xmlsec1: upgrade 1.3.7 -> 1.3.9

Refreshed patches and updated ptest.

Changelog:
https://github.com/lsh123/xmlsec/releases/tag/1.3.8
https://github.com/lsh123/xmlsec/releases/tag/1.3.9

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>

meta-oe/recipes-support/xmlsec1/xmlsec1/0001-force-to-use-our-own-libtool.patch

@@ -1,4 +1,4 @@
-From 1b9701faf22f5a17a81a2a2732794d9627499fcb Mon Sep 17 00:00:00 2001
+From 37efc0ca231363aa9161c036ba12cc2b33f51a24 Mon Sep 17 00:00:00 2001
 From: Yulong Pei <Yulong.pei@windriver.com>
 Date: Thu, 21 Jan 2010 14:11:20 +0800
 Subject: [PATCH] force to use our own libtool
@@ -6,16 +6,15 @@ Subject: [PATCH] force to use our own libtool
 Upstream-Status: Inappropriate [ OE specific ]
 
 Signed-off-by: Yulong Pei <Yulong.pei@windriver.com>
-
 ---
  ltmain.sh | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/ltmain.sh b/ltmain.sh
-index 1dea62a..bfb9784 100755
+index 7271130e..4e0925a6 100755
 --- a/ltmain.sh
 +++ b/ltmain.sh
-@@ -7225,7 +7225,7 @@ func_mode_link ()
+@@ -7377,7 +7377,7 @@ func_mode_link ()
  	dir=$func_resolve_sysroot_result
  	# We need an absolute path.
  	case $dir in

meta-oe/recipes-support/xmlsec1/xmlsec1/0002-change-finding-path-of-nss-and-nspr.patch

@@ -1,4 +1,4 @@
-From b43fa6bf612ee59db57573b39e357b6ca96d48b6 Mon Sep 17 00:00:00 2001
+From 75d7dc918771483a6c4354ee77bc14c2ff83f467 Mon Sep 17 00:00:00 2001
 From: Yulong Pei <Yulong.pei@windriver.com>
 Date: Wed, 21 Jul 2010 22:33:43 +0800
 Subject: [PATCH] change finding path of nss and nspr
@@ -13,10 +13,10 @@ Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/configure.ac b/configure.ac
-index 8add879..7f137c0 100644
+index b31b8bb6..b59acc86 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -933,7 +933,7 @@ NSS_PACKAGE=mozilla-nss
+@@ -965,7 +965,7 @@ NSS_PACKAGE=mozilla-nss
  NSPR_INCLUDE_MARKER="nspr/nspr.h"
  NSPR_LIB_MARKER="libnspr4$shrext"
  NSPR_LIBS_LIST="-lnspr4 -lplds4 -lplc4"

meta-oe/recipes-support/xmlsec1/xmlsec1/0003-xmlsec1-add-new-recipe.patch

@@ -1,4 +1,4 @@
-From 83a1381e1d6bd1b5ec3df6f7c4bc1f4fe4f860b6 Mon Sep 17 00:00:00 2001
+From 2e66dbeeec7d75ed86c87b83b3ac300257363c04 Mon Sep 17 00:00:00 2001
 From: Jackie Huang <jackie.huang@windriver.com>
 Date: Thu, 15 Jun 2017 14:44:01 +0800
 Subject: [PATCH] xmlsec1: add new recipe
@@ -14,7 +14,7 @@ Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
  1 file changed, 10 insertions(+), 2 deletions(-)
 
 diff --git a/examples/Makefile b/examples/Makefile
-index 0b352bc..de3c217 100644
+index c6a25f09..3da1cb33 100644
 --- a/examples/Makefile
 +++ b/examples/Makefile
 @@ -12,9 +12,17 @@ PROGRAMS = \
@@ -37,6 +37,3 @@ index 0b352bc..de3c217 100644
  
  all: $(PROGRAMS)
  
--- 
-2.43.0
-

meta-oe/recipes-support/xmlsec1/xmlsec1/0004-examples-allow-build-in-separate-dir.patch

