[openssl-dev] Intent of the private_ wrappers
Steve Schefter
steve at scheftech.com
Fri Mar 6 13:35:20 UTC 2015
Hi.
I am compiling OpenSSL with the FIPS options and seeing a build error.
My question is more about the intent than the problem.
One example: When apps/speed.c is compiled with FIPS enabled,
OPENSSL_FIPS is defined and DES_set_key_unchecked gets defined to be
private_DES_set_key_unchecked.
The use of the private_ function means that fips_cipher_abort is not called.
Am I correct that the intent is to allow the OpenSSl-provided apps to
use the low level APIs (like DES) while user applications linking with
libcrypto.so can not?
The problem is that the OpenSSL-provided apps also link with that
library and the private_ functions are not global (they are not in
openssl.ld). So the OpenSSL-provided apps fail to link. In the above
example, apps/speed.c can't find private_DES_set_key_unchecked().
Or am I not understanding the intent?
Regards,
Steve
More information about the openssl-dev
mailing list