[openssl-dev] afalg with OpenSSL 1.1.0f 25 May 2017
Jitendra Lulla
lullajd at yahoo.com
Mon Aug 14 07:20:40 UTC 2017
Hi,
I am trying to use afalg on Linux 4.9.37 with OpenSSL 1.1.0f.
I am facing 2 issues:
ONE: when I issue the speed command, I see the following:
[root at localhost apps]# ./openssl speed -evp aes-128-cbc -engine afalg
invalid engine "afalg"
139853452924736:error:2506406A:DSO support routines:dlfcn_bind_func:could not bind to the requested symbol name:crypto/dso/dso_dlfcn.c:178:symname(bind_engine): /usr/local/lib64/engines-1.1/afalg.so: undefined symbol: bind_engine
139853452924736:error:2506C06A:DSO support routines:DSO_bind_func:could not bind to the requested symbol name:crypto/dso/dso_lib.c:185:
139853452924736:error:260B6068:engine routines:dynamic_load:DSO failure:crypto/engine/eng_dyn.c:427:
139853452924736:error:2606A074:engine routines:ENGINE_by_id:no such engine:crypto/engine/eng_list.c:339:id=afalg
139853452924736:error:25066067:DS
nm afalg.so doesn't show bind_engine
When I modify the openssl.cnf file with the engine name and the CIPHERS, still I dont get it working. The command output and the change in the openssl.cnf pasted at the end of the mail.
TWO: I had to create a softlink to libcrypto.so.1.1 and libssl.so.1.1 like the following to make openssl command work:
ln -s /usr/local/lib64/libssl.so.1.1 /lib64/libssl.so.1.1
ln -s /usr/local/lib64/libcrypto.so.1.1 /lib64/libcrypto.so.1.1
Is creating the softlinks a known issue and will be fixed?
I have pasted the complete information about the OS/distro environment and installation commands I ran at the bottom.
Could you please suggest what wrong I am doing to make afalg work.
Thanks
Jitendra Lulla
========
BEFORE INSTALLATION:
[root at localhost jlulla]# rpm -qa |grep openssl
openssl-1.0.1e-60.el7.x86_64
openssl-devel-1.0.1e-60.el7.x86_64
openssl-libs-1.0.1e-60.el7.x86_64
[root at localhost jlulla]# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013
PLEASE SEE FROM HERE PLEASE SEE FROM HERE PLEASE SEE FROM HERE----------------------------
STEP 1 : SOURCE TAKEN FROM https://www.openssl.org/source/openssl-1.1.0f.tar.gz 2017-May-25 13:09:51
[root at localhost jlulla]# uname -a
Linux localhost.localdomain 4.9.37 #1 SMP Fri Jul 21 04:52:46 PDT 2017 x86_64 x86_64 x86_64 GNU/Linux
[root at localhost jlulla]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.3 (Maipo)
[root at localhost openssl-1.1.0f]# pwd
/home/jlulla/openssl-1.1.0f
STEP 2: [root at localhost openssl-1.1.0f]# ./config shared enable-engine enable-dso enable-afalgeng
Operating system: x86_64-whatever-linux2
Configuring for linux-x86_64
Configuring OpenSSL version 1.1.0f (0x1010006fL)
no-asan [default] OPENSSL_NO_ASAN
no-crypto-mdebug [default] OPENSSL_NO_CRYPTO_MDEBUG
no-crypto-mdebug-backtrace [default] OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
no-ec_nistp_64_gcc_128 [default] OPENSSL_NO_EC_NISTP_64_GCC_128
no-egd [default] OPENSSL_NO_EGD
no-fuzz-afl [default] OPENSSL_NO_FUZZ_AFL
no-fuzz-libfuzzer [default] OPENSSL_NO_FUZZ_LIBFUZZER
no-heartbeats [default] OPENSSL_NO_HEARTBEATS
no-md2 [default] OPENSSL_NO_MD2 (skip dir)
no-msan [default] OPENSSL_NO_MSAN
no-rc5 [default] OPENSSL_NO_RC5 (skip dir)
no-sctp [default] OPENSSL_NO_SCTP
no-ssl-trace [default] OPENSSL_NO_SSL_TRACE