@@ -1,4 +1,4 @@
-From 0c38c6864e7ba8f53a657d87894f24374a6a4932 Mon Sep 17 00:00:00 2001
+From fab6503dca2046d32fa186c33c566c58110334a5 Mon Sep 17 00:00:00 2001
 From: Jackie Huang <jackie.huang@windriver.com>
 Date: Tue, 30 Dec 2014 11:18:17 +0800
 Subject: [PATCH] examples: allow build in separate dir
@@ -11,7 +11,7 @@ Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
  1 file changed, 4 insertions(+), 2 deletions(-)
 
 diff --git a/examples/Makefile b/examples/Makefile
-index de3c217..2e0ab6e 100644
+index 3da1cb33..ff44cb7b 100644
 --- a/examples/Makefile
 +++ b/examples/Makefile
 @@ -16,8 +16,10 @@ ifndef CC
@@ -27,6 +27,3 @@ index de3c217..2e0ab6e 100644
  
  DESTDIR = /usr/share/xmlsec1
  install-ptest:
--- 
-2.43.0
-

meta-oe/recipes-support/xmlsec1/xmlsec1/0005-nss-nspr-fix-for-multilib.patch

@@ -1,4 +1,4 @@
-From 1d7c01467e6f510b5636c73757f302a4bd277a3c Mon Sep 17 00:00:00 2001
+From 9f1e319a5f7dcbe611d1f41a551f644c293ac3f0 Mon Sep 17 00:00:00 2001
 From: Chen Qi <Qi.Chen@windriver.com>
 Date: Tue, 4 Feb 2020 23:39:49 -0800
 Subject: [PATCH] nss/nspr: fix for multilib
@@ -11,10 +11,10 @@ Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
  1 file changed, 8 insertions(+), 8 deletions(-)
 
 diff --git a/configure.ac b/configure.ac
-index 40e9c0d..8f42d4d 100644
+index b59acc86..b8b0542d 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -966,24 +966,24 @@ fi
+@@ -990,24 +990,24 @@ fi
  dnl Priority 1: User specifies the path to installation
  if test "z$NSPR_FOUND" = "zno" -a "z$with_nspr" != "z" -a "z$with_nspr" != "zyes" ; then
      AC_MSG_CHECKING(for nspr library installation in "$with_nspr" folder)
@@ -47,6 +47,3 @@ index 40e9c0d..8f42d4d 100644
      fi
  fi
  
--- 
-2.43.0
-

meta-oe/recipes-support/xmlsec1/xmlsec1/0006-xmlsec1-Fix-configure-QA-error-caused-by-host-lookup.patch

@@ -1,4 +1,4 @@
-From c16d384fb64cf53351e150fb9e9b99cc6ba970b2 Mon Sep 17 00:00:00 2001
+From 67642a6bbf7261626f41b84cccf9b55b93c4cbc9 Mon Sep 17 00:00:00 2001
 From: Anatol Belski <anbelski@linux.microsoft.com>
 Date: Thu, 14 Jan 2021 17:36:23 +0000
 Subject: [PATCH] xmlsec1: Fix configure QA error caused by host lookup path
@@ -9,16 +9,15 @@ It will eventually arise after the configure QA as the configure script should o
 
 Upstream-Status: Inappropriate [embedded specific]
 Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
-
 ---
  configure.ac | 4 ++--
  1 file changed, 2 insertions(+), 2 deletions(-)
 
 diff --git a/configure.ac b/configure.ac
-index 3d23683..baf27b7 100644
+index b8b0542d..795355af 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -286,8 +286,8 @@ fi
+@@ -306,8 +306,8 @@ fi
  dnl ==========================================================================
  dnl Common installation locations
  dnl ==========================================================================

meta-oe/recipes-support/xmlsec1/xmlsec1/run-ptest

@@ -8,78 +8,130 @@ check_return() {
     fi
 }
 
-echo "---------------------------------------------------"
+echo "-----------------------------------------------------------------------------------------------"
 echo "Signing a template file..."
 ./sign1 sign1-tmpl.xml rsakey.pem > sign1-res.xml
-./verify1 sign1-res.xml rsapub.pem
 check_return sign-tmpl
 
-echo "---------------------------------------------------"
+echo "-----------------------------------------------------------------------------------------------"
+echo "Signing a template file with xmlsec1..."
+xmlsec1 sign --privkey:rsakey.pem rsakey.pem --output sign1-res-xmlsec1.xml sign1-tmpl.xml
+check_return sign-tmpl-xmlsec1
+
+echo "-----------------------------------------------------------------------------------------------"
 echo "Signing a dynamicaly created template..."
 ./sign2 sign2-doc.xml rsakey.pem > sign2-res.xml
-./verify1 sign2-res.xml rsapub.pem
 check_return sign-dynamic-templ
 
