class TXFMOutputLog : public TXFMBase {
TXFMOutputLog();
public:
- TXFMOutputLog(DOMDocument* doc) : TXFMBase(doc), m_log(Category::getInstance(XMLTOOLING_LOGCAT".Signature.Debugger")) {
+ TXFMOutputLog(DOMDocument* doc) : TXFMBase(doc), m_log(Category::getInstance(XMLTOOLING_LOGCAT ".Signature.Debugger")) {
input = nullptr;
}
~TXFMOutputLog() {
};
TXFMBase* TXFMOutputLogFactory(DOMDocument* doc) {
- if (Category::getInstance(XMLTOOLING_LOGCAT".Signature.Debugger").isDebugEnabled())
+ if (Category::getInstance(XMLTOOLING_LOGCAT ".Signature.Debugger").isDebugEnabled())
return new TXFMOutputLog(doc);
return nullptr;
}
}
#ifndef XMLTOOLING_NO_XMLSEC
- Category::getInstance(XMLTOOLING_LOGCAT".Signature.Debugger").setAdditivity(false);
+ Category::getInstance(XMLTOOLING_LOGCAT ".Signature.Debugger").setAdditivity(false);
#endif
}
catch (const ConfigureFailure& e) {
string msg = string("error in file permissions or logging configuration: ") + e.what();
- Category::getInstance(XMLTOOLING_LOGCAT".Logging").crit(msg);
+ Category::getInstance(XMLTOOLING_LOGCAT ".Logging").crit(msg);
#ifdef WIN32
LogEvent(nullptr, EVENTLOG_ERROR_TYPE, 2100, nullptr, msg.c_str());
#endif
#ifdef _DEBUG
xmltooling::NDC ndc("init");
#endif
- Category& log=Category::getInstance(XMLTOOLING_LOGCAT".Config");
+ Category& log=Category::getInstance(XMLTOOLING_LOGCAT ".Config");
Lock initLock(m_lock);
if (curlver) {
log.debug("libcurl %s initialization complete", curlver->version);
if (!(curlver->features & CURL_VERSION_SSL)) {
- log.warn("libcurl lacks TLS/SSL support, this will greatly limit functionality");
+ log.crit("libcurl lacks TLS/SSL support, this will greatly limit functionality");
+ } else if (curlver->ssl_version && !strstr(curlver->ssl_version, "OpenSSL")) {
+ log.crit("libcurl lacks OpenSSL-specific options, this will greatly limit functionality");
}
}
else {
# ifdef XMLTOOLING_XMLSEC_DEBUGLOGGING
XSECPlatformUtils::SetReferenceLoggingSink(TXFMOutputLogFactory);
# endif
- m_xsecProvider=new XSECProvider();
+ m_xsecProvider = new XSECProvider();
log.debug("XML-Security %s initialization complete", XSEC_FULLVERSIONDOT);
#endif
- m_parserPool=new ParserPool();
- m_validatingPool=new ParserPool(true,true);
+ m_parserPool = new ParserPool();
+ m_validatingPool = new ParserPool(true,true);
+
+ m_pathResolver = new PathResolver();
+ m_urlEncoder = new URLEncoder();
// Load catalogs from deprecated path setting.
if (!catalog_path.empty())
registerSOAPTransports();
initSOAPTransports();
- m_pathResolver = new PathResolver();
- m_urlEncoder = new URLEncoder();
-
HTTPResponse::getAllowedSchemes().push_back("https");
HTTPResponse::getAllowedSchemes().push_back("http");
Lock initLock(m_lock);
if (m_initCount == 0) {
- Category::getInstance(XMLTOOLING_LOGCAT".Config").crit("term without corresponding init");
+ Category::getInstance(XMLTOOLING_LOGCAT ".Config").crit("term without corresponding init");
return;
}
else if (--m_initCount > 0) {
#ifndef XMLTOOLING_NO_XMLSEC
curl_global_cleanup();
#endif
- Category::getInstance(XMLTOOLING_LOGCAT".Config").info("%s library shutdown complete", PACKAGE_STRING);
+ Category::getInstance(XMLTOOLING_LOGCAT ".Config").info("%s library shutdown complete", PACKAGE_STRING);
}
Lockable* XMLToolingInternalConfig::lock()
#ifdef _DEBUG
xmltooling::NDC ndc("LoadLibrary");
#endif
- Category& log=Category::getInstance(XMLTOOLING_LOGCAT".Config");
+ Category& log=Category::getInstance(XMLTOOLING_LOGCAT ".Config");
log.info("loading extension: %s", path);
Locker locker(this);
)
{
m_algorithmMap[type][xmlAlgorithm] = pair<string,unsigned int>((keyAlgorithm ? keyAlgorithm : ""), size);
+ // Authenticated encryption algorithms are also generic encryption algorithms.
