[openssl-users] error when linking with OpenSSL library dynamically

Viktor Dukhovni openssl-users at dukhovni.org
Mon Feb 1 21:45:35 UTC 2016

On Mon, Feb 01, 2016 at 10:21:49PM +0100, Martin Vegter wrote:

> I have a C program, which is using AES routines from the OpenSSL
> library. I have the necessary library installed (libssl-dev
> 1.0.1e-2+deb7u19):
>   $ ls /usr/lib/x86_64-linux-gnu/libcrypto.*
>   /usr/lib/x86_64-linux-gnu/libcrypto.a
>   /usr/lib/x86_64-linux-gnu/libcrypto.so
>   /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
> I can compile my program statically:
>   gcc -s -o aes aes.c /usr/lib/x86_64-linux-gnu/libcrypto.a
> but when i try to compile it dynamically, I get following error:
>   $ gcc -s -o aes aes.c -lcrypto
>   /tmp/ccofFr4N.o: In function `encrypt':
>   aes.c:(.text+0x9f): undefined reference to `aesni_set_encrypt_key'
>   aes.c:(.text+0xd9): undefined reference to `aesni_cbc_encrypt'
>   aes.c:(.text+0x1a0): undefined reference to `aesni_cbc_encrypt'
>   /tmp/ccofFr4N.o: In function `decrypt':
>   aes.c:(.text+0x2d4): undefined reference to `aesni_set_decrypt_key'
>   aes.c:(.text+0x31e): undefined reference to `aesni_cbc_encrypt'
>   collect2: error: ld returned 1 exit status

You're using internal function names that are not exported by the
libcrypto shared library on Debian systems.  Use the EVP interface.

In future versions of OpenSSL constrained visibility of shared
library symbols will be extended to more platforms (than just Debian
where the export list was created by the Debian package maintainer).

The EVP interface is faster on many systems (supports AES-NI on
suitably capable Intel CPUs) and also safer (avoids timing


More information about the openssl-users mailing list