no-ssl3 [default] OPENSSL_NO_SSL3
no-ssl3-method [default] OPENSSL_NO_SSL3_METHOD
no-ubsan [default] OPENSSL_NO_UBSAN
no-unit-test [default] OPENSSL_NO_UNIT_TEST
no-weak-ssl-ciphers [default] OPENSSL_NO_WEAK_SSL_CIPHERS
no-zlib [default]
no-zlib-dynamic [default]
Configuring for linux-x86_64
CC =gcc
CFLAG =-Wall -O3 -pthread -m64 -DL_ENDIAN -Wa,--noexecstack
SHARED_CFLAG =-fPIC -DOPENSSL_USE_NODELETE
DEFINES =DSO_DLFCN HAVE_DLFCN_H NDEBUG OPENSSL_THREADS OPENSSL_NO_STATIC_ENGINE OPENSSL_PIC OPENSSL_IA32_SSE2 OPENSSL_BN_ASM_MONT OPENSSL_BN_ASM_MONT5 OPENSSL_BN_ASM_GF2m SHA1_ASM SHA256_ASM SHA512_ASM RC4_ASM MD5_ASM AES_ASM VPAES_ASM BSAES_ASM GHASH_ASM ECP_NISTZ256_ASM PADLOCK_ASM POLY1305_ASM
LFLAG =
PLIB_LFLAG =
EX_LIBS =-ldl
APPS_OBJ =
CPUID_OBJ =x86_64cpuid.o
UPLINK_OBJ =
BN_ASM =asm/x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o
EC_ASM =ecp_nistz256.o ecp_nistz256-x86_64.o
DES_ENC =des_enc.o fcrypt_b.o
AES_ENC =aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o
BF_ENC =bf_enc.o
CAST_ENC =c_enc.o
RC4_ENC =rc4-x86_64.o rc4-md5-x86_64.o
RC5_ENC =rc5_enc.o
MD5_OBJ_ASM =md5-x86_64.o
SHA1_OBJ_ASM =sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o sha256-mb-x86_64.o
RMD160_OBJ_ASM=
CMLL_ENC =cmll-x86_64.o cmll_misc.o
MODES_OBJ =ghash-x86_64.o aesni-gcm-x86_64.o
PADLOCK_OBJ =e_padlock-x86_64.o
CHACHA_ENC =chacha-x86_64.o
POLY1305_OBJ =poly1305-x86_64.o
BLAKE2_OBJ =
PROCESSOR =
RANLIB =ranlib
ARFLAGS =
PERL =/usr/bin/perl
SIXTY_FOUR_BIT_LONG mode
Configured for linux-x86_64.
[root at localhost openssl-1.1.0f]#
make didnt give any error.
make install didnt give any error
updatedb
STEP 2:
[root at localhost openssl-1.1.0f]# md5sum /home/jlulla/openssl-1.1.0f/libssl.so.1.1 /usr/local/lib64/libssl.so.1.1
5a7264a3ebda22989c831794d30677c5 /home/jlulla/openssl-1.1.0f/libssl.so.1.1
5a7264a3ebda22989c831794d30677c5 /usr/local/lib64/libssl.so.1.1
[root at localhost openssl-1.1.0f]# ls -l /home/jlulla/openssl-1.1.0f/libssl.so
lrwxrwxrwx. 1 root root 13 Aug 10 23:45 /home/jlulla/openssl-1.1.0f/libssl.so -> libssl.so.1.1
[root at localhost apps]# pwd
/home/jlulla/openssl-1.1.0f/apps
[root at localhost apps]# ./openssl
./openssl: error while loading shared libraries: libssl.so.1.1: cannot open shared object file: No such file or directory
[root at localhost apps]# ldd ./openssl
linux-vdso.so.1 => (0x00007ffd02f3c000)
libssl.so.1.1 => not found
libcrypto.so.1.1 => not found
libdl.so.2 => /lib64/libdl.so.2 (0x00007f0439fda000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f0439dbe000)
libc.so.6 => /lib64/libc.so.6 (0x00007f04399fc000)
/lib64/ld-linux-x86-64.so.2 (0x000055d618530000)
[root at localhost apps]# ls -l /lib64/libssl.so.1.1
ls: cannot access /lib64/libssl.so.1.1: No such file or directory
ln -s /usr/local/lib64/libssl.so.1.1 /lib64/libssl.so.1.1
STEP 3:
[root at localhost apps]# ln -s /usr/local/lib64/libssl.so.1.1 /lib64/libssl.so.1.1
[root at localhost apps]# ls -l /lib64/libssl.so.1.1
lrwxrwxrwx. 1 root root 30 Aug 10 23:57 /lib64/libssl.so.1.1 -> /usr/local/lib64/libssl.so.1.1
[root at localhost apps]# ln -s /usr/local/lib64/libcrypto.so.1.1 /lib64/libcrypto.so.1.1
[root at localhost apps]# ls -l /lib64/libcrypto.so.1.1
lrwxrwxrwx. 1 root root 33 Aug 10 23:58 /lib64/libcrypto.so.1.1 -> /usr/local/lib64/libcrypto.so.1.1
