[xmlsec] upgrading from xmlsec1-1.2.16 to xmlsec1-1.2.29
Floodeenjr, Thomas
thomas_floodeenjr at mentor.com
Tue Feb 4 11:45:25 PST 2020
It turns out the key manager issue was a red herring. I had some debug/release runtime issues.
So I am back to the original question:
We are in the process of upgrading from openssl-1.0.2g to openssl-1.1.1d and from libxml2-2.7.8 to libxml2-2.9.9. We are also upgrading from xmlsec1-1.2.16 to xmlsec1-1.2.29.
The code we have been using for years to encrypt our xml is no longer working.
static bool S_EncryptXMLNode(xmlDocPtr _doc, xmlNodePtr _node, xmlSecKeysMngrPtr _keysMngr, xmlChar* _keyName)
{
bool localRet = false;
xmlNodePtr encDataNode = NULL;
xmlSecEncCtxPtr encCtx = NULL;
localRet = SDDInfrasecUtil::CreateEncryptedDataNode(_doc, xmlSecTypeEncElement, _keyName, &encDataNode);
if (true == localRet) {
encCtx = xmlSecEncCtxCreate(_keysMngr);
if (NULL == encCtx) {
fprintf(stderr,"Error: failed to create encryption context\n");
xmlFreeNode(encDataNode); encDataNode = NULL;
localRet = false;
} else {
encCtx->defEncMethodId = xmlSecTransformAes128CbcId;
}
}
if ((NULL != encDataNode) && (NULL != encCtx)) {
if (xmlSecEncCtxXmlEncrypt(encCtx, encDataNode, _node) < 0) {
fprintf(stderr,"Error: encryption failed\n");
xmlFreeNode(encDataNode); encDataNode = NULL;
xmlSecEncCtxDestroy(encCtx); encCtx = NULL;
localRet = false;
} else {
encDataNode = NULL;
}
}
if (NULL != encCtx) xmlSecEncCtxDestroy(encCtx);
if (NULL != encDataNode) xmlFreeNode(encDataNode);
return localRet;
}
Encryption fails on this line: if (xmlSecEncCtxXmlEncrypt(encCtx, encDataNode, _node) < 0) {
It worked before the upgrade.
Is there something we need to change?
Thanks,
-Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20200204/ae13792c/attachment.htm>
More information about the xmlsec
mailing list