[openssl-dev] arch (ARM) capabilities
Andy Polyakov
appro at openssl.org
Tue Jun 28 11:29:57 UTC 2016
>> I want something more programmatic, more general. I want to deliver
>> a piece of software that will run on ARM architectures and will
>> issue a warning or something like that if the user does not have an
>> OpenSSL library set to work with ARM Crypto Extension.
>
> What does "set to work" mean? Compiled with support for ARMv8 extensions
> or actually uses them? While there is no direct means to tell either,
> there are indirect methods that you might find usable. To see if it's
> compiled with support for ARMv8 you might be able to use dlsym to lookup
> either of symbols specific to ARMv8 code. As for those subroutines
> actually being used, if you trust OpenSSL capability detection, you can
> simply look at /proc/cpuinfo, or replicate OpenSSL's detection.
I'd say that if it is that important, then it would be more appropriate
to bundle OpenSSL copy with your application. I mean if faith in
system-provided code is that low, then you'd have to answer questions if
you can trust that target code is actually called despite its presence
and should-be-called detection. And then the only way to be sure that it
works as advertised is to bundle own copy and debug it to verify that
everything is in shape.
More information about the openssl-dev
mailing list