usnistgov / SP800-90B_EntropyAssessment

The SP800-90B_EntropyAssessment C++package implements the min-entropy assessment methods included in Special Publication 800-90B.
202 stars 87 forks source link

Compiling issue #205

Closed mbleasel closed 1 year ago

mbleasel commented 1 year ago

Screenshot from 2022-12-23 20-27-14 Hi, there appears to be an error in the TestRunUtils.h Lines 107, 110 and 120 where fileLen was not declared. Instead of declaring fileLen I changed fileLen to fileLength which was declared. While the program appeared to then compile correctly - no further testing was performed. I do not have enough experience to know if this is correct.

joshuaehill commented 1 year ago

This is a duplicate of Issue #202, and is resolved in PR #204.

burtw commented 1 year ago

I am getting ready to submit an 800-90B report to NIST for a client. I have been using a very old version of this code to do all my data analysis so I decided to rerun all my data using the "latest and greatest". I am using Ubuntu 22.04 and cloned the repository. When I did this I got this bug. I seem to have two choices: Use the PR or use the 1.1.5 release. The 1.1.5 release gives me all the warnings about the deprecated interface, and the PR is not an official release.

Question is: how long will it be until the next official release (1.1.6 I assume) that fixes the use of the deprecated interface and fixes this build issue?

I would prefer to run my data on that next release if possible. If it is going to take a long time I will just run it on the current 1.1.5 release that uses the deprecated interface.

mbleasel commented 1 year ago

Hi, If you are referring to the compiling issue and the variable filelen, then Josh appears to have fixed the issue in TestRunUtils.h: https://github.com/joshuaehill/SP800-90B_EntropyAssessment/blob/ShaFix/cpp/shared/TestRunUtils.h Josh made a few changes to this file. After replacing TestRunUtils.h with Josh's the program compiles. I have also run a couple of binary files with ea_iid and ea_non_iid. Outputs 'appear' as expected. However, I have only just started to use this software. Hope this helps.

On Sun, 8 Jan 2023 at 10:01, burtw @.***> wrote:

I am getting ready to submit an 800-90B report to NIST for a client. I have been using a very old version of this code to do all my data analysis so I decided to rerun all my data using the "latest and greatest". I am using Ubuntu 22.04 and cloned the repository. When I did this I got this bug. I seem to have two choices: Use the PR or use the 1.1.5 release. The 1.1.5 release gives me all the warnings about the deprecated interface, and the PR is not an official release.

Question is: how long will it be until the next official release (1.1.6 I assume) that fixes the use of the deprecated interface and fixes this build issue?

I would prefer to run my data on that next release if possible. If it is going to take a long time I will just run it on the current 1.1.5 release that uses the deprecated interface.

— Reply to this email directly, view it on GitHub https://github.com/usnistgov/SP800-90B_EntropyAssessment/issues/205#issuecomment-1374645288, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFHSEE4VHKF4VU2IOF64STLWRHYWFANCNFSM6AAAAAATHSZ7W4 . You are receiving this because you authored the thread.Message ID: @.***>

joshuaehill commented 1 year ago

I believe that NIST has previously suggested that testing be done using tagged releases (in this case v1.1.5). NIST is clearly not running the current master branch in their testing, as the current master branch doesn't compile.

You would seem to have a few options:

  1. You could use PR #204 (which I would guess will eventually be integrated into the master branch and eventually tagged for some future release) applied against the master branch.
  2. You could link the tool to a version of OpenSSL that doesn't issue such complaints and use the v1.1.5 release.
  3. You could filter out the library complaints and use the v1.1.5.
burtw commented 1 year ago

Yes, I plan to use 1.1.5 unless 1.1.6 is going to be released soon. When will 1.1.6 be released (with the SHA256 changes plus the fixes for what was broken by the SHA 256 changes plus all other pending changes and pull requests)?