2 * Licensed to the University Corporation for Advanced Internet
3 * Development, Inc. (UCAID) under one or more contributor license
4 * agreements. See the NOTICE file distributed with this work for
5 * additional information regarding copyright ownership.
7 * UCAID licenses this file to you under the Apache License,
8 * Version 2.0 (the "License"); you may not use this file except
9 * in compliance with the License. You may obtain a copy of the
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17 * either express or implied. See the License for the specific
18 * language governing permissions and limitations under the License.
22 * XMLToolingConfig.cpp
24 * Library configuration.
28 #include "exceptions.h"
30 #include "XMLToolingConfig.h"
31 #include "encryption/Encryption.h"
32 #include "encryption/Encrypter.h"
33 #include "impl/UnknownElement.h"
34 #include "io/HTTPResponse.h"
35 #include "security/TrustEngine.h"
36 #include "security/OpenSSLCryptoX509CRL.h"
37 #include "security/CredentialResolver.h"
38 #include "security/KeyInfoResolver.h"
39 #include "security/PathValidator.h"
40 #include "signature/KeyInfo.h"
41 #include "signature/Signature.h"
42 #include "soap/SOAP.h"
43 #include "soap/SOAPTransport.h"
45 #include "util/PathResolver.h"
46 #include "util/ReplayCache.h"
47 #include "util/StorageService.h"
48 #include "util/TemplateEngine.h"
49 #include "util/Threads.h"
50 #include "util/URLEncoder.h"
51 #include "validation/ValidatorSuite.h"
58 #include <boost/ptr_container/ptr_vector.hpp>
60 #if defined(XMLTOOLING_LOG4SHIB)
61 # include <log4shib/PropertyConfigurator.hh>
62 # include <log4shib/OstreamAppender.hh>
63 #elif defined(XMLTOOLING_LOG4CPP)
64 # include <log4cpp/PropertyConfigurator.hh>
65 # include <log4cpp/OstreamAppender.hh>
67 #include <xercesc/util/PlatformUtils.hpp>
68 #include <xercesc/util/XMLUniDefs.hpp>
69 #ifndef XMLTOOLING_NO_XMLSEC
70 # include <curl/curl.h>
71 # include <openssl/err.h>
72 # include <openssl/evp.h>
73 # include <xsec/framework/XSECAlgorithmMapper.hpp>
74 # include <xsec/framework/XSECException.hpp>
75 # include <xsec/framework/XSECProvider.hpp>
76 # include <xsec/transformers/TXFMBase.hpp>
79 using namespace soap11;
80 using namespace xmltooling::logging;
81 using namespace xmltooling;
82 using namespace xercesc;
83 using namespace boost;
87 # if (OPENSSL_VERSION_NUMBER >= 0x00908000)
88 # define XMLTOOLING_OPENSSL_HAVE_SHA2 1
93 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLParserException,xmltooling);
94 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLObjectException,xmltooling);
95 DECL_XMLTOOLING_EXCEPTION_FACTORY(MarshallingException,xmltooling);
96 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnmarshallingException,xmltooling);
97 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownElementException,xmltooling);
98 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownAttributeException,xmltooling);
99 DECL_XMLTOOLING_EXCEPTION_FACTORY(UnknownExtensionException,xmltooling);
100 DECL_XMLTOOLING_EXCEPTION_FACTORY(ValidationException,xmltooling);
101 DECL_XMLTOOLING_EXCEPTION_FACTORY(IOException,xmltooling);
103 #ifndef XMLTOOLING_NO_XMLSEC
104 using namespace xmlencryption;
105 using namespace xmlsignature;
106 DECL_XMLTOOLING_EXCEPTION_FACTORY(XMLSecurityException,xmltooling);
107 DECL_XMLTOOLING_EXCEPTION_FACTORY(SignatureException,xmlsignature);
108 DECL_XMLTOOLING_EXCEPTION_FACTORY(EncryptionException,xmlencryption);
112 static XMLToolingInternalConfig g_config;
