[openssl-users] Problem compiling EVP_aes_128_gcm()

Matt Caswell matt at openssl.org
Wed May 3 09:57:07 UTC 2017 


On 03/05/17 10:33, Lior Koskas wrote:
>  I viewed the file and the definition exists.
> I also checked that I'm picking the correct version.
> 
> My problem is this line : EVP_EncryptInit_ex(&_ctx, EVP_aes_128_gcm(),
> NULL, NULL, NULL);
> 
> I also tried to change the code to this two lines : 
> EVP_CIPHER *EVP evp_gcm = EVP_aes_128_gcm();

You have one too many "EVP"'s in there. It should be:

const EVP_CIPHER *evp_gcm = EVP_aes_128_gcm();

Although, that really shouldn't be necessary and your original version
looks ok. What doesn't look quite right is the "&_ctx" bit. In 1.1.0 an
EVP_CIPHER_CTX is an opaque type. You cannot allocate concrete instances
of it directly.

Where previously you might have had:

EVP_CIPHER_CTX _ctx;

EVP_CIPHER_CTX_init(&_ctx);
EVP_EncryptInit_ex(&_ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);


You now need to do:

EVP_CIPHER_CTX *_ctx;

_ctx = EVP_CIPHER_CTX_new();
EVP_EncryptInit_ex(_ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);

...
EVP_CIPHER_CTX_free(_ctx);


I have omitted error checking code for brevity.

Matt


> EVP_EncryptInit_ex(&_ctx, evp_gcm, NULL, NULL, NULL);
> 
> After the change I got this error : expected initializer before ‘evp_gcm’
> 
> What am I doing wrong?
> 
> On 3 May 2017 at 12:07, Matt Caswell <matt at openssl.org
> <mailto:matt at openssl.org>> wrote:
> 
> 
> 
>     On 03/05/17 09:43, Lior Koskas wrote:
>     > Hi,
>     >
>     > I'm using EVP_aes_128_gcm and have problem with compiling it with
>     > OpenSSL 1.1.0 (earlier versions are compiling).
>     > Although I included <openssl/evp.h> I got this error : error:
>     > ‘EVP_aes_128_gcm’ was not declared in this scope.
>     >
>     > I'm using CentOS 7.3.
>     >
>     > Which file I need to include in order to compile EVP_aes_128_gcm ?
> 
>     It's still declared in evp.h:
> 
>     const EVP_CIPHER *EVP_aes_128_gcm(void);
> 
>     Perhaps you are not picking up the version of evp.h that you think
>     you are?
> 
>     Matt
> 
>     --
>     openssl-users mailing list
>     To unsubscribe:
>     https://mta.openssl.org/mailman/listinfo/openssl-users
>     <https://mta.openssl.org/mailman/listinfo/openssl-users>
> 
> 
> 
> 
> -- 
> Lior           Koskas
> Software Engineer
> 
>

More information about the openssl-users mailing list