-echo "---------------------------------------------------"
-echo "Signing with X509 certificate..."
+echo "-----------------------------------------------------------------------------------------------"
+echo "Signing a file with a dynamicaly created template and an X509 certificate..."
 ./sign3 sign3-doc.xml rsakey.pem rsacert.pem > sign3-res.xml
-./verify3 sign3-res.xml ca2cert.pem cacert.pem
-check_return sign-x509
+check_return sign-dynamic-templ-x509
 
-echo "---------------------------------------------------"
+echo "-----------------------------------------------------------------------------------------------"
+echo "Signing a node in a file with a dynamicaly created template and an X509 certificate..."
+./sign4 sign4-doc.xml "data" rsakey.pem rsacert.pem > sign4-res.xml
+check_return sign-file-node-dynamic-templ-x509
+
+echo "-----------------------------------------------------------------------------------------------"
 echo "Verifying a signature with a single key..."
 ./verify1 sign1-res.xml rsapub.pem
+check_return verify-single-key-1
 ./verify1 sign2-res.xml rsapub.pem
-check_return verify-single-key
+check_return verify-single-key-2
 
-echo "---------------------------------------------------"
+echo "-----------------------------------------------------------------------------------------------"
 echo "Verifying a signature with keys manager..."
 ./verify2 sign1-res.xml rsakey.pem
+check_return verify-keys-1-manager
 ./verify2 sign2-res.xml rsakey.pem
-check_return verify-keys-manager
+check_return verify-keys-2-manager
 
-echo "---------------------------------------------------"
+echo "-----------------------------------------------------------------------------------------------"
+echo "Verifying a signature with xmlsec1..."
+xmlsec1 verify --pubkey:rsakey.pem rsapub.pem sign1-res-xmlsec1.xml
+check_return verify-keys-1-xmlsec1
+xmlsec1 verify --pubkey:rsakey.pem rsapub.pem sign2-res.xml
+check_return verify-keys-2-xmlsec1
+
+echo "-----------------------------------------------------------------------------------------------"
 echo "Verifying a signature with X509 certificates..."
 ./verify3 sign3-res.xml ca2cert.pem cacert.pem
 check_return verify-x509
 
-echo "---------------------------------------------------"
-echo "Verifying a signature with additional restrictions..."
-./verify4 verify4-res.xml ca2cert.pem cacert.pem
-check_return verify-res
+echo "-----------------------------------------------------------------------------------------------"
+echo "Verifying a signature using X509 certificates with xmlsec1..."
+xmlsec1 verify --untrusted ca2cert.pem --trusted cacert.pem sign3-res.xml
+check_return verify-x509-xmlsec1
 
-echo "---------------------------------------------------"
+echo "-----------------------------------------------------------------------------------------------"
+echo "Verifying a signature over a node using X509 certificate..."
+./verify4 sign4-res.xml "data" ca2cert.pem cacert.pem
+check_return verify-node-x509
+
+echo "-----------------------------------------------------------------------------------------------"
+echo "Verifying a signature over a node using X509 certificate with xmlsec1..."
+xmlsec1 verify --add-id-attr ID --untrusted ca2cert.pem --trusted cacert.pem sign4-res.xml
+check_return verify-node-x509-xmlsec1
+
+echo "-----------------------------------------------------------------------------------------------"
+echo "Verifying a simple SAML response using X509 certificate..."
+./verify-saml verify-saml-res.xml ca2cert.pem cacert.pem
+check_return verify-sampl-x509
+
+echo "-----------------------------------------------------------------------------------------------"
+echo "Verifying a simple SAML response using X509 certificate with xmlsec1..."
+xmlsec1 verify --trusted ca2cert.pem --trusted cacert.pem verify-saml-res.xml
+check_return verify-sampl-x509-xmlsec1
+
+echo "-----------------------------------------------------------------------------------------------"
 echo "Encrypting data with a template file..."
 ./encrypt1 encrypt1-tmpl.xml deskey.bin > encrypt1-res.xml
-./decrypt1 encrypt1-res.xml deskey.bin
 check_return encrypt-tmpl
 