113 #ifndef XMLTOOLING_NO_XMLSEC
114 static ptr_vector<Mutex> g_openssl_locks;
116 extern "C" void openssl_locking_callback(int mode,int n,const char *file,int line)
118 if (mode & CRYPTO_LOCK)
119 g_openssl_locks[n].lock();
121 g_openssl_locks[n].unlock();
125 extern "C" unsigned long openssl_thread_id(void)
127 return (unsigned long)(pthread_self());
131 # ifdef XMLTOOLING_XMLSEC_DEBUGLOGGING
132 class TXFMOutputLog : public TXFMBase {
135 TXFMOutputLog(DOMDocument* doc) : TXFMBase(doc), m_log(Category::getInstance(XMLTOOLING_LOGCAT ".Signature.Debugger")) {
139 m_log.debug("\n----- END SIGNATURE DEBUG -----\n");
142 void setInput(TXFMBase *newInput) {
144 if (newInput->getOutputType() != TXFMBase::BYTE_STREAM)
145 throw XSECException(XSECException::TransformInputOutputFail, "OutputLog transform requires BYTE_STREAM input");
146 keepComments = input->getCommentsStatus();
147 m_log.debug("\n----- BEGIN SIGNATURE DEBUG -----\n");
150 TXFMBase::ioType getInputType() {
151 return TXFMBase::BYTE_STREAM;
153 TXFMBase::ioType getOutputType() {
154 return TXFMBase::BYTE_STREAM;
156 TXFMBase::nodeType getNodeType() {
157 return TXFMBase::DOM_NODE_NONE;
160 unsigned int readBytes(XMLByte * const toFill, const unsigned int maxToFill) {
161 unsigned int sz = input->readBytes(toFill, maxToFill);
162 m_log.debug(string(reinterpret_cast<char* const>(toFill), sz));
166 DOMDocument* getDocument() {
169 DOMNode* getFragmentNode() {
172 const XMLCh* getFragmentId() {
180 TXFMBase* TXFMOutputLogFactory(DOMDocument* doc) {
181 if (Category::getInstance(XMLTOOLING_LOGCAT ".Signature.Debugger").isDebugEnabled())
182 return new TXFMOutputLog(doc);
191 LPCSTR lpUNCServerName,
197 LPCSTR messages[] = {message, nullptr};
199 HANDLE hElog = RegisterEventSource(lpUNCServerName, "OpenSAML XMLTooling Library");
200 BOOL res = ReportEvent(hElog, wType, 0, dwEventID, lpUserSid, 1, 0, messages, nullptr);
201 return (DeregisterEventSource(hElog) && res);
206 XMLToolingConfig& XMLToolingConfig::getConfig()
211 XMLToolingInternalConfig& XMLToolingInternalConfig::getInternalConfig()
216 #ifndef XMLTOOLING_NO_XMLSEC
217 XMLToolingConfig::XMLToolingConfig()
218 : m_keyInfoResolver(nullptr), m_replayCache(nullptr), m_pathResolver(nullptr), m_templateEngine(nullptr), m_urlEncoder(nullptr), clock_skew_secs(180)
220 XMLToolingConfig::XMLToolingConfig()
221 : m_pathResolver(nullptr), m_templateEngine(nullptr), m_urlEncoder(nullptr), clock_skew_secs(180)
226 XMLToolingConfig::~XMLToolingConfig()
230 #ifndef XMLTOOLING_LITE
231 const KeyInfoResolver* XMLToolingConfig::getKeyInfoResolver() const
233 return m_keyInfoResolver;
236 ReplayCache* XMLToolingConfig::getReplayCache() const
238 return m_replayCache;
241 void XMLToolingConfig::setKeyInfoResolver(xmltooling::KeyInfoResolver *keyInfoResolver)
243 delete m_keyInfoResolver;
244 m_keyInfoResolver = keyInfoResolver;
247 void XMLToolingConfig::setReplayCache(ReplayCache* replayCache)
249 delete m_replayCache;
250 m_replayCache = replayCache;
254 PathResolver* XMLToolingConfig::getPathResolver() const
256 return m_pathResolver;
259 TemplateEngine* XMLToolingConfig::getTemplateEngine() const
261 return m_templateEngine;
264 const URLEncoder* XMLToolingConfig::getURLEncoder() const
269 void XMLToolingConfig::setPathResolver(PathResolver* pathResolver)
271 delete m_pathResolver;
272 m_pathResolver = pathResolver;
275 void XMLToolingConfig::setTemplateEngine(TemplateEngine* templateEngine)
277 delete m_templateEngine;
278 m_templateEngine = templateEngine;
