[xmlsec] upgrading from xmlsec1-1.2.16 to xmlsec1-1.2.29
Aleksey Sanin
aleksey at aleksey.com
Tue Feb 4 12:32:12 PST 2020
It was always needed. However I don't know how exactly do you build it
on Windows.
Aleksey
On 2/4/20 12:20 PM, Floodeenjr, Thomas wrote:
> Aleksey,
>
> I was not defining XMLSEC_NO_SIZE_T on Windows. When I added XMLSEC_NO_SIZE_T to my Windows application, it now runs correctly.
>
> Why was this not needed with xmlsec1-1.2.16, but is now needed with xmlsec1-1.2.29 ?
>
> Thanks,
> -Tom
>
> -----Original Message-----
> From: Aleksey Sanin <aleksey at aleksey.com>
> Sent: Tuesday, February 4, 2020 1:12 PM
> To: Floodeenjr, Thomas <thomas_floodeenjr at mentor.com>; xmlsec at aleksey.com
> Subject: Re: [xmlsec] upgrading from xmlsec1-1.2.16 to xmlsec1-1.2.29
>
> This is clear indication that compile time vs runtime time struct is different. Check the headers/libraries and check how XMLSEC_NO_SIZE_T is defined when xmlsec and the app are compiled.
>
> Aleksey
>
> On 2/4/20 12:08 PM, Floodeenjr, Thomas wrote:
>> Aleksey,
>>
>> The headers and libraries are not mixed.
>>
>> With xmlsec1-1.2.29, setting the defEncMethodId seems to not work.
>>
>> encCtx->defEncMethodId = xmlSecTransformAes128CbcId;
>>
>> With xmlsec1-1.2.16, this gets set to:
>> + defEncMethodId 0x00007ff61cc93450 {xmlsec_test.exe!_xmlSecTransformKlass xmlSecOpenSSLAes128CbcKlass} {klassSize=160 ...} const _xmlSecTransformKlass *
>>
>> With xmlsec1-1.2.29 it does not get set:
>> + defEncMethodId 0x0000000000000000 <NULL> const _xmlSecTransformKlass *
>> In addition, the "type" field gets set instead:
>> 0x00007ff77f6d4de0 "˜"
>>
>> This does not happen in the old code.
>>
>> -Tom
>>
>> -----Original Message-----
>> From: Aleksey Sanin <aleksey at aleksey.com>
>> Sent: Tuesday, February 4, 2020 12:59 PM
>> To: Floodeenjr, Thomas <thomas_floodeenjr at mentor.com>
>> Subject: Re: [xmlsec] upgrading from xmlsec1-1.2.16 to xmlsec1-1.2.29
>>
>> xmlsec reports a detailed error. What is it?
>>
>> Also make sure that you got the correct headers and libraries. Mixing headers and libraries files from different versions of any library will not work well.
>>
>> Aleksey
>>
>> On 2/4/20 11:45 AM, Floodeenjr, Thomas wrote:
>>> It turns out the key manager issue was a red herring. I had some
>>> debug/release runtime issues.
>>>
>>> So I am back to the original question:
>>>
>>> We are in the process of upgrading from openssl-1.0.2g to
>>> openssl-1.1.1d and from libxml2-2.7.8 to libxml2-2.9.9. We are also
>>> upgrading from
>>> xmlsec1-1.2.16 to xmlsec1-1.2.29.
>>>
>>> The code we have been using for years to encrypt our xml is no longer
>>> working.
>>>
>>> staticbool S_EncryptXMLNode(xmlDocPtr_doc, xmlNodePtr_node,
>>> xmlSecKeysMngrPtr_keysMngr, xmlChar* _keyName)
>>>
>>> {
>>>
>>> bool localRet = false;
>>>
>>> xmlNodePtr encDataNode = NULL;
>>>
>>> xmlSecEncCtxPtrencCtx = NULL;
>>>
>>> localRet = SDDInfrasecUtil::CreateEncryptedDataNode(_doc,
>>> xmlSecTypeEncElement, _keyName, &encDataNode);
>>>
>>> if(true== localRet) {
>>>
>>> encCtx = xmlSecEncCtxCreate(_keysMngr);
>>>
>>> if(NULL== encCtx) {
>>>
>>> fprintf(stderr,"Error: failed to create encryption
>>> context\n");
>>>
>>> xmlFreeNode(encDataNode); encDataNode = NULL;
>>>
>>> localRet = false;
>>>
>>> } else{
>>>
>>> encCtx->defEncMethodId = xmlSecTransformAes128CbcId;
>>>
>>> }
>>>
>>> }
>>>
>>> if((NULL!= encDataNode) && (NULL!= encCtx)) {
>>>
>>> if(xmlSecEncCtxXmlEncrypt(encCtx, encDataNode, _node) < 0) {
>>>
>>> fprintf(stderr,"Error: encryption failed\n");
>>>
>>> xmlFreeNode(encDataNode); encDataNode = NULL;
>>>
>>> xmlSecEncCtxDestroy(encCtx); encCtx = NULL;
>>>
>>> localRet = false;
>>>
>>> } else{
>>>
>>> encDataNode = NULL;
>>>
>>> }
>>>
>>> }
>>>
>>> if(NULL!= encCtx) xmlSecEncCtxDestroy(encCtx);
>>>
>>> if(NULL!= encDataNode) xmlFreeNode(encDataNode);
>>>
>>> returnlocalRet;
>>>
>>> }
>>>
>>> Encryption fails on this line: if(xmlSecEncCtxXmlEncrypt(encCtx,
>>> encDataNode, _node) < 0) {
>>>
>>> It worked before the upgrade.
>>>
>>> Is there something we need to change?
>>>
>>> Thanks,
>>>
>>> -Tom
>>>
>>>
>>> _______________________________________________
>>> xmlsec mailing list
>>> xmlsec at aleksey.com
>>> http://www.aleksey.com/mailman/listinfo/xmlsec
>>>
More information about the xmlsec
mailing list