[xmlsec] upgrading from xmlsec1-1.2.16 to xmlsec1-1.2.29
Floodeenjr, Thomas
thomas_floodeenjr at mentor.com
Tue Feb 4 12:20:12 PST 2020
Aleksey,
I was not defining XMLSEC_NO_SIZE_T on Windows. When I added XMLSEC_NO_SIZE_T to my Windows application, it now runs correctly.
Why was this not needed with xmlsec1-1.2.16, but is now needed with xmlsec1-1.2.29 ?
Thanks,
-Tom
-----Original Message-----
From: Aleksey Sanin <aleksey at aleksey.com>
Sent: Tuesday, February 4, 2020 1:12 PM
To: Floodeenjr, Thomas <thomas_floodeenjr at mentor.com>; xmlsec at aleksey.com
Subject: Re: [xmlsec] upgrading from xmlsec1-1.2.16 to xmlsec1-1.2.29
This is clear indication that compile time vs runtime time struct is different. Check the headers/libraries and check how XMLSEC_NO_SIZE_T is defined when xmlsec and the app are compiled.
Aleksey
On 2/4/20 12:08 PM, Floodeenjr, Thomas wrote:
> Aleksey,
>
> The headers and libraries are not mixed.
>
> With xmlsec1-1.2.29, setting the defEncMethodId seems to not work.
>
> encCtx->defEncMethodId = xmlSecTransformAes128CbcId;
>
> With xmlsec1-1.2.16, this gets set to:
> + defEncMethodId 0x00007ff61cc93450 {xmlsec_test.exe!_xmlSecTransformKlass xmlSecOpenSSLAes128CbcKlass} {klassSize=160 ...} const _xmlSecTransformKlass *
>
> With xmlsec1-1.2.29 it does not get set:
> + defEncMethodId 0x0000000000000000 <NULL> const _xmlSecTransformKlass *
> In addition, the "type" field gets set instead:
> 0x00007ff77f6d4de0 "˜"
>
> This does not happen in the old code.
>
> -Tom
>
> -----Original Message-----
> From: Aleksey Sanin <aleksey at aleksey.com>
> Sent: Tuesday, February 4, 2020 12:59 PM
> To: Floodeenjr, Thomas <thomas_floodeenjr at mentor.com>
> Subject: Re: [xmlsec] upgrading from xmlsec1-1.2.16 to xmlsec1-1.2.29
>
> xmlsec reports a detailed error. What is it?
>
> Also make sure that you got the correct headers and libraries. Mixing headers and libraries files from different versions of any library will not work well.
>
> Aleksey
>
> On 2/4/20 11:45 AM, Floodeenjr, Thomas wrote:
>> It turns out the key manager issue was a red herring. I had some
>> debug/release runtime issues.
>>
>> So I am back to the original question:
>>
>> We are in the process of upgrading from openssl-1.0.2g to
>> openssl-1.1.1d and from libxml2-2.7.8 to libxml2-2.9.9. We are also
>> upgrading from
>> xmlsec1-1.2.16 to xmlsec1-1.2.29.
>>
>> The code we have been using for years to encrypt our xml is no longer
>> working.
>>
>> staticbool S_EncryptXMLNode(xmlDocPtr_doc, xmlNodePtr_node,
>> xmlSecKeysMngrPtr_keysMngr, xmlChar* _keyName)
>>
>> {
>>
>> bool localRet = false;
>>
>> xmlNodePtr encDataNode = NULL;
>>
>> xmlSecEncCtxPtrencCtx = NULL;
>>
>> localRet = SDDInfrasecUtil::CreateEncryptedDataNode(_doc,
>> xmlSecTypeEncElement, _keyName, &encDataNode);
>>
>> if(true== localRet) {
>>
>> encCtx = xmlSecEncCtxCreate(_keysMngr);
>>
>> if(NULL== encCtx) {
>>
>> fprintf(stderr,"Error: failed to create encryption
>> context\n");
>>
>> xmlFreeNode(encDataNode); encDataNode = NULL;
>>
>> localRet = false;
>>
>> } else{
>>
>> encCtx->defEncMethodId = xmlSecTransformAes128CbcId;
>>
>> }
>>
>> }
>>
>> if((NULL!= encDataNode) && (NULL!= encCtx)) {
>>
>> if(xmlSecEncCtxXmlEncrypt(encCtx, encDataNode, _node) < 0) {
>>
>> fprintf(stderr,"Error: encryption failed\n");
>>
>> xmlFreeNode(encDataNode); encDataNode = NULL;
>>
>> xmlSecEncCtxDestroy(encCtx); encCtx = NULL;
>>
>> localRet = false;
>>
>> } else{
>>
>> encDataNode = NULL;
>>
>> }
>>
>> }
>>
>> if(NULL!= encCtx) xmlSecEncCtxDestroy(encCtx);
>>
>> if(NULL!= encDataNode) xmlFreeNode(encDataNode);
>>
>> returnlocalRet;
>>
>> }
>>
>> Encryption fails on this line: if(xmlSecEncCtxXmlEncrypt(encCtx,
>> encDataNode, _node) < 0) {
>>
>> It worked before the upgrade.
>>
>> Is there something we need to change?
>>
>> Thanks,
>>
>> -Tom
>>
>>
>> _______________________________________________
>> xmlsec mailing list
>> xmlsec at aleksey.com
>> http://www.aleksey.com/mailman/listinfo/xmlsec
>>
More information about the xmlsec
mailing list