core.git: external/xmlsec

Thu, 22 Feb 2024 03:41:44 -0800 

 external/xmlsec/BCryptKeyDerivation.patch.1 |   51 ++++++++++++++++++++++++++++
 external/xmlsec/UnpackedTarball_xmlsec.mk   |    2 +
 2 files changed, 53 insertions(+)

New commits:
commit 0690f3b7b981417a7b1f2fffd87c593a2a2a15d5
Author:     Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Feb 21 19:14:27 2024 +0100
Commit:     Michael Stahl <michael.st...@allotropia.de>
CommitDate: Thu Feb 22 12:41:19 2024 +0100

    tdf#159519 libxmlsec: avoid linking function not existent in Windows 7
    
    xsec_xmlsec.dll is linked to libxmlsec-mscng.dll, which is
    linked to Win32 bcrypt.dll, which doesn't have BCryptKeyDerivation on
    Windows 7.
    
    Use GetProcAddress() to retrieve BCryptKeyDerivation at runtime; the
    function is not used by LibreOffice.
    
    (regression from commit 26bf26272bf525b59b4a4ce18b3ce14c1febfd7b
     and (due to revert) commit bfd479abf0d1d8ce36c3b0dcc6c824216f88a95b)
    
    Change-Id: I0c0c94ee0cdfd48ae7506d9dfb51fcaf8289d460
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/163709
    Tested-by: Jenkins
    Reviewed-by: Michael Stahl <michael.st...@allotropia.de>

diff --git a/external/xmlsec/BCryptKeyDerivation.patch.1 
b/external/xmlsec/BCryptKeyDerivation.patch.1
new file mode 100644
index 000000000000..3747915f87d2
--- /dev/null
+++ b/external/xmlsec/BCryptKeyDerivation.patch.1
@@ -0,0 +1,51 @@
+tdf#159519 Windows 7 does not have BCryptKeyDerivation
+
+It just occurred to me that these functions would of course not be called
+by LibreOffice so this is untested.
+
+--- xmlsec/src/mscng/pbkdf2.c.orig     2024-02-21 19:02:56.539534152 +0100
++++ xmlsec/src/mscng/pbkdf2.c  2024-02-21 19:01:03.282270354 +0100
+@@ -318,7 +318,20 @@
+     }
+ 
+     /* generate the output key */
++#if 1 // _WIN32_WINNT <= 0x0601
++    typedef NTSTATUS (WINAPI * BCryptKeyDerivationPtr)(
++        BCRYPT_KEY_HANDLE, BCryptBufferDesc *, PUCHAR, ULONG, ULONG *, ULONG);
++    HMODULE hBCrypt = GetModuleHandle("bcrypt.dll");
++    BCryptKeyDerivationPtr pBCryptKeyDerivation =
++        (BCryptKeyDerivationPtr) GetProcAddress(hBCrypt, 
"BCryptKeyDerivation");
++    if(NULL == pBCryptKeyDerivation) {
++        xmlSecMSCngNtError("BCryptKeyDerivation", NULL, status);
++        goto done;
++    }
++    status = (*pBCryptKeyDerivation)(
++#else
+     status = BCryptKeyDerivation(
++#endif
+         hKey,
+         &paramsPBKDF2,
+         pbOut,
+--- xmlsec/src/mscng/concatkdf.c.orig  2024-02-21 19:02:37.962490885 +0100
++++ xmlsec/src/mscng/concatkdf.c       2024-02-21 19:01:37.961351134 +0100
+@@ -318,7 +318,20 @@
+     }
+ 
+     /* generate the output key */
++#if 1 // _WIN32_WINNT <= 0x0601
++    typedef NTSTATUS (WINAPI * BCryptKeyDerivationPtr)(
++        BCRYPT_KEY_HANDLE, BCryptBufferDesc *, PUCHAR, ULONG, ULONG *, ULONG);
++    HMODULE hBCrypt = GetModuleHandle("bcrypt.dll");
++    BCryptKeyDerivationPtr pBCryptKeyDerivation =
++        (BCryptKeyDerivationPtr) GetProcAddress(hBCrypt, 
"BCryptKeyDerivation");
++    if(NULL == pBCryptKeyDerivation) {
++        xmlSecMSCngNtError("BCryptKeyDerivation", NULL, status);
++        goto done;
++    }
++    status = (*pBCryptKeyDerivation)(
++#else
+     status = BCryptKeyDerivation(
++#endif
+         hKey,
+         &paramsCONCATKDF2,
+         pbOut,
diff --git a/external/xmlsec/UnpackedTarball_xmlsec.mk 
b/external/xmlsec/UnpackedTarball_xmlsec.mk
index 51d4f013bc0a..ad7b4b57c5f3 100644
--- a/external/xmlsec/UnpackedTarball_xmlsec.mk
+++ b/external/xmlsec/UnpackedTarball_xmlsec.mk
@@ -10,6 +10,8 @@
 xmlsec_patches :=
 # Remove this when Ubuntu 20.04 is EOL in 2025.
 xmlsec_patches += old-nss.patch.1
+# Remove this when Windows 7 is no longer supported
+xmlsec_patches += BCryptKeyDerivation.patch.1
 # Backport of https://github.com/lsh123/xmlsec/pull/754
 xmlsec_patches += xmlsec-nss-Ensure-NSS-algorithms-are-initialized-754.patch.1

Reply via email to