281 void XMLToolingConfig::setURLEncoder(URLEncoder* urlEncoder)
284 m_urlEncoder = urlEncoder;
287 XMLToolingInternalConfig::XMLToolingInternalConfig() :
288 #ifndef XMLTOOLING_NO_XMLSEC
289 m_xsecProvider(nullptr),
291 m_initCount(0), m_lock(Mutex::create()), m_parserPool(nullptr), m_validatingPool(nullptr)
295 XMLToolingInternalConfig::~XMLToolingInternalConfig()
299 bool XMLToolingInternalConfig::log_config(const char* config)
302 if (!config || !*config)
303 config=getenv("XMLTOOLING_LOG_CONFIG");
304 if (!config || !*config)
308 Category& root = Category::getRoot();
309 if (!strcmp(config,"DEBUG")) {
310 root.setPriority(Priority::DEBUG);
313 else if (!strcmp(config,"INFO")) {
314 root.setPriority(Priority::INFO);
317 else if (!strcmp(config,"NOTICE")) {
318 root.setPriority(Priority::NOTICE);
321 else if (!strcmp(config,"WARN")) {
322 root.setPriority(Priority::WARN);
325 else if (!strcmp(config,"ERROR")) {
326 root.setPriority(Priority::ERROR);
329 else if (!strcmp(config,"CRIT")) {
330 root.setPriority(Priority::CRIT);
333 else if (!strcmp(config,"ALERT")) {
334 root.setPriority(Priority::ALERT);
337 else if (!strcmp(config,"EMERG")) {
338 root.setPriority(Priority::EMERG);
341 else if (!strcmp(config,"FATAL")) {
342 root.setPriority(Priority::FATAL);
346 root.setAppender(new OstreamAppender("default",&cerr));
350 PropertyConfigurator::configure(m_pathResolver ? m_pathResolver->resolve(path, PathResolver::XMLTOOLING_CFG_FILE) : path);
353 #ifndef XMLTOOLING_NO_XMLSEC
354 Category::getInstance(XMLTOOLING_LOGCAT ".Signature.Debugger").setAdditivity(false);
357 catch (const ConfigureFailure& e) {
358 string msg = string("error in file permissions or logging configuration: ") + e.what();
359 Category::getInstance(XMLTOOLING_LOGCAT ".Logging").crit(msg);
361 LogEvent(nullptr, EVENTLOG_ERROR_TYPE, 2100, nullptr, msg.c_str());
369 bool XMLToolingInternalConfig::init()
372 xmltooling::NDC ndc("init");
374 Category& log=Category::getInstance(XMLTOOLING_LOGCAT ".Config");
376 Lock initLock(m_lock);
378 if (m_initCount == INT_MAX) {
379 log.crit("library initialized too many times");
383 if (m_initCount >= 1) {
389 log.debug("library initialization started");
391 #ifndef XMLTOOLING_NO_XMLSEC
392 if (curl_global_init(CURL_GLOBAL_ALL)) {
393 log.fatal("failed to initialize libcurl, OpenSSL, or Winsock");
396 curl_version_info_data* curlver = curl_version_info(CURLVERSION_NOW);
398 log.debug("libcurl %s initialization complete", curlver->version);
399 if (!(curlver->features & CURL_VERSION_SSL)) {
400 log.crit("libcurl lacks TLS/SSL support, this will greatly limit functionality");
401 } else if (curlver->ssl_version && !strstr(curlver->ssl_version, "OpenSSL")) {
402 log.crit("libcurl lacks OpenSSL-specific options, this will greatly limit functionality");
406 log.debug("libcurl %s initialization complete", LIBCURL_VERSION);
410 XMLPlatformUtils::Initialize();
411 log.debug("Xerces %s initialization complete", XERCES_FULLVERSIONDOT);
413 #ifndef XMLTOOLING_NO_XMLSEC
414 XSECPlatformUtils::Initialise();
415 # ifdef XMLTOOLING_XMLSEC_DEBUGLOGGING
416 XSECPlatformUtils::SetReferenceLoggingSink(TXFMOutputLogFactory);
418 m_xsecProvider = new XSECProvider();
419 log.debug("XML-Security %s initialization complete", XSEC_FULLVERSIONDOT);
422 m_parserPool = new ParserPool();
423 m_validatingPool = new ParserPool(true,true);
425 m_pathResolver = new PathResolver();
426 m_urlEncoder = new URLEncoder();
428 // Load catalogs from deprecated path setting.
