[xmlsec] upgrade to CentOS7

Russell Beall beall at usc.edu
Thu Jun 8 13:55:43 PDT 2017


First, thank you for all the help I’ve seen flowing through this list over the years.  I haven’t had many questions since our code has just been sitting there working most of the time, but it has been nice to see an active community on this product.

I’m working on upgrading to xmlsec 1.2.20 on CentOS 7.  I’m porting a functioning usage of xmlsec from Solaris using xmlsec 1.2.16.  The ported code is practically identical to the online tutorial examples, but for some reason on this updated system, the decryption engine is not producing the data in the encCtx object, even though it is successfully decrypting the XML packet.

The output of the document shows this before the decryption:
<?xml version="1.0"?>
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">

And shows this after the decryption:
<?xml version="1.0"?>

But leaves this data in the encCtx object suggesting that the decryption process did not work:
encCtx->result: 0
encCtx->encKey: 0
encCtx->resultReplaced: 0

Besides needing to see the a non-null result status, I also need a non-null encKey object so I can pull the name of the key for use later in encrypting the response packet.

Is there something I’m missing about this?  Or maybe something peculiar to CentOS 7?  Doesn’t seem like much would have changed between xmlsec 1.2.16 and 1.2.20.

Thanks for any help!

Russell Beall  |  Systems Programmer IV
Enterprise Identity Management | University of Southern California
(213) 740-7221  |  beall at usc.edu<mailto:beall at usc.edu>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20170608/7db83fc5/attachment.html>

More information about the xmlsec mailing list