+ if (type == ALGTYPE_AUTHNENCRYPT)
+ m_algorithmMap[ALGTYPE_ENCRYPT][xmlAlgorithm] = pair<string,unsigned int>((keyAlgorithm ? keyAlgorithm : ""), size);
}
bool XMLToolingInternalConfig::isXMLAlgorithmSupported(const XMLCh* xmlAlgorithm, XMLSecurityAlgorithmType type)
// With ECDSA, XML-Security exports a public macro for OpenSSL's support, and any
// versions of XML-Security that didn't provide the macro don't handle ECDSA anyway.
+ // However, the SHA-224 variant was left out of the initial XML-Security release.
- // With AES, all supported XML-Security versions export a macro for OpenSSL's support.
+ // With AES and GCM, all supported XML-Security versions export a macro for OpenSSL's support.
// With SHA2, only the very latest XML-Security exports a macro, but all the versions
// will handle SHA2 *if* OpenSSL does. So we use our own macro to check OpenSSL's
#endif
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIDSA_SHA1, "DSA", 0, ALGTYPE_SIGN);
+#if defined(URI_ID_DSA_SHA256) && defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
+ registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIDSA_SHA256, "DSA", 0, ALGTYPE_SIGN);
+#endif
+
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_MD5, "RSA", 0, ALGTYPE_SIGN);
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA1, "RSA", 0, ALGTYPE_SIGN);
#if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
#ifdef XSEC_OPENSSL_HAVE_EC
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA1, "EC", 0, ALGTYPE_SIGN);
-#if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
+# if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA256, "EC", 0, ALGTYPE_SIGN);
+# ifdef URI_ID_ECDSA_SHA224
+ registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA224, "EC", 0, ALGTYPE_SIGN);
+# endif
# endif
-#if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA512)
+# if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA512)
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA384, "EC", 0, ALGTYPE_SIGN);
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA512, "EC", 0, ALGTYPE_SIGN);
# endif
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_1_5, "RSA", 0, ALGTYPE_KEYENCRYPT);
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1, "RSA", 0, ALGTYPE_KEYENCRYPT);
+#ifdef URI_ID_RSA_OAEP
+ registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_OAEP, "RSA", 0, ALGTYPE_KEYENCRYPT);
+#endif
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURI3DES_CBC, "DESede", 192, ALGTYPE_ENCRYPT);
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_3DES, "DESede", 192, ALGTYPE_KEYENCRYPT);
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES256_CBC, "AES", 256, ALGTYPE_ENCRYPT);
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES256, "AES", 256, ALGTYPE_KEYENCRYPT);
+
+# ifdef URI_ID_KW_AES128_PAD
+ registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES128_PAD, "AES", 128, ALGTYPE_KEYENCRYPT);
+ registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES192_PAD, "AES", 192, ALGTYPE_KEYENCRYPT);
+ registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES256_PAD, "AES", 256, ALGTYPE_KEYENCRYPT);
+# endif
+#endif
+
+#ifdef XSEC_OPENSSL_HAVE_GCM
+ registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES128_GCM, "AES", 128, ALGTYPE_AUTHNENCRYPT);
+ registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES192_GCM, "AES", 192, ALGTYPE_AUTHNENCRYPT);
+ registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES256_GCM, "AES", 256, ALGTYPE_AUTHNENCRYPT);
#endif
}
projects / shibboleth / cpp-xmltooling.git / blobdiff