429 if (!catalog_path.empty())
430 m_validatingPool->loadCatalogs(catalog_path.c_str());
432 // default registrations
433 XMLObjectBuilder::registerDefaultBuilder(new UnknownElementBuilder());
435 registerSOAPClasses();
437 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLParserException,xmltooling);
438 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLObjectException,xmltooling);
439 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(MarshallingException,xmltooling);
440 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnmarshallingException,xmltooling);
441 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnknownElementException,xmltooling);
442 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(UnknownAttributeException,xmltooling);
443 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(ValidationException,xmltooling);
444 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(IOException,xmltooling);
446 #ifndef XMLTOOLING_NO_XMLSEC
447 XMLObjectBuilder::registerBuilder(QName(xmlconstants::XMLSIG_NS,Signature::LOCAL_NAME),new SignatureBuilder());
448 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(XMLSecurityException,xmltooling);
449 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(SignatureException,xmlsignature);
450 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(EncryptionException,xmlencryption);
451 registerKeyInfoClasses();
452 registerEncryptionClasses();
453 registerCredentialResolvers();
454 registerKeyInfoResolvers();
455 registerPathValidators();
456 registerTrustEngines();
457 registerXMLAlgorithms();
458 m_keyInfoResolver = KeyInfoResolverManager.newPlugin(INLINE_KEYINFO_RESOLVER,nullptr);
461 #ifndef XMLTOOLING_LITE
462 registerStorageServices();
464 registerSOAPTransports();
465 initSOAPTransports();
467 HTTPResponse::getAllowedSchemes().push_back("https");
468 HTTPResponse::getAllowedSchemes().push_back("http");
470 // Register xml:id as an ID attribute.
471 static const XMLCh xmlid[] = UNICODE_LITERAL_2(i,d);
472 AttributeExtensibleXMLObject::registerIDAttribute(QName(xmlconstants::XML_NS, xmlid));
474 catch (const xercesc::XMLException&) {
475 log.fatal("caught exception while initializing Xerces");
476 #ifndef XMLTOOLING_NO_XMLSEC
477 curl_global_cleanup();
482 #ifndef XMLTOOLING_NO_XMLSEC
483 // Set up OpenSSL locking.
