Re: Problem compiling EVP_aes_128_gcm()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In the same way. This is the first time I'm checking the code on my CentOS machine.

On 3 May 2017 at 18:13, Matt Caswell <matt@xxxxxxxxxxx> wrote:


On 03/05/17 16:10, Lior Koskas wrote:
> I checked the evp.h file in the path /usr/local/include and indeed it's
> not contain any gcm functions.
> I installed openssl via yum install openssl-devel in the past.

So, how did you install OpenSSL this time?

Matt


>
> On 3 May 2017 at 17:32, Matt Caswell <matt@xxxxxxxxxxx
> <mailto:matt@xxxxxxxxxxx>> wrote:
>
>
>
>     On 03/05/17 15:19, Lior Koskas wrote:
>     > Thank you for your answer.
>     >
>     > I made all the changes and the code isn't compiling.
>     >
>     > I'm using cmake in order to build the code.
>     >
>     > my CMakeLists.txt contains this line in order to include openssl headers:
>     >
>     > INCLUDE_DIRECTORIES(/usr/include/openssl/ /usr/local/include/openssl/)
>
>     Where did you install OpenSSL? By default OpenSSL 1.1.0 will install to
>     /usr/local, and the headers will be in /usr/local/include. The final
>     "openssl" directory name in the path to the individual header files
>     should not be included in the include directory path.
>
>     My guess is that you are picking up the system openssl headers rather
>     than the ones from your 1.1.0 installation.
>
>     Most likely this needs to be:
>
>     INCLUDE_DIRECTORIES(/usr/local/include)
>
>     But it does depend on options that you gave to config when you compiled
>     OpenSSL (also I don't use cmake so I could be wrong).
>
>
>     >
>     > The constructor of my code is :
>     >
>     > HashEncrypt::HashEncrypt(const unsigned char *key, const unsigned char
>     > *iv, size_t ivSizeBytes)
>     > {
>     >     // copy the 128-bit key
>     >     memcpy(_key, key, 16);
>     >
>     >     //copy the iv:
>     >     EVP_CIPHER_CTX *_ctx;
>     >     _iv = new unsigned char[ivSizeBytes];
>     >     memcpy(_iv, iv, ivSizeBytes);
>     >
>     >     //EVP_CIPHER_CTX_init(&_ctx);
>     >     _ctx = EVP_CIPHER_CTX_new();
>     >
>     >     EVP_EncryptInit_ex(_ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);
>     >
>     >     EVP_CIPHER_CTX_ctrl(_ctx, EVP_CTRL_GCM_SET_IVLEN, ivSizeBytes, NULL);
>     >
>     >     EVP_EncryptInit_ex(_ctx, NULL, NULL, _key, _iv);
>
>     You need a call to EVP_CIPHER_CTX_free(_ctx) at the end too...plus check
>     the return values from these function calls for errors.
>
>     Matt
>
>     >
>     > }
>     >
>     > What I'm missing?
>     >
>     >
>     >
>     >
>     > On 3 May 2017 at 12:57, Matt Caswell <matt@xxxxxxxxxxx <mailto:matt@xxxxxxxxxxx>
>     > <mailto:matt@xxxxxxxxxxx <mailto:matt@xxxxxxxxxxx>>> wrote:
>     >
>     >
>     >
>     >     On 03/05/17 10:33, Lior Koskas wrote:
>     >     >  I viewed the file and the definition exists.
>     >     > I also checked that I'm picking the correct version.
>     >     >
>     >     > My problem is this line : EVP_EncryptInit_ex(&_ctx,
>     EVP_aes_128_gcm(),
>     >     > NULL, NULL, NULL);
>     >     >
>     >     > I also tried to change the code to this two lines :
>     >     > EVP_CIPHER *EVP evp_gcm = EVP_aes_128_gcm();
>     >
>     >     You have one too many "EVP"'s in there. It should be:
>     >
>     >     const EVP_CIPHER *evp_gcm = EVP_aes_128_gcm();
>     >
>     >     Although, that really shouldn't be necessary and your original
>     version
>     >     looks ok. What doesn't look quite right is the "&_ctx" bit. In
>     1.1.0 an
>     >     EVP_CIPHER_CTX is an opaque type. You cannot allocate concrete
>     instances
>     >     of it directly.
>     >
>     >     Where previously you might have had:
