#endif
#include <stdexcept>
-#include <boost/algorithm/string.hpp>
-#include <boost/lambda/bind.hpp>
-#include <boost/lambda/lambda.hpp>
+#include <boost/ptr_container/ptr_vector.hpp>
#if defined(XMLTOOLING_LOG4SHIB)
# include <log4shib/PropertyConfigurator.hh>
using namespace xmltooling::logging;
using namespace xmltooling;
using namespace xercesc;
-using namespace boost::lambda;
using namespace boost;
using namespace std;
namespace {
static XMLToolingInternalConfig g_config;
#ifndef XMLTOOLING_NO_XMLSEC
- static vector<Mutex*> g_openssl_locks;
+ static ptr_vector<Mutex> g_openssl_locks;
extern "C" void openssl_locking_callback(int mode,int n,const char *file,int line)
{
if (mode & CRYPTO_LOCK)
- g_openssl_locks[n]->lock();
+ g_openssl_locks[n].lock();
else
- g_openssl_locks[n]->unlock();
+ g_openssl_locks[n].unlock();
}
# ifndef WIN32
XMLToolingInternalConfig::~XMLToolingInternalConfig()
{
- delete m_lock;
}
bool XMLToolingInternalConfig::log_config(const char* config)
#endif
}
catch (const ConfigureFailure& e) {
- string msg = string("failed to configure logging: ") + e.what();
+ string msg = string("error in file permissions or logging configuration: ") + e.what();
Category::getInstance(XMLTOOLING_LOGCAT".Logging").crit(msg);
#ifdef WIN32
LogEvent(nullptr, EVENTLOG_ERROR_TYPE, 2100, nullptr, msg.c_str());
m_parserPool=new ParserPool();
m_validatingPool=new ParserPool(true,true);
- // Load catalogs from path.
- if (!catalog_path.empty()) {
- vector<string> catpaths;
- split(catpaths, catalog_path, is_any_of(PATH_SEPARATOR_STR), algorithm::token_compress_on);
- for_each(
- catpaths.begin(), catpaths.end(),
- // Call loadCatalog with an inner call to s->c_str() on each entry.
- lambda::bind(static_cast<bool (ParserPool::*)(const char*)>(&ParserPool::loadCatalog), m_validatingPool, lambda::bind(&string::c_str,_1))
- );
- }
+ // Load catalogs from deprecated path setting.
+ if (!catalog_path.empty())
+ m_validatingPool->loadCatalogs(catalog_path.c_str());
// default registrations
XMLObjectBuilder::registerDefaultBuilder(new UnknownElementBuilder());
#ifndef XMLTOOLING_NO_XMLSEC
CRYPTO_set_locking_callback(nullptr);
- for_each(g_openssl_locks.begin(), g_openssl_locks.end(), xmltooling::cleanup<Mutex>());
g_openssl_locks.clear();
#endif
if (fn(context)!=0)
throw runtime_error(string("detected error in xmltooling_extension_init in ") + resolved);
}
- catch(exception&) {
+ catch(std::exception&) {
if (handle)
dlclose(handle);
throw;
)
{
m_algorithmMap[type][xmlAlgorithm] = pair<string,unsigned int>((keyAlgorithm ? keyAlgorithm : ""), size);
+ // Authenticated encryption algorithms are also generic encryption algorithms.
+ if (type == ALGTYPE_AUTHNENCRYPT)
+ m_algorithmMap[ALGTYPE_ENCRYPT][xmlAlgorithm] = pair<string,unsigned int>((keyAlgorithm ? keyAlgorithm : ""), size);
}
bool XMLToolingInternalConfig::isXMLAlgorithmSupported(const XMLCh* xmlAlgorithm, XMLSecurityAlgorithmType type)
// With ECDSA, XML-Security exports a public macro for OpenSSL's support, and any
// versions of XML-Security that didn't provide the macro don't handle ECDSA anyway.
- // With AES, all supported XML-Security versions export a macro for OpenSSL's support.
+ // With AES and GCM, all supported XML-Security versions export a macro for OpenSSL's support.
// With SHA2, only the very latest XML-Security exports a macro, but all the versions
// will handle SHA2 *if* OpenSSL does. So we use our own macro to check OpenSSL's
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES256_CBC, "AES", 256, ALGTYPE_ENCRYPT);
registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIKW_AES256, "AES", 256, ALGTYPE_KEYENCRYPT);
#endif
+
+#ifdef XSEC_OPENSSL_HAVE_GCM
+ registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES128_GCM, "AES", 128, ALGTYPE_AUTHNENCRYPT);
+ registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES192_GCM, "AES", 192, ALGTYPE_AUTHNENCRYPT);
+ registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIAES256_GCM, "AES", 256, ALGTYPE_AUTHNENCRYPT);
+#endif
}
#endif