlsignature;
98 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLSecurityException,xmltooling);
99 DECL_XMLTOOLING_EXCEPTION_FACTORY(SignatureException,xmlsignature);
100 DECL_XMLTOOLING_EXCEPTION_FACTORY(EncryptionException,xmlencryption);
104 static XMLToolingInternalConfig g_config;
105 #ifndef XMLTOOLING_NO_XMLSEC
106 static vector<Mutex*> g_openssl_locks;
108 extern "C" void openssl_locking_callback(int mode,int n,const char *file,int line)
110 if (mode & CRYPTO_LOCK)
111 g_openssl_locks[n]->lock();
113 g_openssl_locks[n]->unlock();
117 extern "C" unsigned long openssl_thread_id(void)
119 return (unsigned long)(pthread_self());
123 # ifdef XMLTOOLING_XMLSEC_DEBUGLOGGING
124 class TXFMOutputLog : public TXFMBase {
127 TXFMOutputLog(DOMDocument* doc) : TXFMBase(doc), m_log(Category::getInstance(XMLTOOLING_LOGCAT".Signature.Debugger")) {
131 m_log.debug("\n----- END SIGNATURE DEBUG -----\n");
134 void setInput(TXFMBase *newInput) {
136 if (newInput->getOutputType() != TXFMBase::BYTE_STREAM)
137 throw XSECException(XSECException::TransformInputOutputFail, "OutputLog transform requires BYTE_STREAM input");
138 keepComments = input->getCommentsStatus();
139 m_log.debug("\n----- BEGIN SIGNATURE DEBUG -----\n");
142 TXFMBase::ioType getInputType() {
143 return TXFMBase::BYTE_STREAM;
145 TXFMBase::ioType getOutputType() {
146 return TXFMBase::BYTE_STREAM;
148 TXFMBase::nodeType getNodeType() {
149 return TXFMBase::DOM_NODE_NONE;
152 unsigned int readBytes(XMLByte * const toFill, const unsigned int maxToFill) {
153 unsigned int sz = input->readBytes(toFill, maxToFill);
154 m_log.debug(string(reinterpret_cast<char* const>(toFill), sz));
158 DOMDocument* getDocument() {
161 DOMNode* getFragmentNode() {
164 const XMLCh* getFragmentId() {
172 TXFMBase* TXFMOutputLogFactory(DOMDocument* doc) {
173 if (Category::getInstance(XMLTOOLING_LOGCAT".Signature.Debugger").isDebugEnabled())
174 return new TXFMOutputLog(doc);
183 LPCSTR lpUNCServerName,
189 LPCSTR messages[] = {message, nullptr};
191 HANDLE hElog = RegisterEventSource(lpUNCServerName, "OpenSAML XMLTooling Library");
192 BOOL res = ReportEvent(hElog, wType, 0, dwEventID, lpUserSid, 1, 0, messages, nullptr);
193 return (DeregisterEventSource(hElog) && res);
198 XMLToolingConfig& XMLToolingConfig::getConfig()
203 XMLToolingInternalConfig& XMLToolingInternalConfig::getInternalConfig()
208 #ifndef XMLTOOLING_NO_XMLSEC
209 XMLToolingConfig::XMLToolingConfig()
210 : m_keyInfoResolver(nullptr), m_replayCache(nullptr), m_pathResolver(nullptr), m_templateEngine(nullptr), m_urlEncoder(nullptr), clock_skew_secs(180)
212 XMLToolingConfig::XMLToolingConfig()
213 : m_pathResolver(nullptr), m_templateEngine(nullptr), m_urlEncoder(nullptr), clock_skew_secs(180)
218 XMLToolingConfig::~XMLToolingConfig()
222 bool XMLToolingInternalConfig::log_config(const char* config)
225 if (!config || !*config)
226 config=getenv("XMLTOOLING_LOG_CONFIG");
227 if (!config || !*config)
231 Category& root = Category::getRoot();
232 if (!strcmp(config,"DEBUG")) {
233 root.setPriority(Priority::DEBUG);
236 else if (!strcmp(config,"INFO")) {
237 root.setPriority(Priority::INFO);
240 else if (!strcmp(config,"NOTICE")) {
241 root.setPriority(Priority::NOTICE);
244 else if (!strcmp(config,"WARN")) {
245 root.setPriority(Priority::WARN);
