+
+ if (XMLString::equals(alg, DSIGConstants::s_unicodeStrURIRSA_OAEP) ||
+ XMLString::equals(alg, DSIGConstants::s_unicodeStrURIRSA_OAEP_MGFP1)) {
+ // Check for non-support of SHA-256. This is a reasonable guess as to whether
+ // "all" standard digests and MGF variants will be supported or not, and if not, we
+ // explicitly advertise only SHA-1.
+ if (!XMLToolingConfig::getConfig().isXMLAlgorithmSupported(DSIGConstants::s_unicodeStrURISHA256, XMLToolingConfig::ALGTYPE_DIGEST)) {
+ if (!m_digestBuilder)
+ m_digestBuilder = XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_ALGSUPPORT_NS, DigestMethod::LOCAL_NAME));
+
+ // Add MGF for new OAEP variant.
+ if (XMLString::equals(alg, DSIGConstants::s_unicodeStrURIRSA_OAEP)) {
+ MGF* mgf = MGFBuilder::buildMGF();
+ mgf->setAlgorithm(DSIGConstants::s_unicodeStrURIMGF1_SHA1);
+ em->getUnknownXMLObjects().push_back(mgf);
+ }
+
+ DigestMethod* dm = dynamic_cast<DigestMethod*>(
+ m_digestBuilder->buildObject(xmlconstants::XMLSIG_NS, DigestMethod::LOCAL_NAME, xmlconstants::XMLSIG_PREFIX)
+ );
+ dm->setAlgorithm(DSIGConstants::s_unicodeStrURISHA1);
+ em->getUnknownXMLObjects().push_back(dm);
+ }
+ }