From 2e65468d4cb200611c0fd004279b17e4f234a1e4 Mon Sep 17 00:00:00 2001
From: Scott Cantor <cantor.2@osu.edu>
Date: Thu, 5 Jul 2012 18:54:29 +0000
Subject: [PATCH] Roll back unnecessary configure test, and add ECDSA-SHA224.

---
 config_win32.h                  |  3 ---
 configure.ac                    |  7 -------
 xmltooling/XMLToolingConfig.cpp | 14 +++++++++++---
 xmltooling/config_pub.h.in      |  3 ---
 xmltooling/config_pub_win32.h   |  3 ---
 5 files changed, 11 insertions(+), 19 deletions(-)

diff --git a/config_win32.h b/config_win32.h
index 2159b4c..29f3446 100644
--- a/config_win32.h
+++ b/config_win32.h
@@ -152,9 +152,6 @@
 #  define XMLTOOLING_XMLSEC_ECC 1
 #  define XMLTOOLING_XMLSEC_DEBUGLOGGING 1
 # endif
-# if (_XSEC_VERSION_FULL >= 10700)
-#  define XMLTOOLING_XMLSEC_OAEP11 1
-# endif
 #endif
 
 /* Define to empty if `const' does not conform to ANSI C. */
diff --git a/configure.ac b/configure.ac
index 9a56609..7d6c6b7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -348,13 +348,6 @@ int i = 0;
         [AC_MSG_RESULT([yes])AC_DEFINE([XMLTOOLING_XMLSEC_C14N11],[1],[Define to 1 if XML-Security-C includes C14N 1.1 support.])],
         [AC_MSG_RESULT([no])])
 
-    AC_MSG_CHECKING([whether XML-Security-C includes MGF-pluggable RSA-OAEP support])
-    AC_COMPILE_IFELSE(
-        [AC_LANG_PROGRAM([[#include <xsec/dsig/DSIGConstants.hpp>]],
-            [[encryptionMethod em = ENCRYPT_RSA_OAEP;]])],
-        [AC_MSG_RESULT([yes])AC_DEFINE([XMLTOOLING_XMLSEC_OAEP11],[1],[Define to 1 if XML-Security-C includes MGF-pluggable RSA-OAEP support.])],
-        [AC_MSG_RESULT([no])])
-
     AC_MSG_CHECKING([whether XML-Security-C includes debug logging support])
     AC_COMPILE_IFELSE(
         [AC_LANG_PROGRAM([[#include <xsec/utils/XSECPlatformUtils.hpp>]],
diff --git a/xmltooling/XMLToolingConfig.cpp b/xmltooling/XMLToolingConfig.cpp
index 5f180e0..c255dca 100644
--- a/xmltooling/XMLToolingConfig.cpp
+++ b/xmltooling/XMLToolingConfig.cpp
@@ -745,6 +745,7 @@ void XMLToolingInternalConfig::registerXMLAlgorithms()
 
     // With ECDSA, XML-Security exports a public macro for OpenSSL's support, and any
     // versions of XML-Security that didn't provide the macro don't handle ECDSA anyway.
+    // However, the SHA-224 variant was left out of the initial XML-Security release.
 
     // With AES and GCM, all supported XML-Security versions export a macro for OpenSSL's support.
 
@@ -764,6 +765,10 @@ void XMLToolingInternalConfig::registerXMLAlgorithms()
 #endif
 
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIDSA_SHA1, "DSA", 0, ALGTYPE_SIGN);
+#if defined(URI_ID_DSA_SHA256) && defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
+    registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIDSA_SHA256, "DSA", 0, ALGTYPE_SIGN);
+#endif
+
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_MD5, "RSA", 0, ALGTYPE_SIGN);
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_SHA1, "RSA", 0, ALGTYPE_SIGN);
 #if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
@@ -777,10 +782,13 @@ void XMLToolingInternalConfig::registerXMLAlgorithms()
 
 #ifdef XSEC_OPENSSL_HAVE_EC
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA1, "EC", 0, ALGTYPE_SIGN);
-#if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
+# if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA256)
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA256, "EC", 0, ALGTYPE_SIGN);
+#  ifdef URI_ID_ECDSA_SHA224
+    registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA224, "EC", 0, ALGTYPE_SIGN);
+#  endif
 # endif
-#if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA512)
+# if defined(XMLTOOLING_OPENSSL_HAVE_SHA2) && !defined(OPENSSL_NO_SHA512)
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA384, "EC", 0, ALGTYPE_SIGN);
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIECDSA_SHA512, "EC", 0, ALGTYPE_SIGN);
 # endif
@@ -798,7 +806,7 @@ void XMLToolingInternalConfig::registerXMLAlgorithms()
 
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_1_5, "RSA", 0, ALGTYPE_KEYENCRYPT);
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1, "RSA", 0, ALGTYPE_KEYENCRYPT);
-#ifdef XMLTOOLING_XMLSEC_OAEP11
+#ifdef URI_ID_RSA_OAEP
     registerXMLAlgorithm(DSIGConstants::s_unicodeStrURIRSA_OAEP, "RSA", 0, ALGTYPE_KEYENCRYPT);
 #endif
 
diff --git a/xmltooling/config_pub.h.in b/xmltooling/config_pub.h.in
index de3c0b1..144a1f8 100644
--- a/xmltooling/config_pub.h.in
+++ b/xmltooling/config_pub.h.in
@@ -32,6 +32,3 @@
 
 /* Define to 1 if you have the `xsecsize_t' type. */
 #undef HAVE_XSECSIZE_T
-
-/* Define to 1 if XML-Security-C includes MGF-pluggable RSA-OAEP support. */
-#undef XMLTOOLING_XMLSEC_OAEP11
diff --git a/xmltooling/config_pub_win32.h b/xmltooling/config_pub_win32.h
index b413fc1..41628c2 100644
--- a/xmltooling/config_pub_win32.h
+++ b/xmltooling/config_pub_win32.h
@@ -68,8 +68,5 @@
 #  define XMLTOOLING_XMLSEC_ECC 1
 #  define XMLTOOLING_XMLSEC_DEBUGLOGGING 1
 # endif
-# if (_XSEC_VERSION_FULL >= 10700)
-#  define XMLTOOLING_XMLSEC_OAEP11 1
-# endif
 #endif
 
-- 
2.1.4