upstream via mail to lasso@listes.entrouvert.com at: Tue Dec 10 17:55:04 EET 2024 --- lasso-2.8.2/lasso/lasso.c.orig 2023-01-25 18:10:30.746769119 +0100 +++ lasso-2.8.2/lasso/lasso.c 2024-12-10 18:49:27.428161572 +0100 @@ -270,7 +270,7 @@ * xmlsec-crypto library. */ #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING - if (xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) { + if (xmlSecCryptoDLLoadLibrary(BAD_CAST xmlSecGetDefaultCrypto) < 0) { message(G_LOG_LEVEL_CRITICAL, "Unable to load default xmlsec-crypto library. Make sure" "that you have it installed and check shared libraries path" --- lasso-2.8.2/lasso/xml/tools.c.~1~ 2023-03-06 12:05:02.761160572 +0100 +++ lasso-2.8.2/lasso/xml/tools.c 2024-12-10 20:42:49.239495585 +0100 @@ -308,8 +308,8 @@ pub_key = lasso_get_public_key_from_pem_cert_file(file); break; case LASSO_PEM_FILE_TYPE_PUB_KEY: - pub_key = xmlSecCryptoAppKeyLoad(file, - xmlSecKeyDataFormatPem, NULL, NULL, NULL); + pub_key = xmlSecCryptoAppKeyLoadEx(file, + xmlSecKeyDataTypePublic, xmlSecKeyDataFormatPem, NULL, NULL, NULL); break; case LASSO_PEM_FILE_TYPE_PRIVATE_KEY: pub_key = lasso_get_public_key_from_private_key_file(file); @@ -377,8 +377,8 @@ static xmlSecKeyPtr lasso_get_public_key_from_private_key_file(const char *private_key_file) { - return xmlSecCryptoAppKeyLoad(private_key_file, - xmlSecKeyDataFormatPem, NULL, NULL, NULL); + return xmlSecCryptoAppKeyLoadEx(private_key_file, + xmlSecKeyDataTypePublic, xmlSecKeyDataFormatPem, NULL, NULL, NULL); } /** @@ -614,7 +614,7 @@ case LASSO_SIGNATURE_METHOD_HMAC_SHA256: case LASSO_SIGNATURE_METHOD_HMAC_SHA384: case LASSO_SIGNATURE_METHOD_HMAC_SHA512: - evp_md_ctx = EVP_MD_CTX_create(); + evp_md_ctx = EVP_MD_CTX_new(); if (EVP_DigestSignInit(evp_md_ctx, NULL, md, NULL, pkey) <= 0) { message(G_LOG_LEVEL_CRITICAL, "EVP_DigestSignInit failed"); goto done; @@ -675,7 +675,7 @@ lasso_release_xml_string(b64_sigret); lasso_release_xml_string(e_b64_sigret); if (evp_md_ctx) { - EVP_MD_CTX_destroy(evp_md_ctx); + EVP_MD_CTX_free(evp_md_ctx); evp_md_ctx = NULL; } if (hmac_pkey) { @@ -792,7 +792,7 @@ lasso_base64_decode(b64_signature, &signature, (int*)&signature_len), LASSO_DS_ERROR_INVALID_SIGNATURE); /* verify signature */ - evp_md_ctx = EVP_MD_CTX_create(); + evp_md_ctx = EVP_MD_CTX_new(); switch (method) { case LASSO_SIGNATURE_METHOD_RSA_SHA1: @@ -878,7 +878,7 @@ lasso_release_string(digest); lasso_release_string(new_signature); if (evp_md_ctx) { - EVP_MD_CTX_destroy(evp_md_ctx); + EVP_MD_CTX_free(evp_md_ctx); evp_md_ctx = NULL; } if (hmac_pkey) {