2 upstream via mail to lasso@listes.entrouvert.com at: Tue Dec 10 17:55:04 EET 2024
4 --- lasso-2.8.2/lasso/lasso.c.orig 2023-01-25 18:10:30.746769119 +0100
5 +++ lasso-2.8.2/lasso/lasso.c 2024-12-10 18:49:27.428161572 +0100
7 * xmlsec-crypto library.
9 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
10 - if (xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
11 + if (xmlSecCryptoDLLoadLibrary(BAD_CAST xmlSecGetDefaultCrypto) < 0) {
12 message(G_LOG_LEVEL_CRITICAL,
13 "Unable to load default xmlsec-crypto library. Make sure"
14 "that you have it installed and check shared libraries path"
15 --- lasso-2.8.2/lasso/xml/tools.c.~1~ 2023-03-06 12:05:02.761160572 +0100
16 +++ lasso-2.8.2/lasso/xml/tools.c 2024-12-10 20:42:49.239495585 +0100
18 pub_key = lasso_get_public_key_from_pem_cert_file(file);
20 case LASSO_PEM_FILE_TYPE_PUB_KEY:
21 - pub_key = xmlSecCryptoAppKeyLoad(file,
22 - xmlSecKeyDataFormatPem, NULL, NULL, NULL);
23 + pub_key = xmlSecCryptoAppKeyLoadEx(file,
24 + xmlSecKeyDataTypePublic, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
26 case LASSO_PEM_FILE_TYPE_PRIVATE_KEY:
27 pub_key = lasso_get_public_key_from_private_key_file(file);
30 lasso_get_public_key_from_private_key_file(const char *private_key_file)
32 - return xmlSecCryptoAppKeyLoad(private_key_file,
33 - xmlSecKeyDataFormatPem, NULL, NULL, NULL);
34 + return xmlSecCryptoAppKeyLoadEx(private_key_file,
35 + xmlSecKeyDataTypePublic, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
40 case LASSO_SIGNATURE_METHOD_HMAC_SHA256:
41 case LASSO_SIGNATURE_METHOD_HMAC_SHA384:
42 case LASSO_SIGNATURE_METHOD_HMAC_SHA512:
43 - evp_md_ctx = EVP_MD_CTX_create();
44 + evp_md_ctx = EVP_MD_CTX_new();
45 if (EVP_DigestSignInit(evp_md_ctx, NULL, md, NULL, pkey) <= 0) {
46 message(G_LOG_LEVEL_CRITICAL, "EVP_DigestSignInit failed");
49 lasso_release_xml_string(b64_sigret);
50 lasso_release_xml_string(e_b64_sigret);
52 - EVP_MD_CTX_destroy(evp_md_ctx);
53 + EVP_MD_CTX_free(evp_md_ctx);
58 lasso_base64_decode(b64_signature, &signature, (int*)&signature_len),
59 LASSO_DS_ERROR_INVALID_SIGNATURE);
60 /* verify signature */
61 - evp_md_ctx = EVP_MD_CTX_create();
62 + evp_md_ctx = EVP_MD_CTX_new();
65 case LASSO_SIGNATURE_METHOD_RSA_SHA1:
67 lasso_release_string(digest);
68 lasso_release_string(new_signature);
70 - EVP_MD_CTX_destroy(evp_md_ctx);
71 + EVP_MD_CTX_free(evp_md_ctx);