[root at localhost apps]# ldd ./openssl
linux-vdso.so.1 => (0x00007ffd37b5e000)
libssl.so.1.1 => /lib64/libssl.so.1.1 (0x00007f82881f8000)
libcrypto.so.1.1 => /lib64/libcrypto.so.1.1 (0x00007f8287d73000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f8287b6e000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f8287952000)
libc.so.6 => /lib64/libc.so.6 (0x00007f8287591000)
/lib64/ld-linux-x86-64.so.2 (0x000055f06bc67000)
[root at localhost apps]# ./openssl version
OpenSSL 1.1.0f 25 May 2017
STEP 4:
[root at localhost afalg]# pwd
/home/jlulla/openssl-1.1.0f/engines/afalg
[root at localhost afalg]# ls
afalg.so build.info e_afalg.c e_afalg.d e_afalg.ec e_afalg_err.c e_afalg_err.d e_afalg_err.h e_afalg_err.o e_afalg.h e_afalg.o
[root at localhost afalg]# ldd afalg.so
linux-vdso.so.1 => (0x00007fff1d7ef000)
libcrypto.so.1.1 => /lib64/libcrypto.so.1.1 (0x00007f3a80166000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f3a7ff62000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f3a7fd45000)
libc.so.6 => /lib64/libc.so.6 (0x00007f3a7f984000)
/lib64/ld-linux-x86-64.so.2 (0x0000560991976000)
[root at localhost afalg]# nm afalg.so
0000000000202060 d AFALG_error_init
0000000000202220 b AFALG_lib_error_code
0000000000202160 d AFALG_str_functs
0000000000202080 d AFALG_str_reasons
0000000000202210 B __bss_start
0000000000202210 b completed.6344
w __cxa_finalize@@GLIBC_2.2.5
0000000000000a00 t deregister_tm_clones
0000000000000a70 t __do_global_dtors_aux
0000000000201da0 t __do_global_dtors_aux_fini_array_entry
0000000000201db0 d __dso_handle
0000000000201db8 d _DYNAMIC
0000000000202210 D _edata
0000000000202228 B _end
0000000000000af0 T engine_load_afalg_int
0000000000000bb0 T ERR_AFALG_error
U ERR_get_next_error_library@@OPENSSL_1_1_0
0000000000000b00 T ERR_load_AFALG_strings
U ERR_load_strings@@OPENSSL_1_1_0
U ERR_put_error@@OPENSSL_1_1_0
0000000000000b60 T ERR_unload_AFALG_strings
U ERR_unload_strings@@OPENSSL_1_1_0
0000000000000bf8 T _fini
0000000000000ab0 t frame_dummy
0000000000201d98 t __frame_dummy_init_array_entry
0000000000000eb8 r __FRAME_END__
0000000000202000 d _GLOBAL_OFFSET_TABLE_
w __gmon_start__
0000000000000970 T _init
w _ITM_deregisterTMCloneTable
w _ITM_registerTMCloneTable
0000000000201da8 d __JCR_END__
0000000000201da8 d __JCR_LIST__
w _Jv_RegisterClasses
0000000000000a30 t register_tm_clones
0000000000202210 d __TMC_END__
[root at localhost openssl-1.1.0f]# locate afalg.so
/home/jlulla/openssl-1.1.0f/engines/afalg/afalg.so
/usr/local/lib64/engines-1.1/afalg.so
[root at localhost openssl-1.1.0f]# md5sum /home/jlulla/openssl-1.1.0f/engines/afalg/afalg.so /usr/local/lib64/engines-1.1/afalg.so
ec273faa6eb6e25f55e44a7d37adf195 /home/jlulla/openssl-1.1.0f/engines/afalg/afalg.so
ec273faa6eb6e25f55e44a7d37adf195 /usr/local/lib64/engines-1.1/afalg.so
[root at localhost apps]# date
Fri Aug 11 00:01:10 PDT 2017
[root at localhost apps]# ls -l /usr/local/ssl/openssl.cnf
-rw-r--r--. 1 root root 10771 Aug 10 23:47 /usr/local/ssl/openssl.cnf
[root at localhost apps]# md5sum /usr/local/ssl/openssl.cnf /home/jlulla/openssl-1.1.0f/apps/openssl.cnf
f697ef5df0d006882e6326606e8dbf4a /usr/local/ssl/openssl.cnf
f697ef5df0d006882e6326606e8dbf4a /home/jlulla/openssl-1.1.0f/apps/openssl.cnf
openssl.cnf has the following:
..