248 else if (!strcmp(config,"ERROR")) {
249 root.setPriority(Priority::ERROR);
252 else if (!strcmp(config,"CRIT")) {
253 root.setPriority(Priority::CRIT);
256 else if (!strcmp(config,"ALERT")) {
257 root.setPriority(Priority::ALERT);
260 else if (!strcmp(config,"EMERG")) {
261 root.setPriority(Priority::EMERG);
264 else if (!strcmp(config,"FATAL")) {
265 root.setPriority(Priority::FATAL);
269 root.setAppender(new OstreamAppender("default",&cerr));
273 PropertyConfigurator::configure(m_pathResolver ? m_pathResolver->resolve(path, PathResolver::XMLTOOLING_CFG_FILE) : path);
276 #ifndef XMLTOOLING_NO_XMLSEC
277 Category::getInstance(XMLTOOLING_LOGCAT".Signature.Debugger").setAdditivity(false);
280 catch (const ConfigureFailure& e) {
281 string msg = string("failed to configure logging: ") + e.what();
282 Category::getInstance(XMLTOOLING_LOGCAT".Logging").crit(msg);
284 LogEvent(nullptr, EVENTLOG_ERROR_TYPE, 2100, nullptr, msg.c_str());
292 #ifndef XMLTOOLING_LITE
293 const KeyInfoResolver* XMLToolingConfig::getKeyInfoResolver() const
295 return m_keyInfoResolver;
298 ReplayCache* XMLToolingConfig::getReplayCache() const
300 return m_replayCache;
303 void XMLToolingConfig::setKeyInfoResolver(xmltooling::KeyInfoResolver *keyInfoResolver)
305 delete m_keyInfoResolver;
306 m_keyInfoResolver = keyInfoResolver;
309 void XMLToolingConfig::setReplayCache(ReplayCache* replayCache)
311 delete m_replayCache;
312 m_replayCache = replayCache;
316 PathResolver* XMLToolingConfig::getPathResolver() const
318 return m_pathResolver;
321 TemplateEngine* XMLToolingConfig::getTemplateEngine() const
323 return m_templateEngine;
326 const URLEncoder* XMLToolingConfig::getURLEncoder() const
331 void XMLToolingConfig::setPathResolver(PathResolver* pathResolver)
333 delete m_pathResolver;
334 m_pathResolver = pathResolver;
337 void XMLToolingConfig::setTemplateEngine(TemplateEngine* templateEngine)
339 delete m_templateEngine;
340 m_templateEngine = templateEngine;
343 void XMLToolingConfig::setURLEncoder(URLEncoder* urlEncoder)
346 m_urlEncoder = urlEncoder;
349 bool XMLToolingInternalConfig::init()
352 xmltooling::NDC ndc("init");
354 Category& log=Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig");
356 log.debug("library initialization started");
358 #ifndef XMLTOOLING_NO_XMLSEC
359 if (curl_global_init(CURL_GLOBAL_ALL)) {
360 log.fatal("failed to initialize libcurl, OpenSSL, or Winsock");
363 curl_version_info_data* curlver = curl_version_info(CURLVERSION_NOW);
365 log.debug("libcurl %s initialization complete", curlver->version);
366 if (!(curlver->features & CURL_VERSION_SSL)) {
367 log.warn("libcurl lacks TLS/SSL support, this will greatly limit functionality");
371 log.debug("libcurl %s initialization complete", LIBCURL_VERSION);
375 XMLPlatformUtils::Initialize();
376 log.debug("Xerces %s initialization complete", XERCES_FULLVERSIONDOT);
378 #ifndef XMLTOOLING_NO_XMLSEC
379 XSECPlatformUtils::Initialise();
380 # ifdef XMLTOOLING_XMLSEC_DEBUGLOGGING
381 XSECPlatformUtils::SetReferenceLoggingSink(TXFMOutputLogFactory);
383 m_xsecProvider=new XSECProvider();
384 log.debug("XML-Security %s initialization complete", XSEC_FULLVERSIONDOT);
387 m_parserPool=new ParserPool();
388 m_validatingPool=new ParserPool(true,true);
389 m_lock=XMLPlatformUtils::makeMutex();
391 // Load catalogs from path.
