diff options
| -rw-r--r-- | lasso/saml-2.0/login.c | 7 | ||||
| -rw-r--r-- | lasso/xml/tools.c | 7 |
2 files changed, 10 insertions, 4 deletions
diff --git a/lasso/saml-2.0/login.c b/lasso/saml-2.0/login.c index 864750cb..acc9125a 100644 --- a/lasso/saml-2.0/login.c +++ b/lasso/saml-2.0/login.c @@ -1193,8 +1193,11 @@ _lasso_saml20_login_decrypt_assertion(LassoLogin *login, LassoSamlp2Response *sa break; } lasso_foreach_full_end(); - - if (rc1) { + if (rc1 == LASSO_DS_ERROR_DECRYPTION_FAILED) { + message(G_LOG_LEVEL_WARNING, "Could not decrypt the EncryptedKey"); + at_least_one_decryption_failture |= TRUE; + continue; + } else if (rc1) { message(G_LOG_LEVEL_WARNING, "Could not decrypt an assertion: %s", lasso_strerror(rc1)); at_least_one_decryption_failture |= TRUE; continue; diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c index 0eeb8d2f..b4afba91 100644 --- a/lasso/xml/tools.c +++ b/lasso/xml/tools.c @@ -1574,7 +1574,7 @@ lasso_node_decrypt_xmlnode(xmlNode* encrypted_element, xmlChar *algorithm = NULL; xmlSecKeyDataId key_type; GList *i = NULL; - int rc = LASSO_DS_ERROR_DECRYPTION_FAILED; + int rc = LASSO_XMLENC_ERROR_INVALID_ENCRYPTED_DATA; if (encryption_private_key == NULL || !xmlSecKeyIsValid(encryption_private_key)) { message(G_LOG_LEVEL_WARNING, "Invalid decryption key"); @@ -1582,6 +1582,8 @@ lasso_node_decrypt_xmlnode(xmlNode* encrypted_element, goto cleanup; } + xmlSetGenericErrorFunc(NULL, lasso_xml_generic_error_func); + /* Need to duplicate it because xmlSecEncCtxDestroy(encCtx); will destroy it */ encryption_private_key = xmlSecKeyDuplicate(encryption_private_key); @@ -1655,8 +1657,8 @@ lasso_node_decrypt_xmlnode(xmlNode* encrypted_element, if (key_buffer != NULL) { sym_key = xmlSecKeyReadBuffer(key_type, key_buffer); } + rc = LASSO_DS_ERROR_ENCRYPTION_FAILED; if (sym_key == NULL) { - message(G_LOG_LEVEL_WARNING, "EncryptedKey decryption failed"); goto cleanup; } @@ -1673,6 +1675,7 @@ lasso_node_decrypt_xmlnode(xmlNode* encrypted_element, /* decrypt the EncryptedData */ if ((xmlSecEncCtxDecrypt(encCtx, encrypted_data_node) < 0) || (encCtx->result == NULL)) { + rc = LASSO_XMLENC_ERROR_INVALID_ENCRYPTED_DATA; message(G_LOG_LEVEL_WARNING, "EncryptedData decryption failed"); goto cleanup; } |