..
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
# To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use:
# extensions =
# (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.)
..
..
[root at localhost apps]# ./openssl speed -evp aes-128-cbc -engine afalg
invalid engine "afalg"
139853452924736:error:2506406A:DSO support routines:dlfcn_bind_func:could not bind to the requested symbol name:crypto/dso/dso_dlfcn.c:178:symname(bind_engine): /usr/local/lib64/engines-1.1/afalg.so: undefined symbol: bind_engine
139853452924736:error:2506C06A:DSO support routines:DSO_bind_func:could not bind to the requested symbol name:crypto/dso/dso_lib.c:185:
139853452924736:error:260B6068:engine routines:dynamic_load:DSO failure:crypto/engine/eng_dyn.c:427:
139853452924736:error:2606A074:engine routines:ENGINE_by_id:no such engine:crypto/engine/eng_list.c:339:id=afalg
139853452924736:error:25066067:DSO support routines:dlfcn_load:could not load the shared library:crypto/dso/dso_dlfcn.c:113:filename(libafalg.so): libafalg.so: cannot open shared object file: No such file or directory
139853452924736:error:25070067:DSO support routines:DSO_load:could not load the shared library:crypto/dso/dso_lib.c:161:
139853452924736:error:260B6084:engine routines:dynamic_load:dso not found:crypto/engine/eng_dyn.c:414:
^C
Modified both the files as the follwing:
/usr/local/ssl/openssl.cnf
/home/jlulla/openssl-1.1.0f/apps/openssl.cnf
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
openssl_conf = openssl_def
[openssl_def]
engines = openssl_engines
[openssl_engines]
afalg = afalg_engine
[afalg_engine]
CIPHERS=aes-128-cbc
With the above, the errors are more:
[root at localhost apps]# ./openssl speed -evp aes-128-cbc -engine afalg
invalid engine "afalg"
140473780422464:error:2506406A:DSO support routines:dlfcn_bind_func:could not bind to the requested symbol name:crypto/dso/dso_dlfcn.c:178:symname(bind_engine): /usr/local/lib64/engines-1.1/afalg.so: undefined symbol: bind_engine
140473780422464:error:2506C06A:DSO support routines:DSO_bind_func:could not bind to the requested symbol name:crypto/dso/dso_lib.c:185:
140473780422464:error:260B6068:engine routines:dynamic_load:DSO failure:crypto/engine/eng_dyn.c:427:
140473780422464:error:2606A074:engine routines:ENGINE_by_id:no such engine:crypto/engine/eng_list.c:339:id=afalg
140473780422464:error:260BC066:engine routines:int_engine_configure:engine configuration error:crypto/engine/eng_cnf.c:141:section=afalg_engine, name=CIPHERS, value=aes-128-cbc
140473780422464:error:0E07606D:configuration file routines:module_run:module initialization error:crypto/conf/conf_mod.c:173:module=engines, value=openssl_engines, retcode=-1
140473780422464:error:2506406A:DSO support routines:dlfcn_bind_func:could not bind to the requested symbol name:crypto/dso/dso_dlfcn.c:178:symname(bind_engine): /usr/local/lib64/engines-1.1/afalg.so: undefined symbol: bind_engine
140473780422464:error:2506C06A:DSO support routines:DSO_bind_func:could not bind to the requested symbol name:crypto/dso/dso_lib.c:185:
140473780422464:error:260B6068:engine routines:dynamic_load:DSO failure:crypto/engine/eng_dyn.c:427:
140473780422464:error:2606A074:engine routines:ENGINE_by_id:no such engine:crypto/engine/eng_list.c:339:id=afalg
140473780422464:error:25066067:DSO support routines:dlfcn_load:could not load the shared library:crypto/dso/dso_dlfcn.c:113:filename(libafalg.so): libafalg.so: cannot open shared object file: No such file or directory
140473780422464:error:25070067:DSO support routines:DSO_load:could not load the shared library:crypto/dso/dso_lib.c:161:
140473780422464:error:260B6084:engine routines:dynamic_load:dso not found:crypto/engine/eng_dyn.c:414:
^C
More information about the openssl-dev
mailing list