392 if (!catalog_path.empty()) {
393 char* catpath=strdup(catalog_path.c_str());
396 while (start && *start) {
397 sep=strchr(start,PATH_SEPARATOR_CHAR);
400 auto_ptr_XMLCh temp(start);
401 m_validatingPool->loadCatalog(temp.get());
402 start = sep ? sep + 1 : nullptr;
407 // default registrations
408 XMLObjectBuilder::registerDefaultBuilder(new UnknownElementBuilder());
410 registerSOAPClasses();
412 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLParserException,xmltooling);
413 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLObjectException,xmltooling);
414 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(MarshallingException,xmltooling);
415 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnmarshallingException,xmltooling);
416 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnknownElementException,xmltooling);
417 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnknownAttributeException,xmltooling);
418 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(ValidationException,xmltooling);
419 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(IOException,xmltooling);
421 #ifndef XMLTOOLING_NO_XMLSEC
422 XMLObjectBuilder::registerBuilder(QName(xmlconstants::XMLSIG_NS,Signature::LOCAL_NAME),new SignatureBuilder());
423 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLSecurityException,xmltooling);
424 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(SignatureException,xmlsignature);
425 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(EncryptionException,xmlencryption);
426 registerKeyInfoClasses();
427 registerEncryptionClasses();
428 registerKeyInfoResolvers();
429 registerCredentialResolvers();
430 registerTrustEngines();
431 registerXMLAlgorithms();
432 registerSOAPTransports();
433 initSOAPTransports();
434 registerStorageServices();
435 m_keyInfoResolver = KeyInfoResolverManager.newPlugin(INLINE_KEYINFO_RESOLVER,nullptr);
438 m_pathResolver = new PathResolver();
439 m_urlEncoder = new URLEncoder();
441 HTTPResponse::getAllowedSchemes().push_back("https");
442 HTTPResponse::getAllowedSchemes().push_back("http");
444 // Register xml:id as an ID attribute.
445 static const XMLCh xmlid[] = UNICODE_LITERAL_2(i,d);
446 AttributeExtensibleXMLObject::registerIDAttribute(QName(xmlconstants::XML_NS, xmlid));
448 catch (const xercesc::XMLException&) {
449 log.fatal("caught exception while initializing Xerces");
450 #ifndef XMLTOOLING_NO_XMLSEC
451 curl_global_cleanup();
456 #ifndef XMLTOOLING_NO_XMLSEC
457 // Set up OpenSSL locking.
458 for (int i=0; i<CRYPTO_num_locks(); i++)
459 g_openssl_locks.push_back(Mutex::create());
460 CRYPTO_set_locking_callback(openssl_locking_callback);
462 CRYPTO_set_id_callback(openssl_thread_id);
466 log.info("%s library initialization complete", PACKAGE_STRING);
470 void XMLToolingInternalConfig::term()
472 #ifndef XMLTOOLING_NO_XMLSEC
473 CRYPTO_set_locking_callback(nullptr);
474 for_each(g_openssl_locks.begin(), g_openssl_locks.end(), xmltooling::cleanup<Mutex>());
475 g_openssl_locks.clear();
478 SchemaValidators.destroyValidators();
479 XMLObjectBuilder::destroyBuilders();
480 XMLToolingException::deregisterFactories();
481 AttributeExtensibleXMLObject::deregisterIDAttributes();
483 #ifndef XMLTOOLING_NO_XMLSEC
484 StorageServiceManager.deregisterFactories();
485 termSOAPTransports();
486 SOAPTransportManager.deregisterFactories();
487 TrustEngineManager.deregisterFactories();
488 CredentialResolverManager.deregisterFactories();
489 KeyInfoResolverManager.deregisterFactories();
490 m_algorithmMap.clear();
492 delete m_keyInfoResolver;
493 m_keyInfoResolver = nullptr;
495 delete m_replayCache;
496 m_replayCache = nullptr;
499 delete m_pathResolver;
500 m_pathResolver = nullptr;
502 delete m_templateEngine;
503 m_templateEngine = nullptr;
506 m_urlEncoder = nullptr;
508 for (vector<void*>::reverse_iterator i=m_libhandles.rbegin(); i!=m_libhandles.rend(); i++) {
510 FARPROC fn=GetProcAddress(static_cast<HMODULE>(*i),"xmltooling_extension_term");
513 FreeLibrary(static_cast<HMODULE>(*i));
514 #elif defined(HAVE_DLFCN_H)
515 void (*fn)()=(void (*)())dlsym(*i,"xmltooling_extension_term");
520 # error "Don't know about dynamic loading on this platform!"