484 for (int i=0; i<CRYPTO_num_locks(); i++)
485 g_openssl_locks.push_back(Mutex::create());
486 CRYPTO_set_locking_callback(openssl_locking_callback);
488 CRYPTO_set_id_callback(openssl_thread_id);
492 log.info("%s library initialization complete", PACKAGE_STRING);
497 void XMLToolingInternalConfig::term()
500 xmltooling::NDC ndc("term");
503 Lock initLock(m_lock);
504 if (m_initCount == 0) {
505 Category::getInstance(XMLTOOLING_LOGCAT ".Config").crit("term without corresponding init");
508 else if (--m_initCount > 0) {
512 #ifndef XMLTOOLING_NO_XMLSEC
513 CRYPTO_set_locking_callback(nullptr);
514 g_openssl_locks.clear();
517 SchemaValidators.destroyValidators();
518 XMLObjectBuilder::destroyBuilders();
519 XMLToolingException::deregisterFactories();
520 AttributeExtensibleXMLObject::deregisterIDAttributes();
522 termSOAPTransports();
523 SOAPTransportManager.deregisterFactories();
525 #ifndef XMLTOOLING_LITE
526 StorageServiceManager.deregisterFactories();
529 #ifndef XMLTOOLING_NO_XMLSEC
530 TrustEngineManager.deregisterFactories();
531 CredentialResolverManager.deregisterFactories();
532 KeyInfoResolverManager.deregisterFactories();
533 m_algorithmMap.clear();
535 delete m_keyInfoResolver;
536 m_keyInfoResolver = nullptr;
538 delete m_replayCache;
539 m_replayCache = nullptr;
542 delete m_pathResolver;
543 m_pathResolver = nullptr;
545 delete m_templateEngine;
546 m_templateEngine = nullptr;
549 m_urlEncoder = nullptr;
551 for (vector<void*>::reverse_iterator i=m_libhandles.rbegin(); i!=m_libhandles.rend(); i++) {
553 FARPROC fn=GetProcAddress(static_cast<HMODULE>(*i),"xmltooling_extension_term");
556 FreeLibrary(static_cast<HMODULE>(*i));
557 #elif defined(HAVE_DLFCN_H)
558 void (*fn)()=(void (*)())dlsym(*i,"xmltooling_extension_term");
563 # error "Don't know about dynamic loading on this platform!"
566 m_libhandles.clear();
569 m_parserPool=nullptr;
570 delete m_validatingPool;
571 m_validatingPool=nullptr;
573 for_each(m_namedLocks.begin(), m_namedLocks.end(), cleanup_pair<string,Mutex>());
574 m_namedLocks.clear();
576 #ifndef XMLTOOLING_NO_XMLSEC
577 delete m_xsecProvider;
578 m_xsecProvider=nullptr;
579 XSECPlatformUtils::Terminate();
582 XMLPlatformUtils::Terminate();
584 #ifndef XMLTOOLING_NO_XMLSEC
585 curl_global_cleanup();
587 Category::getInstance(XMLTOOLING_LOGCAT ".Config").info("%s library shutdown complete", PACKAGE_STRING);
590 Lockable* XMLToolingInternalConfig::lock()
596 void XMLToolingInternalConfig::unlock()
601 Mutex& XMLToolingInternalConfig::getNamedMutex(const char* name)
604 map<string,Mutex*>::const_iterator m = m_namedLocks.find(name);
605 if (m != m_namedLocks.end())
607 Mutex* newlock = Mutex::create();
608 m_namedLocks[name] = newlock;
612 bool XMLToolingInternalConfig::load_library(const char* path, void* context)
615 xmltooling::NDC ndc("LoadLibrary");
617 Category& log=Category::getInstance(XMLTOOLING_LOGCAT ".Config");
618 log.info("loading extension: %s", path);
622 string resolved(path);
623 m_pathResolver->resolve(resolved, PathResolver::XMLTOOLING_LIB_FILE);
626 HMODULE handle=nullptr;
627 for (string::iterator i = resolved.begin(); i != resolved.end(); ++i)
631 UINT em=SetErrorMode(SEM_FAILCRITICALERRORS);
633 handle=LoadLibraryEx(resolved.c_str(),nullptr,LOAD_WITH_ALTERED_SEARCH_PATH);
635 handle=LoadLibraryEx(resolved.c_str(),nullptr,0);
637 throw runtime_error(string("unable to load extension library: ") + resolved);
638 FARPROC fn=GetProcAddress(handle,"xmltooling_extension_init");
640 throw runtime_error(string("unable to locate xmltooling_extension_init entry point: ") + resolved);
641 if (reinterpret_cast<int(*)(void*)>(fn)(context)!=0)
642 throw runtime_error(string("detected error in xmltooling_extension_init: ") + resolved);
645 catch(std::exception&) {
652 #elif defined(HAVE_DLFCN_H)
653 void* handle=dlopen(resolved.c_str(),RTLD_LAZY);
655 throw runtime_error(string("unable to load extension library '") + resolved + "': " + dlerror());
656 int (*fn)(void*)=(int (*)(void*))(dlsym(handle,"xmltooling_extension_init"));
660 string("unable to locate xmltooling_extension_init entry point in '") + resolved + "': " +
661 (dlerror() ? dlerror() : "unknown error")
666 throw runtime_error(string("detected error in xmltooling_extension_init in ") + resolved);
668 catch(std::exception&) {
674 # error "Don't know about dynamic loading on this platform!"
