xml-sec exposes a method for mapping algorithm URIs into a handler for the algorithm, and throws an exception on unsupported or blacklisted algs. A flag to enable selection of algorithm based on the metadata extension should allow for calling into methods on the RoleDescriptor interface that iterate over the extensions and test for support before returning the algorithm to use.
Add support for dynamically selecting crypto algorithms based on metadata extensions.