tdf#159519 libxmlsec: avoid linking function not existent in Windows 7
xsec_xmlsec.dll is linked to libxmlsec-mscng.dll, which is
linked to Win32 bcrypt.dll, which doesn't have BCryptKeyDerivation on
Windows 7.
Use GetProcAddress() to retrieve BCryptKeyDerivation at runtime; the
function is not used by LibreOffice.
(regression from commit 26bf26272bf525b59b4a4ce18b3ce14c1febfd7b
and (due to revert) commit bfd479abf0d1d8ce36c3b0dcc6c824216f88a95b)
Change-Id: I0c0c94ee0cdfd48ae7506d9dfb51fcaf8289d460
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/163709
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 0690f3b7b981417a7b1f2fffd87c593a2a2a15d5)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/163740
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
diff --git a/external/xmlsec/BCryptKeyDerivation.patch.1 b/external/xmlsec/BCryptKeyDerivation.patch.1
new file mode 100644
index 0000000..3747915
--- /dev/null
+++ b/external/xmlsec/BCryptKeyDerivation.patch.1
@@ -0,0 +1,51 @@
tdf#159519 Windows 7 does not have BCryptKeyDerivation
It just occurred to me that these functions would of course not be called
by LibreOffice so this is untested.
--- xmlsec/src/mscng/pbkdf2.c.orig 2024-02-21 19:02:56.539534152 +0100
+++ xmlsec/src/mscng/pbkdf2.c 2024-02-21 19:01:03.282270354 +0100
@@ -318,7 +318,20 @@
}
/* generate the output key */
+#if 1 // _WIN32_WINNT <= 0x0601
+ typedef NTSTATUS (WINAPI * BCryptKeyDerivationPtr)(
+ BCRYPT_KEY_HANDLE, BCryptBufferDesc *, PUCHAR, ULONG, ULONG *, ULONG);
+ HMODULE hBCrypt = GetModuleHandle("bcrypt.dll");
+ BCryptKeyDerivationPtr pBCryptKeyDerivation =
+ (BCryptKeyDerivationPtr) GetProcAddress(hBCrypt, "BCryptKeyDerivation");
+ if(NULL == pBCryptKeyDerivation) {
+ xmlSecMSCngNtError("BCryptKeyDerivation", NULL, status);
+ goto done;
+ }
+ status = (*pBCryptKeyDerivation)(
+#else
status = BCryptKeyDerivation(
+#endif
hKey,
¶msPBKDF2,
pbOut,
--- xmlsec/src/mscng/concatkdf.c.orig 2024-02-21 19:02:37.962490885 +0100
+++ xmlsec/src/mscng/concatkdf.c 2024-02-21 19:01:37.961351134 +0100
@@ -318,7 +318,20 @@
}
/* generate the output key */
+#if 1 // _WIN32_WINNT <= 0x0601
+ typedef NTSTATUS (WINAPI * BCryptKeyDerivationPtr)(
+ BCRYPT_KEY_HANDLE, BCryptBufferDesc *, PUCHAR, ULONG, ULONG *, ULONG);
+ HMODULE hBCrypt = GetModuleHandle("bcrypt.dll");
+ BCryptKeyDerivationPtr pBCryptKeyDerivation =
+ (BCryptKeyDerivationPtr) GetProcAddress(hBCrypt, "BCryptKeyDerivation");
+ if(NULL == pBCryptKeyDerivation) {
+ xmlSecMSCngNtError("BCryptKeyDerivation", NULL, status);
+ goto done;
+ }
+ status = (*pBCryptKeyDerivation)(
+#else
status = BCryptKeyDerivation(
+#endif
hKey,
¶msCONCATKDF2,
pbOut,
diff --git a/external/xmlsec/UnpackedTarball_xmlsec.mk b/external/xmlsec/UnpackedTarball_xmlsec.mk
index 77d3386..906aece 100644
--- a/external/xmlsec/UnpackedTarball_xmlsec.mk
+++ b/external/xmlsec/UnpackedTarball_xmlsec.mk
@@ -10,6 +10,8 @@
xmlsec_patches :=
# Remove this when Ubuntu 20.04 is EOL in 2025.
xmlsec_patches += old-nss.patch.1
# Remove this when Windows 7 is no longer supported
xmlsec_patches += BCryptKeyDerivation.patch.1
$(eval $(call gb_UnpackedTarball_UnpackedTarball,xmlsec))
