On Mon, Feb 01, 2016 at 10:21:49PM +0100, Martin Vegter wrote:
> I have a C program, which is using AES routines from the OpenSSL
> library. I have the necessary library installed (libssl-dev
> 1.0.1e-2+deb7u19):
>
> $ ls /usr/lib/x86_64-linux-gnu/libcrypto.*
> /usr/lib/x86_64-linux-gnu/libcrypto.a
> /usr/lib/x86_64-linux-gnu/libcrypto.so
> /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
>
> I can compile my program statically:
>
> gcc -s -o aes aes.c /usr/lib/x86_64-linux-gnu/libcrypto.a
>
> but when i try to compile it dynamically, I get following error:
>
> $ gcc -s -o aes aes.c -lcrypto
> /tmp/ccofFr4N.o: In function `encrypt':
> aes.c:(.text+0x9f): undefined reference to `aesni_set_encrypt_key'
> aes.c:(.text+0xd9): undefined reference to `aesni_cbc_encrypt'
> aes.c:(.text+0x1a0): undefined reference to `aesni_cbc_encrypt'
> /tmp/ccofFr4N.o: In function `decrypt':
> aes.c:(.text+0x2d4): undefined reference to `aesni_set_decrypt_key'
> aes.c:(.text+0x31e): undefined reference to `aesni_cbc_encrypt'
> collect2: error: ld returned 1 exit status
You're using internal function names that are not exported by the
libcrypto shared library on Debian systems. Use the EVP interface.
In future versions of OpenSSL constrained visibility of shared
library symbols will be extended to more platforms (than just Debian
where the export list was created by the Debian package maintainer).
The EVP interface is faster on many systems (supports AES-NI on
suitably capable Intel CPUs) and also safer (avoids timing
side-channels).
--
Viktor.
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
