[openssl-users] Problem compiling EVP_aes_128_gcm()
Matt Caswell
matt at openssl.org
Wed May 3 15:13:49 UTC 2017
On 03/05/17 16:10, Lior Koskas wrote:
> I checked the evp.h file in the path /usr/local/include and indeed it's
> not contain any gcm functions.
> I installed openssl via yum install openssl-devel in the past.
So, how did you install OpenSSL this time?
Matt
>
> On 3 May 2017 at 17:32, Matt Caswell <matt at openssl.org
> <mailto:matt at openssl.org>> wrote:
>
>
>
> On 03/05/17 15:19, Lior Koskas wrote:
> > Thank you for your answer.
> >
> > I made all the changes and the code isn't compiling.
> >
> > I'm using cmake in order to build the code.
> >
> > my CMakeLists.txt contains this line in order to include openssl headers:
> >
> > INCLUDE_DIRECTORIES(/usr/include/openssl/ /usr/local/include/openssl/)
>
> Where did you install OpenSSL? By default OpenSSL 1.1.0 will install to
> /usr/local, and the headers will be in /usr/local/include. The final
> "openssl" directory name in the path to the individual header files
> should not be included in the include directory path.
>
> My guess is that you are picking up the system openssl headers rather
> than the ones from your 1.1.0 installation.
>
> Most likely this needs to be:
>
> INCLUDE_DIRECTORIES(/usr/local/include)
>
> But it does depend on options that you gave to config when you compiled
> OpenSSL (also I don't use cmake so I could be wrong).
>
>
> >
> > The constructor of my code is :
> >
> > HashEncrypt::HashEncrypt(const unsigned char *key, const unsigned char
> > *iv, size_t ivSizeBytes)
> > {
> > // copy the 128-bit key
> > memcpy(_key, key, 16);
> >
> > //copy the iv:
> > EVP_CIPHER_CTX *_ctx;
> > _iv = new unsigned char[ivSizeBytes];
> > memcpy(_iv, iv, ivSizeBytes);
> >
> > //EVP_CIPHER_CTX_init(&_ctx);
> > _ctx = EVP_CIPHER_CTX_new();
> >
> > EVP_EncryptInit_ex(_ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);
> >
> > EVP_CIPHER_CTX_ctrl(_ctx, EVP_CTRL_GCM_SET_IVLEN, ivSizeBytes, NULL);
> >
> > EVP_EncryptInit_ex(_ctx, NULL, NULL, _key, _iv);
>
> You need a call to EVP_CIPHER_CTX_free(_ctx) at the end too...plus check
> the return values from these function calls for errors.
>
> Matt
>
> >
> > }
> >
> > What I'm missing?
> >
> >
> >
> >
> > On 3 May 2017 at 12:57, Matt Caswell <matt at openssl.org <mailto:matt at openssl.org>
> > <mailto:matt at openssl.org <mailto:matt at openssl.org>>> wrote:
> >
> >
> >
> > On 03/05/17 10:33, Lior Koskas wrote:
> > > I viewed the file and the definition exists.
> > > I also checked that I'm picking the correct version.
> > >
> > > My problem is this line : EVP_EncryptInit_ex(&_ctx,
> EVP_aes_128_gcm(),
> > > NULL, NULL, NULL);
> > >
> > > I also tried to change the code to this two lines :
> > > EVP_CIPHER *EVP evp_gcm = EVP_aes_128_gcm();
> >
> > You have one too many "EVP"'s in there. It should be:
> >
> > const EVP_CIPHER *evp_gcm = EVP_aes_128_gcm();
> >
> > Although, that really shouldn't be necessary and your original
> version
> > looks ok. What doesn't look quite right is the "&_ctx" bit. In
> 1.1.0 an
> > EVP_CIPHER_CTX is an opaque type. You cannot allocate concrete
> instances
> > of it directly.
> >
> > Where previously you might have had:
> >
> > EVP_CIPHER_CTX _ctx;
> >
> > EVP_CIPHER_CTX_init(&_ctx);
> > EVP_EncryptInit_ex(&_ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);
> >
> >
> > You now need to do:
> >
> > EVP_CIPHER_CTX *_ctx;
> >
> > _ctx = EVP_CIPHER_CTX_new();
> > EVP_EncryptInit_ex(_ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);
> >
> > ...
> > EVP_CIPHER_CTX_free(_ctx);
> >
> >
> > I have omitted error checking code for brevity.
> >
> > Matt
> >
> >
> > > EVP_EncryptInit_ex(&_ctx, evp_gcm, NULL, NULL, NULL);
> > >
> > > After the change I got this error : expected initializer
> before ‘evp_gcm’
> > >
> > > What am I doing wrong?
> > >
> > > On 3 May 2017 at 12:07, Matt Caswell <matt at openssl.org
> <mailto:matt at openssl.org> <mailto:matt at openssl.org
> <mailto:matt at openssl.org>>
> > > <mailto:matt at openssl.org <mailto:matt at openssl.org>
> <mailto:matt at openssl.org <mailto:matt at openssl.org>>>> wrote:
> > >
> > >
> > >
> > > On 03/05/17 09:43, Lior Koskas wrote:
> > > > Hi,
> > > >
> > > > I'm using EVP_aes_128_gcm and have problem with
> compiling it
> > with
> > > > OpenSSL 1.1.0 (earlier versions are compiling).
> > > > Although I included <openssl/evp.h> I got this error :
> error:
> > > > ‘EVP_aes_128_gcm’ was not declared in this scope.
> > > >
> > > > I'm using CentOS 7.3.
> > > >
> > > > Which file I need to include in order to compile
> > EVP_aes_128_gcm ?
> > >
> > > It's still declared in evp.h:
> > >
> > > const EVP_CIPHER *EVP_aes_128_gcm(void);
> > >
> > > Perhaps you are not picking up the version of evp.h that
> you think
> > > you are?
> > >
> > > Matt
> > >
> > > --
> > > openssl-users mailing list
> > > To unsubscribe:
> > > https://mta.openssl.org/mailman/listinfo/openssl-users
> <https://mta.openssl.org/mailman/listinfo/openssl-users>
> > <https://mta.openssl.org/mailman/listinfo/openssl-users
> <https://mta.openssl.org/mailman/listinfo/openssl-users>>
> > > <https://mta.openssl.org/mailman/listinfo/openssl-users
> <https://mta.openssl.org/mailman/listinfo/openssl-users>
> > <https://mta.openssl.org/mailman/listinfo/openssl-users
> <https://mta.openssl.org/mailman/listinfo/openssl-users>>>
> > >
> > >
> > >
> > >
> > > --
> > > Lior Koskas
> > > Software Engineer
> > >
> > >
> > --
> > openssl-users mailing list
> > To unsubscribe:
> > https://mta.openssl.org/mailman/listinfo/openssl-users
> <https://mta.openssl.org/mailman/listinfo/openssl-users>
> > <https://mta.openssl.org/mailman/listinfo/openssl-users
> <https://mta.openssl.org/mailman/listinfo/openssl-users>>
> >
> >
> >
> >
> > --
> > Lior Koskas
> > Software Engineer
> >
> >
> --
> openssl-users mailing list
> To unsubscribe:
> https://mta.openssl.org/mailman/listinfo/openssl-users
> <https://mta.openssl.org/mailman/listinfo/openssl-users>
>
>
>
>
> --
> Lior Koskas
> Software Engineer
>
>
More information about the openssl-users
mailing list