问题描述
以下代码使用 HMAC SHA256 生成签名哈希.此代码在 Debian Jessie 和 Ubuntu 16.04(OpenSSL 1.0.2g 2016 年 3 月 1 日)上编译并运行良好.
The code below generates a signed hash using HMAC SHA256. This code compiles and works fine on Debian Jessie and Ubuntu 16.04 (OpenSSL 1.0.2g 1 Mar 2016).
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <iomanip>
#include <iostream>
#include <string>
#include <sstream>
using namespace std;
string HMAC256(string data, string key)
{
stringstream ss;
HMAC_CTX ctx;
unsigned int len;
unsigned char out[EVP_MAX_MD_SIZE];
HMAC_Init(&ctx, key.c_str(), key.length(), EVP_sha256());
HMAC_Update(&ctx, (unsigned char*)data.c_str(), data.length());
HMAC_Final(&ctx, out, &len);
HMAC_cleanup(&ctx);
for (unsigned int i = 0; i < len; i++)
{
ss << setw(2) << setfill('0') << hex << static_cast<int> (out[i]);
}
return ss.str();
}
int main()
{
cout << HMAC256("AAAA","BBBB") << endl;
return 0;
}
但是....
在 Debian Stretch 上编译时出现以下错误:
When compiling it on Debian Stretch I get the following error:
hmac256.cpp: In function ‘std::__cxx11::string HMAC256(std::__cxx11::string, std::__cxx11::string)’:
hmac256.cpp:14:18: error: aggregate ‘HMAC_CTX ctx’ has incomplete type and cannot be defined
HMAC_CTX ctx;
^~~
hmac256.cpp:18:9: warning: ‘int HMAC_Init(HMAC_CTX*, const void*, int, const EVP_MD*)’ is deprecated [-Wdeprecated-declarations]
HMAC_Init(&ctx, key.c_str(), key.length(), EVP_sha256());
^~~~~~~~~
In file included from /usr/include/openssl/hmac.h:13:0,
from hmac256.cpp:2:
/usr/include/openssl/hmac.h:28:1: note: declared here
DEPRECATEDIN_1_1_0(__owur int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
^
这与新的 OpenSSL 版本(OpenSSL 1.1.0f 2017 年 5 月 25 日)有关.
And this has to do with the new OpenSSL version (OpenSSL 1.1.0f 25 May 2017).
问题
为什么我会遇到 OpenSSL 1.1 的问题,以及如何以保持与 OpenSSL 1.0 的向后兼容性的方式解决它?
Why am I experiencing the problem with OpenSSL 1.1, and how to fix it in a way that maintains backward compatibility with OpenSSL 1.0?
推荐答案
关于修复错误,请阅读:升级到 OpenSSL 1.1.0.基本上,您需要创建一个新的 HMAC_CTX,如下所示:
For fixing the error, please read: Upgrade To OpenSSL 1.1.0. Basically, you need to create a new HMAC_CTX as follows:
HMAC_CTX *h = HMAC_CTX_new();
HMAC_Init_ex(h, key, keylen, EVP_sha256(), NULL);
...
HMAC_CTX_free(h);
为了向后兼容,可以考虑使用宏来控制代码块进行编译.
For backward compatibility, you can consider using macros to control the code block to compile.
这篇关于使用 OpenSSL 1.1 的 SHA256 HMAC 未编译的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!