523 m_libhandles.clear();
526 m_parserPool=nullptr;
527 delete m_validatingPool;
528 m_validatingPool=nullptr;
530 #ifndef XMLTOOLING_NO_XMLSEC
531 delete m_xsecProvider;
532 m_xsecProvider=nullptr;
533 XSECPlatformUtils::Terminate();
536 XMLPlatformUtils::closeMutex(m_lock);
538 XMLPlatformUtils::Terminate();
540 #ifndef XMLTOOLING_NO_XMLSEC
541 curl_global_cleanup();
544 xmltooling::NDC ndc("term");
546 Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig").info("%s library shutdown complete", PACKAGE_STRING);
549 Lockable* XMLToolingInternalConfig::lock()
551 xercesc::XMLPlatformUtils::lockMutex(m_lock);
555 void XMLToolingInternalConfig::unlock()
557 xercesc::XMLPlatformUtils::unlockMutex(m_lock);
560 bool XMLToolingInternalConfig::load_library(const char* path, void* context)
563 xmltooling::NDC ndc("LoadLibrary");
565 Category& log=Category::getInstance(XMLTOOLING_LOGCAT".XMLToolingConfig");
566 log.info("loading extension: %s", path);
570 string resolved(path);
571 m_pathResolver->resolve(resolved, PathResolver::XMLTOOLING_LIB_FILE);
574 HMODULE handle=nullptr;
575 for (string::iterator i = resolved.begin(); i != resolved.end(); ++i)
579 UINT em=SetErrorMode(SEM_FAILCRITICALERRORS);
581 handle=LoadLibraryEx(resolved.c_str(),nullptr,LOAD_WITH_ALTERED_SEARCH_PATH);
583 handle=LoadLibraryEx(resolved.c_str(),nullptr,0);
585 throw runtime_error(string("unable to load extension library: ") + resolved);
586 FARPROC fn=GetProcAddress(handle,"xmltooling_extension_init");
588 throw runtime_error(string("unable to locate xmltooling_extension_init entry point: ") + resolved);
589 if (reinterpret_cast<int(*)(void*)>(fn)(context)!=0)
590 throw runtime_error(string("detected error in xmltooling_extension_init: ") + resolved);
600 #elif defined(HAVE_DLFCN_H)
601 void* handle=dlopen(resolved.c_str(),RTLD_LAZY);
603 throw runtime_error(string("unable to load extension library '") + resolved + "': " + dlerror());
604 int (*fn)(void*)=(int (*)(void*))(dlsym(handle,"xmltooling_extension_init"));
608 string("unable to locate xmltooling_extension_init entry point in '") + resolved + "': " +
609 (dlerror() ? dlerror() : "unknown error")
614 throw runtime_error(string("detected error in xmltooling_extension_init in ") + resolved);
622 # error "Don't know about dynamic loading on this platform!"
624 m_libhandles.push_back(handle);
625 log.info("loaded extension: %s", resolved.c_str());
629 #ifndef XMLTOOLING_NO_XMLSEC
631 void xmltooling::log_openssl()
637 unsigned long code=ERR_get_error_line_data(&file,&line,&data,&flags);
639 Category& log=Category::getInstance("OpenSSL");
640 log.errorStream() << "error code: " << code << " in " << file << ", line " << line << logging::eol;
641 if (data && (flags & ERR_TXT_STRING))
642 log.errorStream() << "error data: " << data << logging::eol;
643 code=ERR_get_error_line_data(&file,&line,&data,&flags);
647 XSECCryptoX509CRL* XMLToolingInternalConfig::X509CRL() const
649 return new OpenSSLCryptoX509CRL();
652 pair<const char*,unsigned int> XMLToolingInternalConfig::mapXMLAlgorithmToKeyAlgorithm(const XMLCh* xmlAlgorithm) const
654 for (algmap_t::const_iterator i = m_algorithmMap.begin(); i != m_algorithmMap.end(); ++i) {
655 algmap_t::value_type::second_type::const_iterator j = i->second.find(xmlAlgorithm);
656 if (j != i->second.end())
657 return pair<const char*,unsigned int>(j->second.first.c_str(), j->second.second);
659 return pair<const char*,unsigned int>(nullptr, 0);
662 void XMLToolingInternalConfig::registerXMLAlgorithm(
663 const XMLCh* xmlAlgorithm, const char* keyAlgorithm, unsigned int size, XMLSecurityAlgorithmType type
666 m_algorithmMap[type][xmlAlgorithm] = pair<string,unsigned int>((keyAlgorithm ? keyAlgorithm : ""), size);
669 bool XMLToolingInternalConfig::isXMLAlgorithmSupported(const XMLCh* xmlAlgorithm, XMLSecurityAlgorithmType type)
672 // First check for basic support from the xmlsec layer.
