Errors after upgrade

[nicraMarcin]

Hello,
today I've upgraded jwt-cpp and I have compiler errors:

[ 94%] Building CXX object CMakeFiles/nms.dir/src/controller/UserController.cpp.o
In file included from /home/marcin/projects/nms/back/src/dto/Token.hpp:5,
                 from /home/marcin/projects/nms/back/src/service/tokenService.hpp:7,
                 from /home/marcin/projects/nms/back/src/service/tokenService.cpp:5:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In member function ‘std::string jwt::algorithm::eddsa::sign(const string&, std::error_code&) const’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:970:9: error: ‘EVP_DigestSign’ was not declared in this scope; did you mean ‘EVP_DigestSignInit’?
  970 |     if (EVP_DigestSign(ctx.get(),
      |         ^~~~~~~~~~~~~~
      |         EVP_DigestSignInit
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In member function ‘void jwt::algorithm::eddsa::verify(const string&, const string&, std::error_code&) const’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:998:16: error: ‘EVP_DigestVerify’ was not declared in this scope; did you mean ‘EVP_DigestVerifyInit’?
  998 |     auto res = EVP_DigestVerify(ctx.get(),
      |                ^~~~~~~~~~~~~~~~
      |                EVP_DigestVerifyInit
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In constructor ‘jwt::algorithm::ed448::ed448(const string&, const string&, const string&, const string&)’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:1316:81: error: ‘EVP_shake256’ was not declared in this scope; did you mean ‘EVP_sha256’?
 1316 |     : eddsa(public_key, private_key, public_key_password, private_key_password, EVP_shake256, "EdDSA")
      |                                                                                 ^~~~~~~~~~~~
      |                                                                                 EVP_sha256
In file included from /home/marcin/projects/nms/back/src/dto/Token.hpp:5,
                 from /home/marcin/projects/nms/back/src/service/tokenService.hpp:7,
                 from /home/marcin/projects/nms/back/src/service/userCache.hpp:9,
                 from /home/marcin/projects/nms/back/src/service/userCache.cpp:2:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In member function ‘std::string jwt::algorithm::eddsa::sign(const string&, std::error_code&) const’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:970:9: error: ‘EVP_DigestSign’ was not declared in this scope; did you mean ‘EVP_DigestSignInit’?
  970 |     if (EVP_DigestSign(ctx.get(),
      |         ^~~~~~~~~~~~~~
      |         EVP_DigestSignInit
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In member function ‘void jwt::algorithm::eddsa::verify(const string&, const string&, std::error_code&) const’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:998:16: error: ‘EVP_DigestVerify’ was not declared in this scope; did you mean ‘EVP_DigestVerifyInit’?
  998 |     auto res = EVP_DigestVerify(ctx.get(),
      |                ^~~~~~~~~~~~~~~~
      |                EVP_DigestVerifyInit
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In constructor ‘jwt::algorithm::ed448::ed448(const string&, const string&, const string&, const string&)’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:1316:81: error: ‘EVP_shake256’ was not declared in this scope; did you mean ‘EVP_sha256’?
 1316 |     : eddsa(public_key, private_key, public_key_password, private_key_password, EVP_shake256, "EdDSA")
      |                                                                                 ^~~~~~~~~~~~
      |                                                                                 EVP_sha256
In file included from /home/marcin/projects/nms/back/src/dto/Token.hpp:5,
                 from /home/marcin/projects/nms/back/src/service/tokenService.hpp:7,
                 from /home/marcin/projects/nms/back/src/service/userCache.hpp:9,
                 from /home/marcin/projects/nms/back/src/controller/UserController.hpp:7,
                 from /home/marcin/projects/nms/back/src/controller/UserController.cpp:1:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In member function ‘std::string jwt::algorithm::eddsa::sign(const string&, std::error_code&) const’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:970:9: error: ‘EVP_DigestSign’ was not declared in this scope; did you mean ‘EVP_DigestSignInit’?
  970 |     if (EVP_DigestSign(ctx.get(),
      |         ^~~~~~~~~~~~~~
      |         EVP_DigestSignInit
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In member function ‘void jwt::algorithm::eddsa::verify(const string&, const string&, std::error_code&) const’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:998:16: error: ‘EVP_DigestVerify’ was not declared in this scope; did you mean ‘EVP_DigestVerifyInit’?