676 m_libhandles.push_back(handle);
677 log.info("loaded extension: %s", resolved.c_str());
681 #ifndef XMLTOOLING_NO_XMLSEC
683 void xmltooling::log_openssl()
689 unsigned long code=ERR_get_error_line_data(&file,&line,&data,&flags);
691 Category& log=Category::getInstance("OpenSSL");
692 log.errorStream() << "error code: " << code << " in " << file << ", line " << line << logging::eol;
693 if (data && (flags & ERR_TXT_STRING))
694 log.errorStream() << "error data: " << data << logging::eol;
695 code=ERR_get_error_line_data(&file,&line,&data,&flags);
699 XSECCryptoX509CRL* XMLToolingInternalConfig::X509CRL() const
701 return new OpenSSLCryptoX509CRL();
704 pair<const char*,unsigned int> XMLToolingInternalConfig::mapXMLAlgorithmToKeyAlgorithm(const XMLCh* xmlAlgorithm) const
706 for (algmap_t::const_iterator i = m_algorithmMap.begin(); i != m_algorithmMap.end(); ++i) {
707 algmap_t::value_type::second_type::const_iterator j = i->second.find(xmlAlgorithm);
708 if (j != i->second.end())
709 return pair<const char*,unsigned int>(j->second.first.c_str(), j->second.second);
711 return pair<const char*,unsigned int>(nullptr, 0);
714 void XMLToolingInternalConfig::registerXMLAlgorithm(
715 const XMLCh* xmlAlgorithm, const char* keyAlgorithm, unsigned int size, XMLSecurityAlgorithmType type
718 m_algorithmMap[type][xmlAlgorithm] = pair<string,unsigned int>((keyAlgorithm ? keyAlgorithm : ""), size);
719 // Authenticated encryption algorithms are also generic encryption algorithms.
720 if (type == ALGTYPE_AUTHNENCRYPT)
721 m_algorithmMap[ALGTYPE_ENCRYPT][xmlAlgorithm] = pair<string,unsigned int>((keyAlgorithm ? keyAlgorithm : ""), size);
724 bool XMLToolingInternalConfig::isXMLAlgorithmSupported(const XMLCh* xmlAlgorithm, XMLSecurityAlgorithmType type)
727 // First check for basic support from the xmlsec layer.
728 if (XSECPlatformUtils::g_algorithmMapper->mapURIToHandler(xmlAlgorithm)) {
729 // Make sure the algorithm is registered.
730 algmap_t::const_iterator i = m_algorithmMap.find(type);
731 if (i != m_algorithmMap.end()) {
732 algmap_t::value_type::second_type::const_iterator j = i->second.find(xmlAlgorithm);
733 if (j != i->second.end())
738 catch (XSECException&) {
743 void XMLToolingInternalConfig::registerXMLAlgorithms()
745 // The deal with all the macros is to try and figure out with no false positives whether
746 // the OpenSSL version *and* the XML-Security version support the algorithms.
748 // With ECDSA, XML-Security exports a public macro for OpenSSL's support, and any
749 // versions of XML-Security that didn't provide the macro don't handle ECDSA anyway.
750 // However, the SHA-224 variant was left out of the initial XML-Security release.
752 // With AES and GCM, all supported XML-Security versions export a macro for OpenSSL's support.
754 // With SHA2, only the very latest XML-Security exports a macro, but all the versions
755 // will handle SHA2 *if* OpenSSL does. So we use our own macro to check OpenSSL's
756 // support, and then add checks to see if specific versions are compiled out.