673 if (XSECPlatformUtils::g_algorithmMapper->mapURIToHandler(xmlAlgorithm)) {
674 // Make sure the algorithm is registered.
675 algmap_t::const_iterator i = m_algorithmMap.find(type);
676 if (i != m_algorithmMap.end()) {
677 algmap_t::value_type::second_type::const_iterator j = i->second.find(xmlAlgorithm);
678 if (j != i->second.end())
683 catch (XSECException&) {
688 void XMLToolingInternalConfig::registerXMLAlgorithms()
690 // The deal with all the macros is to try and figure out with no false positives whether
691 // the OpenSSL version *and* the XML-Security version support the algorithms.
693 // With ECDSA, XML-Security exports a public macro for OpenSSL's support, and any
694 // versions of XML-Security that didn't provide the macro don't handle ECDSA anyway.
696 // With AES, all supported XML-Security versions export a macro for OpenSSL's support.
698 // With SHA2, only the very latest XML-Security exports a macro, but all the versions
699 // will handle SHA2 *if* OpenSSL does. So we use our own macro to check OpenSSL's
700 // support, and then add checks to see if specific versions are compiled out.
702 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIMD5, nullptr, 0, ALGTYPE_DIGEST);
703 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURISHA1, nullptr, 0, ALGTYPE_DIGEST);
704 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
705 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURISHA224, nullptr, 0, ALGTYPE_DIGEST);
706 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURISHA256, nullptr, 0, ALGTYPE_DIGEST);
708 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA512)
709 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURISHA384, nullptr, 0, ALGTYPE_DIGEST);
710 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURISHA512, nullptr, 0, ALGTYPE_DIGEST);
713 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIDSA_SHA1, "DSA", 0, ALGTYPE_SIGN);
714 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_MD5, "RSA", 0, ALGTYPE_SIGN);
715 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA1, "RSA", 0, ALGTYPE_SIGN);
716 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
717 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA224, "RSA", 0, ALGTYPE_SIGN);
718 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA256, "RSA", 0, ALGTYPE_SIGN);
720 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA512)
721 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA384, "RSA", 0, ALGTYPE_SIGN);
722 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA512, "RSA", 0, ALGTYPE_SIGN);
725 #ifdef XSEC_OPENSSL_HAVE_EC
726 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA1, "EC", 0, ALGTYPE_SIGN);
727 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
728 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA256, "EC", 0, ALGTYPE_SIGN);
730 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA512)
731 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA384, "EC", 0, ALGTYPE_SIGN);
732 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA512, "EC", 0, ALGTYPE_SIGN);
736 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA1, "HMAC", 0, ALGTYPE_SIGN);
737 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
738 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA224, "HMAC", 0, ALGTYPE_SIGN);
739 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA256, "HMAC", 0, ALGTYPE_SIGN);
741 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA512)
742 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA384, "HMAC", 0, ALGTYPE_SIGN);
743 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA512, "HMAC", 0, ALGTYPE_SIGN);
746 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_1_5, "RSA", 0, ALGTYPE_KEYENCRYPT);
747 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1, "RSA", 0, ALGTYPE_KEYENCRYPT);
749 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURI3DES_CBC, "DESede", 192, ALGTYPE_ENCRYPT);
750 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_3DES, "DESede", 192, ALGTYPE_KEYENCRYPT);
752 #ifdef XSEC_OPENSSL_HAVE_AES
753 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES128_CBC, "AES", 128, ALGTYPE_ENCRYPT);
754 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES128, "AES", 128, ALGTYPE_KEYENCRYPT);
756 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES192_CBC, "AES", 192, ALGTYPE_ENCRYPT);
757 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES192, "AES", 192, ALGTYPE_KEYENCRYPT);
759 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES256_CBC, "AES", 256, ALGTYPE_ENCRYPT);
760 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES256, "AES", 256, ALGTYPE_KEYENCRYPT);
768 extern "C" __declspec(dllexport) BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID)
770 if (fdwReason == DLL_THREAD_DETACH || fdwReason == DLL_PROCESS_DETACH)
771 ThreadKey::onDetach();