  998 |     auto res = EVP_DigestVerify(ctx.get(),
      |                ^~~~~~~~~~~~~~~~
      |                EVP_DigestVerifyInit
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In constructor ‘jwt::algorithm::ed448::ed448(const string&, const string&, const string&, const string&)’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:1316:81: error: ‘EVP_shake256’ was not declared in this scope; did you mean ‘EVP_sha256’?
 1316 |     : eddsa(public_key, private_key, public_key_password, private_key_password, EVP_shake256, "EdDSA")
      |                                                                                 ^~~~~~~~~~~~
      |                                                                                 EVP_sha256
In file included from /home/marcin/projects/nms/back/src/dto/Token.hpp:5,
                 from /home/marcin/projects/nms/back/src/dto/apiDTO/AuthResponse.hpp:5,
                 from /home/marcin/projects/nms/back/src/dto/apiDTO/AuthResponse.cpp:2:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In member function ‘std::string jwt::algorithm::eddsa::sign(const string&, std::error_code&) const’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:970:9: error: ‘EVP_DigestSign’ was not declared in this scope; did you mean ‘EVP_DigestSignInit’?
  970 |     if (EVP_DigestSign(ctx.get(),
      |         ^~~~~~~~~~~~~~
      |         EVP_DigestSignInit
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In member function ‘void jwt::algorithm::eddsa::verify(const string&, const string&, std::error_code&) const’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:998:16: error: ‘EVP_DigestVerify’ was not declared in this scope; did you mean ‘EVP_DigestVerifyInit’?
  998 |     auto res = EVP_DigestVerify(ctx.get(),
      |                ^~~~~~~~~~~~~~~~
      |                EVP_DigestVerifyInit
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In constructor ‘jwt::algorithm::ed448::ed448(const string&, const string&, const string&, const string&)’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:1316:81: error: ‘EVP_shake256’ was not declared in this scope; did you mean ‘EVP_sha256’?
 1316 |     : eddsa(public_key, private_key, public_key_password, private_key_password, EVP_shake256, "EdDSA")
      |                                                                                 ^~~~~~~~~~~~
      |                                                                                 EVP_sha256
make[3]: *** [CMakeFiles/nms.dir/build.make:135: CMakeFiles/nms.dir/src/service/tokenService.cpp.o] Błąd 1
make[3]: *** Oczekiwanie na niezakończone zadania....
make[3]: *** [CMakeFiles/nms.dir/build.make:148: CMakeFiles/nms.dir/src/service/userCache.cpp.o] Błąd 1
make[3]: *** [CMakeFiles/nms.dir/build.make:96: CMakeFiles/nms.dir/src/dto/apiDTO/AuthResponse.cpp.o] Błąd 1
In file included from /home/marcin/projects/nms/back/src/dto/Token.hpp:5,
                 from /home/marcin/projects/nms/back/src/service/tokenService.hpp:7,
                 from /home/marcin/projects/nms/back/src/service/userCache.hpp:9,
                 from /home/marcin/projects/nms/back/src/controller/InitController.hpp:12,
                 from /home/marcin/projects/nms/back/src/controller/InitController.cpp:1:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In member function ‘std::string jwt::algorithm::eddsa::sign(const string&, std::error_code&) const’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:970:9: error: ‘EVP_DigestSign’ was not declared in this scope; did you mean ‘EVP_DigestSignInit’?
  970 |     if (EVP_DigestSign(ctx.get(),
      |         ^~~~~~~~~~~~~~
      |         EVP_DigestSignInit
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In member function ‘void jwt::algorithm::eddsa::verify(const string&, const string&, std::error_code&) const’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:998:16: error: ‘EVP_DigestVerify’ was not declared in this scope; did you mean ‘EVP_DigestVerifyInit’?
  998 |     auto res = EVP_DigestVerify(ctx.get(),
      |                ^~~~~~~~~~~~~~~~
      |                EVP_DigestVerifyInit
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In constructor ‘jwt::algorithm::ed448::ed448(const string&, const string&, const string&, const string&)’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:1316:81: error: ‘EVP_shake256’ was not declared in this scope; did you mean ‘EVP_sha256’?
 1316 |     : eddsa(public_key, private_key, public_key_password, private_key_password, EVP_shake256, "EdDSA")
      |                                                                                 ^~~~~~~~~~~~
      |                                                                                 EVP_sha256

What's wrong?