-echo "---------------------------------------------------"
+echo "-----------------------------------------------------------------------------------------------"
+echo "Encrypting data with a template file with xmlsec1..."
+xmlsec1 encrypt --deskey:deskey.bin deskey.bin  --binary-data binary.dat --output encrypt1-res-xmlsec1.xml encrypt1-tmpl.xml
+check_return encrypt-tmpl-xmlsec1
+
+echo "-----------------------------------------------------------------------------------------------"
 echo "Encrypting data with a dynamicaly created template..."
 ./encrypt2 encrypt2-doc.xml deskey.bin > encrypt2-res.xml
-./decrypt1 encrypt2-res.xml deskey.bin
 check_return encrypt-dynamic-tmpl
 
-echo "---------------------------------------------------"
+echo "-----------------------------------------------------------------------------------------------"
 echo "Encrypting data with a session key..."
 ./encrypt3 encrypt3-doc.xml rsakey.pem > encrypt3-res.xml
-./decrypt3 encrypt3-res.xml
 check_return encrypt-session-key
 
-echo "---------------------------------------------------"
+echo "-----------------------------------------------------------------------------------------------"
 echo "Decrypting data with a single key..."
 ./decrypt1 encrypt1-res.xml deskey.bin
+check_return decrypt-single-key-1
 ./decrypt1 encrypt2-res.xml deskey.bin
-check_return encrypt-single-key
+check_return decrypt-single-key-2
 
-echo "---------------------------------------------------"
+echo "-----------------------------------------------------------------------------------------------"
 echo "Decrypting data with keys manager..."
 ./decrypt2 encrypt1-res.xml deskey.bin
+check_return decrypt-keys-1-manager
 ./decrypt2 encrypt2-res.xml deskey.bin
-check_return encrypt-keys-manager
+check_return decrypt-keys-2-manager
 
-echo "---------------------------------------------------"
-echo "Writing a custom keys manager..."
+echo "-----------------------------------------------------------------------------------------------"
+echo "Decrypting data with xmlsec1..."
+xmlsec1 decrypt --deskey:deskey.bin deskey.bin encrypt1-res-xmlsec1.xml
+check_return decrypt-key-1-xmlsec1
+xmlsec1 decrypt --deskey:deskey.bin deskey.bin encrypt2-res.xml
+check_return decrypt-key-2-xmlsec1
+xmlsec1 decrypt --privkey:rsakey.pem rsakey.pem encrypt3-res.xml
+check_return decrypt-key-3-xmlsec1
+
+echo "-----------------------------------------------------------------------------------------------"
+echo "Decrypting using custom keys manager..."
 ./decrypt3 encrypt1-res.xml
+check_return decrypt-keys-1-manager
 ./decrypt3 encrypt2-res.xml
-check_return write-keys-manager
+check_return decrypt-keys-2-manager
+./decrypt3 encrypt3-res.xml
+check_return decrypt-keys-3-manager

meta-oe/recipes-support/xmlsec1/xmlsec1_1.3.9.bb

@@ -13,16 +13,17 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=352791d62092ea8104f085042de7f4d0"
 SECTION = "libs"
 
 SRC_URI = "https://github.com/lsh123/xmlsec/releases/download/${PV}/${BP}.tar.gz \
-           file://fix-ltmain.sh.patch \
-           file://change-finding-path-of-nss.patch \
-           file://makefile-ptest.patch \
-           file://xmlsec1-examples-allow-build-in-separate-dir.patch \
-           file://0001-nss-nspr-fix-for-multilib.patch \
+           file://0001-force-to-use-our-own-libtool.patch \
+           file://0002-change-finding-path-of-nss-and-nspr.patch \
+           file://0003-xmlsec1-add-new-recipe.patch \
+           file://0004-examples-allow-build-in-separate-dir.patch \
+           file://0005-nss-nspr-fix-for-multilib.patch \
+           file://0006-xmlsec1-Fix-configure-QA-error-caused-by-host-lookup.patch \
+           file://0007-xmlsec-examples-Fix-LibXML2-deprecation-warnings-and.patch \
            file://run-ptest \
-           file://ensure-search-path-non-host.patch \
            "
 
-SRC_URI[sha256sum] = "d82e93b69b8aa205a616b62917a269322bf63a3eaafb3775014e61752b2013ea"
+SRC_URI[sha256sum] = "a631c8cd7a6b86e6adb9f5b935d45a9cf9768b3cb090d461e8eb9d043cf9b62f"
 
 UPSTREAM_CHECK_URI = "https://github.com/lsh123/xmlsec/releases"
 UPSTREAM_CHECK_REGEX = "releases/tag/(?P<pver>\d+(\.\d+)+)"