758 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIMD5, nullptr, 0, ALGTYPE_DIGEST);
759 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURISHA1, nullptr, 0, ALGTYPE_DIGEST);
760 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
761 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURISHA224, nullptr, 0, ALGTYPE_DIGEST);
762 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURISHA256, nullptr, 0, ALGTYPE_DIGEST);
764 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA512)
765 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURISHA384, nullptr, 0, ALGTYPE_DIGEST);
766 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURISHA512, nullptr, 0, ALGTYPE_DIGEST);
769 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIDSA_SHA1, "DSA", 0, ALGTYPE_SIGN);
770 #if defined(URI_ID_DSA_SHA256) && defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
771 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIDSA_SHA256, "DSA", 0, ALGTYPE_SIGN);
774 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_MD5, "RSA", 0, ALGTYPE_SIGN);
775 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA1, "RSA", 0, ALGTYPE_SIGN);
776 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
777 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA224, "RSA", 0, ALGTYPE_SIGN);
778 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA256, "RSA", 0, ALGTYPE_SIGN);
780 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA512)
781 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA384, "RSA", 0, ALGTYPE_SIGN);
782 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA512, "RSA", 0, ALGTYPE_SIGN);
785 #ifdef XSEC_OPENSSL_HAVE_EC
786 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA1, "EC", 0, ALGTYPE_SIGN);
787 # if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
788 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA256, "EC", 0, ALGTYPE_SIGN);
789 # ifdef URI_ID_ECDSA_SHA224
790 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA224, "EC", 0, ALGTYPE_SIGN);
793 # if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA512)
794 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA384, "EC", 0, ALGTYPE_SIGN);
795 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA512, "EC", 0, ALGTYPE_SIGN);
799 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA1, "HMAC", 0, ALGTYPE_SIGN);
800 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
801 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA224, "HMAC", 0, ALGTYPE_SIGN);
802 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA256, "HMAC", 0, ALGTYPE_SIGN);
804 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA512)
805 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA384, "HMAC", 0, ALGTYPE_SIGN);
806 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIHMAC_SHA512, "HMAC", 0, ALGTYPE_SIGN);
809 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_1_5, "RSA", 0, ALGTYPE_KEYENCRYPT);
810 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1, "RSA", 0, ALGTYPE_KEYENCRYPT);
811 #ifdef URI_ID_RSA_OAEP
812 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_OAEP, "RSA", 0, ALGTYPE_KEYENCRYPT);
815 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURI3DES_CBC, "DESede", 192, ALGTYPE_ENCRYPT);
816 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_3DES, "DESede", 192, ALGTYPE_KEYENCRYPT);
818 #ifdef XSEC_OPENSSL_HAVE_AES
819 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES128_CBC, "AES", 128, ALGTYPE_ENCRYPT);
820 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES128, "AES", 128, ALGTYPE_KEYENCRYPT);
822 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES192_CBC, "AES", 192, ALGTYPE_ENCRYPT);
823 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES192, "AES", 192, ALGTYPE_KEYENCRYPT);
825 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES256_CBC, "AES", 256, ALGTYPE_ENCRYPT);
826 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES256, "AES", 256, ALGTYPE_KEYENCRYPT);
828 # ifdef URI_ID_KW_AES128_PAD
829 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES128_PAD, "AES", 128, ALGTYPE_KEYENCRYPT);
830 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES192_PAD, "AES", 192, ALGTYPE_KEYENCRYPT);
831 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES256_PAD, "AES", 256, ALGTYPE_KEYENCRYPT);
835 #ifdef XSEC_OPENSSL_HAVE_GCM
836 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES128_GCM, "AES", 128, ALGTYPE_AUTHNENCRYPT);
837 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES192_GCM, "AES", 192, ALGTYPE_AUTHNENCRYPT);
838 registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES256_GCM, "AES", 256, ALGTYPE_AUTHNENCRYPT);
846 extern "C" __declspec(dllexport) BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID)
848 if (fdwReason == DLL_THREAD_DETACH || fdwReason == DLL_PROCESS_DETACH)
849 ThreadKey::onDetach();