[Thalhammer]

The EVP_sha256 error is definitly a typo.
I am not sure about the EVP_DigestVerify / EVP_DigestSign errors though. They should be in openssl and I could not find anything about them not being included in all openssl versions which support ecdsa.

Which OpenSSL version are you using ?
I assume you use the current master ?

[nicraMarcin]

Ok, my fault. I've installed from sources LibreSSL :( but I also have OpenSSL installed v.1.1.1g

But if i reset to this eee4f7c (this commit I was using) jwt compiles

[Thalhammer]

But if i reset to this eee4f7c (this commit I was using) jwt compiles

Thats because the missing functions are used in the edDSA support that got merged after this tag.
Since edDSA is probably not relevant for you I suggest you stick to the tag until we properly fix it.

[nicraMarcin]

@Thalhammer Ok, thaks for help. So I wait for fix.

Best regards

[nicraMarcin]

Hello, when we can expect properly fix it? The problem still occurs :(

/home/marcin/projects/nms_new/back/lib/jwt/include/jwt-cpp/jwt.h:970:9: error: ‘EVP_DigestSign’ was not declared in this scope; did you mean ‘EVP_DigestSignInit’?
  970 |     if (EVP_DigestSign(ctx.get(),
      |         ^~~~~~~~~~~~~~
      |         EVP_DigestSignInit

[prince-chrismc]

Can you please confirm with library you are using? Are you trying to compile with LibreSSL (at which version) or openssl v1.1.1g?
Also the OS and Compiler would be wonderful too so we can reproduce the issue =)

[nicraMarcin]

$ openssl version
OpenSSL 1.1.1g  21 Apr 2020

$ g++ -v
Using built-in specs.
COLLECT_GCC=g++
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/9/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none:hsa
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-linux-gnu
Thread model: posix
gcc version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04) 

[prince-chrismc]

I am not able to reproduce any issue with ubuntu 20.04 gcc-9.3 and openssl/1.1.1f.

I see this function has been available for several years, https://github.com/openssl/openssl/blame/85209c07459b1c6007e0fc550f40c05deec78531/include/openssl/evp.h#L698

Since this does not seem be a jwt-cpp issue, you'll need to investigate why your openssl installation is missing parts of the API.

[nicraMarcin]

Ok, I'll check it on other system, but I reset into eee4f7cbd06f31f06d6335743e9f4ca07e1eb7e6 it compiles and works

[Thalhammer]

@nicraMarcin Are you actually sure you are linking against that openssl install ?

[nicraMarcin]

@Thalhammer Truly speaking, no :/ so I have to check it at other system.

[Thalhammer]

Because if you were linking against libressl instead it would explain the error you are seeing. Libressl does not have the function we are using there.

[nicraMarcin]

Ok, this is from OpenSSL. I removed my LibreSSL and installed into custom folder.
This is printed when I have add_subdirectory(lib/jwt)

-- Found OpenSSL: /usr/lib/x86_64-linux-gnu/libcrypto.so (found suitable version "1.1.1g", minimum required is "1.0.2")  
-- Found OpenSSL: /usr/lib/x86_64-linux-gnu/libcrypto.so (found version "1.1.1g")  

[nicraMarcin]

I tried to install jwt-cpp (not as submodule) and the same result

root@marcin-huawei:/tmp/jwt-cpp/build# cmake ..
-- The C compiler identification is GNU 9.3.0
-- The CXX compiler identification is GNU 9.3.0
-- Check for working C compiler: /usr/bin/cc
-- Check for working C compiler: /usr/bin/cc -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Detecting C compile features
-- Detecting C compile features - done
-- Check for working CXX compiler: /usr/bin/c++
-- Check for working CXX compiler: /usr/bin/c++ -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Detecting CXX compile features
-- Detecting CXX compile features - done
-- Found OpenSSL: /usr/lib/x86_64-linux-gnu/libcrypto.so (found suitable version "1.1.1g", minimum required is "1.0.2")  
-- Found GTest: /usr/lib/x86_64-linux-gnu/libgtest.a  
-- Configuring done
-- Generating done
-- Build files have been written to: /tmp/jwt-cpp/build
root@marcin-huawei:/tmp/jwt-cpp/build# make 
Scanning dependencies of target jwt-cpp-test
[  5%] Building CXX object tests/CMakeFiles/jwt-cpp-test.dir/BaseTest.cpp.o
[ 11%] Building CXX object tests/CMakeFiles/jwt-cpp-test.dir/ClaimTest.cpp.o
[ 16%] Building CXX object tests/CMakeFiles/jwt-cpp-test.dir/Keys.cpp.o
[ 22%] Building CXX object tests/CMakeFiles/jwt-cpp-test.dir/HelperTest.cpp.o
[ 27%] Building CXX object tests/CMakeFiles/jwt-cpp-test.dir/TestMain.cpp.o
[ 33%] Building CXX object tests/CMakeFiles/jwt-cpp-test.dir/TokenFormatTest.cpp.o
[ 38%] Building CXX object tests/CMakeFiles/jwt-cpp-test.dir/TokenTest.cpp.o
[ 44%] Building CXX object tests/CMakeFiles/jwt-cpp-test.dir/NlohmannTest.cpp.o
[ 50%] Building CXX object tests/CMakeFiles/jwt-cpp-test.dir/OpenSSLErrorTest.cpp.o
[ 55%] Linking CXX executable jwt-cpp-test
[ 55%] Built target jwt-cpp-test
Scanning dependencies of target rsa-verify
[ 61%] Building CXX object example/CMakeFiles/rsa-verify.dir/rsa-verify.cpp.o
[ 66%] Linking CXX executable rsa-verify
[ 66%] Built target rsa-verify
Scanning dependencies of target rsa-create
[ 72%] Building CXX object example/CMakeFiles/rsa-create.dir/rsa-create.cpp.o
[ 77%] Linking CXX executable rsa-create
[ 77%] Built target rsa-create
Scanning dependencies of target private-claims
[ 83%] Building CXX object example/CMakeFiles/private-claims.dir/private-claims.cpp.o
[ 88%] Linking CXX executable private-claims
[ 88%] Built target private-claims
Scanning dependencies of target print-claims
[ 94%] Building CXX object example/CMakeFiles/print-claims.dir/print-claims.cpp.o
[100%] Linking CXX executable print-claims
[100%] Built target print-claims
root@marcin-huawei:/tmp/jwt-cpp/build# make install
[ 55%] Built target jwt-cpp-test
[ 66%] Built target rsa-verify
[ 77%] Built target rsa-create
[ 88%] Built target private-claims
[100%] Built target print-claims
Install the project...
-- Install configuration: ""
-- Up-to-date: /usr/local/include/jwt-cpp/jwt.h
-- Up-to-date: /usr/local/include/jwt-cpp/base.h
-- Up-to-date: /usr/local/include/picojson/picojson.h
-- Installing: /usr/local/jwt-cpp/jwt-cpp.cmake
-- Installing: /usr/local/jwt-cpp/jwt-cpp-config.cmake
-- Installing: /usr/local/jwt-cpp/jwt-cpp-config-version.cmake
root@marcin-huawei:/tmp/jwt-cpp/build# 

And from my project:

[ 91%] Building CXX object CMakeFiles/nms.dir/src/service/authService.cpp.o
In file included from /home/marcin/projects/nms/back/src/dto/Token.hpp:5,
                 from /home/marcin/projects/nms/back/src/dto/apiDTO/AuthResponse.hpp:5,
                 from /home/marcin/projects/nms/back/src/dto/apiDTO/AuthResponse.cpp:2:
/usr/local/include/jwt-cpp/jwt.h: In member function ‘std::string jwt::algorithm::eddsa::sign(const string&, std::error_code&) const’:
/usr/local/include/jwt-cpp/jwt.h:970:9: error: ‘EVP_DigestSign’ was not declared in this scope; did you mean ‘EVP_DigestSignInit’?
  970 |     if (EVP_DigestSign(ctx.get(),
      |         ^~~~~~~~~~~~~~
      |         EVP_DigestSignInit
/usr/local/include/jwt-cpp/jwt.h: In member function ‘void jwt::algorithm::eddsa::verify(const string&, const string&, std::error_code&) const’:
/usr/local/include/jwt-cpp/jwt.h:998:16: error: ‘EVP_DigestVerify’ was not declared in this scope; did you mean ‘EVP_DigestVerifyInit’?
  998 |     auto res = EVP_DigestVerify(ctx.get(),
      |                ^~~~~~~~~~~~~~~~
      |                EVP_DigestVerifyInit

And this is where I'm using submodule

[ 92%] Building CXX object CMakeFiles/nms.dir/src/service/authService.cpp.o
In file included from /home/marcin/projects/nms/back/src/dto/Token.hpp:5,
                 from /home/marcin/projects/nms/back/src/dto/apiDTO/AuthResponse.hpp:5,
                 from /home/marcin/projects/nms/back/src/dto/apiDTO/AuthResponse.cpp:2:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In member function ‘std::string jwt::algorithm::eddsa::sign(const string&, std::error_code&) const’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:970:9: error: ‘EVP_DigestSign’ was not declared in this scope; did you mean ‘EVP_DigestSignInit’?
  970 |     if (EVP_DigestSign(ctx.get(),
      |         ^~~~~~~~~~~~~~
      |         EVP_DigestSignInit
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h: In member function ‘void jwt::algorithm::eddsa::verify(const string&, const string&, std::error_code&) const’:
/home/marcin/projects/nms/back/lib/jwt/include/jwt-cpp/jwt.h:998:16: error: ‘EVP_DigestVerify’ was not declared in this scope; did you mean ‘EVP_DigestVerifyInit’?
  998 |     auto res = EVP_DigestVerify(ctx.get(),
      |                ^~~~~~~~~~~~~~~~
      |                EVP_DigestVerifyInit

As you can see there are different paths, but the same error

In both cases I reset head

$ git reset --hard eee4f7cbd0
HEAD is now at eee4f7c Merge pull request #80 from prince-chrismc/master

And works

[nicraMarcin]

Ok, I think this could be my problem caused by earlier install of LibreSSL :(

[nicraMarcin]

Problem is caused by handling two ssl library. I need libressl for api and openssl for jwt.
I see, that jwt finds OpenSSL but CLion links to libre instead openssl and I don't know how to reslove it :(

I have jwt as submodule in my project

add_subdirectory(lib/jwt)
[...]
target_link_libraries(${project_name_lib}
        PUBLIC oatpp oatpp-libressl oatpp-postgresql pq jwt-cpp  crypto pthread ${ARGON2_LIBRARY} mailio
)

[Thalhammer]

The proper fix would be replacing EVP_DigestVerify with the (more verbose) code to support libressl as well, which is tracked here: #100 .
I'll take a look at it tonight, maybe I can push it soon. IMHO the real problem is libressl claiming to be a 1:1 replacement (they do so by using the same header path/lib names) but then not following the api. So in my opinion this should be fixed by libressl, not everyone using it. None the less were having to deal with it and more and more projects use libressl so not supporting it is not an option.

Stick with the last commit that works for you, I'll ping you once I have a fix for you to try out.

[nicraMarcin]

Cool thanks

[Thalhammer]

@nicraMarcin can you check if the changes in 782acc0 fix your problem ?
The test cases (except for the OpenSSLErrorTest) should be ok, however I unfortunately dont have an libressl pc to try.

[nicraMarcin]

Compiles, but with this I have Segmentation Fault :(

[Thalhammer]

can you do a back trace (at least of everything within jwt-cpp) ?

[nicraMarcin]

I have to finish for today. I'll paste when I'll check

[nicraMarcin]

Ok, works, my segmentation fault was caused by other issue.