Windows build does not have AES128-GCM support?

[lietu]

I'm using python3-saml==1.9.0 which depends on xmlsec==1.3.9. The suomi.fi authentication portal recently updated from AES128-CBC to AES128-GCM support and the recently added Windows builds no longer function.

When trying to process the SAML assertion, I see the following kind of errors logged:

func=xmlSecTransformNodeRead:file=..\src\transforms.c:line=1307:obj=unknown:subj=xmlSecTransformIdListFindByHref:error=1:xmlsec library function failed:href=http://www.w3.org/2009/xmlenc11#aes128-gcm 
func=xmlSecTransformCtxNodeRead:file=..\src\transforms.c:line=588:obj=EncryptionMethod:subj=xmlSecTransformNodeRead:error=1:xmlsec library function failed:
func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=739:obj=EncryptionMethod:subj=xmlSecTransformCtxNodeRead:error=1:xmlsec library function failed:
func=xmlSecEncCtxDecryptToBuffer:file=..\src\xmlenc.c:line=592:obj=unknown:subj=xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed:
func=xmlSecEncCtxDecrypt:file=..\src\xmlenc.c:line=520:obj=unknown:subj=xmlSecEncCtxDecryptToBuffer:error=1:xmlsec library function failed:
# .. other internal stuff ..
xmlsec.InternalError: (-1, 'failed to decrypt')

This does not appear to be a problem if I install the dependencies from the same pyproject.toml with poetry inside a Linux environment (Alpine Linux Docker container).

[hoefling]

@lietu you're right - on Windows, the xmlsec1 library linked against is 1.2.24 that doesn't contain the AES-GCM support yet. Will look into it.