>     >
>     >     EVP_CIPHER_CTX _ctx;
>     >
>     >     EVP_CIPHER_CTX_init(&_ctx);
>     >     EVP_EncryptInit_ex(&_ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);
>     >
>     >
>     >     You now need to do:
>     >
>     >     EVP_CIPHER_CTX *_ctx;
>     >
>     >     _ctx = EVP_CIPHER_CTX_new();
>     >     EVP_EncryptInit_ex(_ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);
>     >
>     >     ...
>     >     EVP_CIPHER_CTX_free(_ctx);
>     >
>     >
>     >     I have omitted error checking code for brevity.
>     >
>     >     Matt
>     >
>     >
>     >     > EVP_EncryptInit_ex(&_ctx, evp_gcm, NULL, NULL, NULL);
>     >     >
>     >     > After the change I got this error : expected initializer
>     before ‘evp_gcm’
>     >     >
>     >     > What am I doing wrong?
>     >     >
>     >     > On 3 May 2017 at 12:07, Matt Caswell <matt@xxxxxxxxxxx
>     <mailto:matt@xxxxxxxxxxx> <mailto:matt@xxxxxxxxxxx
>     <mailto:matt@xxxxxxxxxxx>>
>     >     > <mailto:matt@xxxxxxxxxxx <mailto:matt@xxxxxxxxxxx>
>     <mailto:matt@xxxxxxxxxxx <mailto:matt@xxxxxxxxxxx>>>> wrote:
>     >     >
>     >     >
>     >     >
>     >     >     On 03/05/17 09:43, Lior Koskas wrote:
>     >     >     > Hi,
>     >     >     >
>     >     >     > I'm using EVP_aes_128_gcm and have problem with
>     compiling it
>     >     with
>     >     >     > OpenSSL 1.1.0 (earlier versions are compiling).
>     >     >     > Although I included <openssl/evp.h> I got this error :
>     error:
>     >     >     > ‘EVP_aes_128_gcm’ was not declared in this scope.
>     >     >     >
>     >     >     > I'm using CentOS 7.3.
>     >     >     >
>     >     >     > Which file I need to include in order to compile
>     >     EVP_aes_128_gcm ?
>     >     >
>     >     >     It's still declared in evp.h:
>     >     >
>     >     >     const EVP_CIPHER *EVP_aes_128_gcm(void);
>     >     >
>     >     >     Perhaps you are not picking up the version of evp.h that
>     you think
>     >     >     you are?
>     >     >
>     >     >     Matt
>     >     >
>     >     >     --
>     >     >     openssl-users mailing list
>     >     >     To unsubscribe:
>     >     >     https://mta.openssl.org/mailman/listinfo/openssl-users
>     <https://mta.openssl.org/mailman/listinfo/openssl-users>
>     >     <https://mta.openssl.org/mailman/listinfo/openssl-users
>     <https://mta.openssl.org/mailman/listinfo/openssl-users>>
>     >     >     <https://mta.openssl.org/mailman/listinfo/openssl-users
>     <https://mta.openssl.org/mailman/listinfo/openssl-users>
>     >     <https://mta.openssl.org/mailman/listinfo/openssl-users
>     <https://mta.openssl.org/mailman/listinfo/openssl-users>>>
>     >     >
>     >     >
>     >     >
>     >     >
>     >     > --
>     >     > Lior           Koskas
>     >     > Software Engineer
>     >     >
>     >     >
>     >     --
>     >     openssl-users mailing list
>     >     To unsubscribe:
>     >     https://mta.openssl.org/mailman/listinfo/openssl-users
>     <https://mta.openssl.org/mailman/listinfo/openssl-users>
>     >     <https://mta.openssl.org/mailman/listinfo/openssl-users
>     <https://mta.openssl.org/mailman/listinfo/openssl-users>>
>     >
>     >
>     >
>     >
>     > --
>     > Lior           Koskas
>     > Software Engineer
>     >
>     >
>     --
>     openssl-users mailing list
>     To unsubscribe:
>     https://mta.openssl.org/mailman/listinfo/openssl-users
>     <https://mta.openssl.org/mailman/listinfo/openssl-users>
>
>
>
>
> --
> Lior           Koskas
> Software Engineer
>
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



--
Lior           Koskas
Software Engineer
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux