OpenSSL 3.0 in C/C++ on Windows

Download

• Visual Studio
  • Make sure you have x64 Native Tools Command Prompt for VS 2022 and x86 Native Tools Command Prompt for VS 2022
    
  • You can get them by downloading Build Tools for Visual Studio 2022
• Strawberry Perl
• NASM
• OpenSSL

The defalut installation options for Strawberry Perl and NASM is sufficient. After installing Strawberry Perl and NASM, make sure to add them to the environment path

Build OpenSSL

Legacy provider

The OpenSSL legacy provider supplies OpenSSL implementations of algorithms that have been deemed legacy. Such algorithms have commonly fallen out of use, have been deemed insecure by the cryptography community, or something similar.

• Operations and algorithms supplied by legacy provider
  • Hash
    • MD2
    • MD4
    • MDC2
    • WHIRLPOOL
    • RIPEMD160
  • Symmetric Ciphers
    • Blowfish
    • CAST
    • DES
    • IDEA
    • RC2
    • RC4
    • RC5
    • SEED
  • Key Derivation Function
    • PBKDF1
    • PVKKDF
• Configuration to enable legacy provider
  • File path
    • openssl-master\apps\openssl.cnf (For Linux)
    • openssl-master\apps\openssl-vms.cnf (For Windows)
    • openssl-master is the directory downloaded from OpenSSL github
  • File content

    openssl_conf = openssl_init
    
    [openssl_init]
    providers = provider_sect
    
    [provider_sect]
    default = default_sect
    legacy = legacy_sect
    
    [default_sect]
    activate = 1
    
    [legacy_sect]
    activate = 1

    • This is a minimal config file example to load and activate both the legacy and the default provider in the default library context.
  • Load default and legacy provider programmatically

    OSSL_PROVIDER* legacy;
    OSSL_PROVIDER* deflt;
    legacy = OSSL_PROVIDER_load(NULL, "legacy");
    deflt = OSSL_PROVIDER_load(NULL, "default");

Build commands

• Create new directories to store the output built by openssl

  OpenSSL
   ├─DLL
   │  ├─x32
   │  │  ├─Debug
   │  │  └─Release
   │  └─x64
   │      ├─Debug
   │      └─Release
   ├─Lib
   │  ├─x32
   │  │  ├─Debug
   │  │  └─Release
   │  └─x64
   │      ├─Debug
   │      └─Release
   └─SSL
  

• x64 Native Tools Command Prompt for VS 2022

  nmake clean
  perl Configure VC-WIN64A --debug --prefix=[Path\To\OpenSSL]\DLL\x64\Debug --openssldir=[Path\To\OpenSSL]\SSL
  nmake test
  nmake install_sw
  
  nmake clean
  perl Configure VC-WIN64A --prefix=[Path\To\OpenSSL]\DLL\x64\Release --openssldir=[Path\To\OpenSSL]\SSL
  nmake test
  nmake install_sw
  
  nmake clean
  perl Configure VC-WIN64A --debug --prefix=[Path\To\OpenSSL]\Lib\x64\Debug --openssldir=[Path\To\OpenSSL]\SSL no-shared
  nmake test
  nmake install_sw
  
  nmake clean
  perl Configure VC-WIN64A --prefix=[Path\To\OpenSSL]\Lib\x64\Release --openssldir=[Path\To\OpenSSL]\SSL no-shared
  nmake test
  nmake install_sw

  • These commands should run under [Path\To\openssl-master] path in x64 Native Tools Command Prompt for VS 2022
• x86 Native Tools Command Prompt for VS 2022

  nmake clean
  perl Configure VC-WIN64A --debug --prefix=[Path\To\OpenSSL]\DLL\x32\Debug --openssldir=[Path\To\OpenSSL]\SSL
  nmake test
  nmake install_sw
  
  nmake clean
  perl Configure VC-WIN64A --prefix=[Path\To\OpenSSL]\DLL\x32\Release --openssldir=[Path\To\OpenSSL]\SSL
  nmake test
  nmake install_sw
  
  nmake clean
  perl Configure VC-WIN64A --debug --prefix=[Path\To\OpenSSL]\Lib\x32\Debug --openssldir=[Path\To\OpenSSL]\SSL no-shared
  nmake test
  nmake install_sw
  
  nmake clean
  perl Configure VC-WIN64A --prefix=[Path\To\OpenSSL]\Lib\x32\Release --openssldir=[Path\To\OpenSSL]\SSL no-shared
  nmake test
  nmake install_sw

• no-shared no-module
  • These options are necessary to build a static library with legacy provider

Include OpenSSL libraries in Visual Studio

Project configure

• [專案] -> [屬性] -> [C/C++] -> [一般] -> [其他Include目錄] -> [Add path to include folder according to Debug/Release and Win32/x64]

• [專案] -> [屬性] -> [C/C++] -> [前置處理器] -> [前置處理器定義] -> [_CRT_SECURE_NO_WARNINGS]
• This setting is optional and can disable errors when using functions such as fopen, strncpy, etc.

• [專案] -> [屬性] -> [連結器] -> [輸入] -> [其他相依性] -> [Add path to libcrypto.lib and libssl.lib according to Debug/Release and Win32/x64]

Headers

// Common header files
#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/rand.h>

We also need Crypt32.lib and Ws2_32.lib from microsoft system libraries

• Includes them programmatically and dynamically

  #pragma comment(lib, "crypt32")
  #pragma comment(lib, "ws2_32.lib")

• Link statically
  • [專案] -> [屬性] -> [連結器] -> [輸入] -> [其他相依性] -> [Add ws2_32.lib and crypt32.lib]

Example

I've included some common cryptography algorithm examples using openssl libraries' high level API. Check out symmetric cipher template to write your own symmetric cryptography program with minor modification. Moreover, I've included the usage of RSA as an example of asymmetric cipher.

Credits

• I've learned most of the setups from TroubleChute's tutorial video, including the scripts for automatically built

References

• TroubleChute - Build & Use OpenSSL with Visual Studio
• OpenSSL 3.0 Provider
• How to include Crypt32.lib and Ws2_32.lib
• Encrypting/Decrypting a file using OpenSSL EVP
• Default OpenSSL 3.0 RSA encryption implementation
• Default OpenSSL 3.0 RSA decryption implementation
• Official Notes for Windows platforms
• Build statically with legacy provider
• EVP Symmetric Encryption and Decryption
• EVP