Hi, I am trying to use afalg on Linux 4.9.37 with OpenSSL 1.1.0f.
I am facing 2 issues: ONE: when I issue the speed command, I see the following: [root@localhost apps]# ./openssl speed -evp aes-128-cbc -engine afalg invalid engine "afalg" 139853452924736:error:2506406A:DSO support routines:dlfcn_bind_func:could not bind to the requested symbol name:crypto/dso/dso_dlfcn.c:178:symname(bind_engine): /usr/local/lib64/engines-1.1/afalg.so: undefined symbol: bind_engine 139853452924736:error:2506C06A:DSO support routines:DSO_bind_func:could not bind to the requested symbol name:crypto/dso/dso_lib.c:185: 139853452924736:error:260B6068:engine routines:dynamic_load:DSO failure:crypto/engine/eng_dyn.c:427: 139853452924736:error:2606A074:engine routines:ENGINE_by_id:no such engine:crypto/engine/eng_list.c:339:id=afalg 139853452924736:error:25066067:DS nm afalg.so doesn't show bind_engine When I modify the openssl.cnf file with the engine name and the CIPHERS, still I dont get it working. The command output and the change in the openssl.cnf pasted at the end of the mail. TWO: I had to create a softlink to libcrypto.so.1.1 and libssl.so.1.1 like the following to make openssl command work: ln -s /usr/local/lib64/libssl.so.1.1 /lib64/libssl.so.1.1 ln -s /usr/local/lib64/libcrypto.so.1.1 /lib64/libcrypto.so.1.1 Is creating the softlinks a known issue and will be fixed? I have pasted the complete information about the OS/distro environment and installation commands I ran at the bottom. Could you please suggest what wrong I am doing to make afalg work. Thanks Jitendra Lulla ======== BEFORE INSTALLATION: [root@localhost jlulla]# rpm -qa |grep openssl openssl-1.0.1e-60.el7.x86_64 openssl-devel-1.0.1e-60.el7.x86_64 openssl-libs-1.0.1e-60.el7.x86_64 [root@localhost jlulla]# openssl version OpenSSL 1.0.1e-fips 11 Feb 2013 PLEASE SEE FROM HERE PLEASE SEE FROM HERE PLEASE SEE FROM HERE---------------------------- STEP 1 : SOURCE TAKEN FROM https://www.openssl.org/source/openssl-1.1.0f.tar.gz 2017-May-25 13:09:51 [root@localhost jlulla]# uname -a Linux localhost.localdomain 4.9.37 #1 SMP Fri Jul 21 04:52:46 PDT 2017 x86_64 x86_64 x86_64 GNU/Linux [root@localhost jlulla]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.3 (Maipo) [root@localhost openssl-1.1.0f]# pwd /home/jlulla/openssl-1.1.0f STEP 2: [root@localhost openssl-1.1.0f]# ./config shared enable-engine enable-dso enable-afalgeng Operating system: x86_64-whatever-linux2 Configuring for linux-x86_64 Configuring OpenSSL version 1.1.0f (0x1010006fL) no-asan [default] OPENSSL_NO_ASAN no-crypto-mdebug [default] OPENSSL_NO_CRYPTO_MDEBUG no-crypto-mdebug-backtrace [default] OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE no-ec_nistp_64_gcc_128 [default] OPENSSL_NO_EC_NISTP_64_GCC_128 no-egd [default] OPENSSL_NO_EGD no-fuzz-afl [default] OPENSSL_NO_FUZZ_AFL no-fuzz-libfuzzer [default] OPENSSL_NO_FUZZ_LIBFUZZER no-heartbeats [default] OPENSSL_NO_HEARTBEATS no-md2 [default] OPENSSL_NO_MD2 (skip dir) no-msan [default] OPENSSL_NO_MSAN no-rc5 [default] OPENSSL_NO_RC5 (skip dir) no-sctp [default] OPENSSL_NO_SCTP no-ssl-trace [default] OPENSSL_NO_SSL_TRACE no-ssl3 [default] OPENSSL_NO_SSL3 no-ssl3-method [default] OPENSSL_NO_SSL3_METHOD no-ubsan [default] OPENSSL_NO_UBSAN no-unit-test [default] OPENSSL_NO_UNIT_TEST no-weak-ssl-ciphers [default] OPENSSL_NO_WEAK_SSL_CIPHERS no-zlib [default] no-zlib-dynamic [default] Configuring for linux-x86_64 CC =gcc CFLAG =-Wall -O3 -pthread -m64 -DL_ENDIAN -Wa,--noexecstack SHARED_CFLAG =-fPIC -DOPENSSL_USE_NODELETE DEFINES =DSO_DLFCN HAVE_DLFCN_H NDEBUG OPENSSL_THREADS OPENSSL_NO_STATIC_ENGINE OPENSSL_PIC OPENSSL_IA32_SSE2 OPENSSL_BN_ASM_MONT OPENSSL_BN_ASM_MONT5 OPENSSL_BN_ASM_GF2m SHA1_ASM SHA256_ASM SHA512_ASM RC4_ASM MD5_ASM AES_ASM VPAES_ASM BSAES_ASM GHASH_ASM ECP_NISTZ256_ASM PADLOCK_ASM POLY1305_ASM LFLAG = PLIB_LFLAG = EX_LIBS =-ldl APPS_OBJ = CPUID_OBJ =x86_64cpuid.o UPLINK_OBJ = BN_ASM =asm/x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o EC_ASM =ecp_nistz256.o ecp_nistz256-x86_64.o DES_ENC =des_enc.o fcrypt_b.o AES_ENC =aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o BF_ENC =bf_enc.o CAST_ENC =c_enc.o RC4_ENC =rc4-x86_64.o rc4-md5-x86_64.o RC5_ENC =rc5_enc.o MD5_OBJ_ASM =md5-x86_64.o SHA1_OBJ_ASM =sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o sha256-mb-x86_64.o RMD160_OBJ_ASM= CMLL_ENC =cmll-x86_64.o cmll_misc.o MODES_OBJ =ghash-x86_64.o aesni-gcm-x86_64.o PADLOCK_OBJ =e_padlock-x86_64.o CHACHA_ENC =chacha-x86_64.o POLY1305_OBJ =poly1305-x86_64.o BLAKE2_OBJ = PROCESSOR = RANLIB =ranlib ARFLAGS = PERL =/usr/bin/perl SIXTY_FOUR_BIT_LONG mode Configured for linux-x86_64. [root@localhost openssl-1.1.0f]# make didnt give any error. make install didnt give any error updatedb STEP 2: [root@localhost openssl-1.1.0f]# md5sum /home/jlulla/openssl-1.1.0f/libssl.so.1.1 /usr/local/lib64/libssl.so.1.1 5a7264a3ebda22989c831794d30677c5 /home/jlulla/openssl-1.1.0f/libssl.so.1.1 5a7264a3ebda22989c831794d30677c5 /usr/local/lib64/libssl.so.1.1 [root@localhost openssl-1.1.0f]# ls -l /home/jlulla/openssl-1.1.0f/libssl.so lrwxrwxrwx. 1 root root 13 Aug 10 23:45 /home/jlulla/openssl-1.1.0f/libssl.so -> libssl.so.1.1 [root@localhost apps]# pwd /home/jlulla/openssl-1.1.0f/apps [root@localhost apps]# ./openssl ./openssl: error while loading shared libraries: libssl.so.1.1: cannot open shared object file: No such file or directory [root@localhost apps]# ldd ./openssl linux-vdso.so.1 => (0x00007ffd02f3c000) libssl.so.1.1 => not found libcrypto.so.1.1 => not found libdl.so.2 => /lib64/libdl.so.2 (0x00007f0439fda000) libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f0439dbe000) libc.so.6 => /lib64/libc.so.6 (0x00007f04399fc000) /lib64/ld-linux-x86-64.so.2 (0x000055d618530000) [root@localhost apps]# ls -l /lib64/libssl.so.1.1 ls: cannot access /lib64/libssl.so.1.1: No such file or directory ln -s /usr/local/lib64/libssl.so.1.1 /lib64/libssl.so.1.1 STEP 3: [root@localhost apps]# ln -s /usr/local/lib64/libssl.so.1.1 /lib64/libssl.so.1.1 [root@localhost apps]# ls -l /lib64/libssl.so.1.1 lrwxrwxrwx. 1 root root 30 Aug 10 23:57 /lib64/libssl.so.1.1 -> /usr/local/lib64/libssl.so.1.1 [root@localhost apps]# ln -s /usr/local/lib64/libcrypto.so.1.1 /lib64/libcrypto.so.1.1 [root@localhost apps]# ls -l /lib64/libcrypto.so.1.1 lrwxrwxrwx. 1 root root 33 Aug 10 23:58 /lib64/libcrypto.so.1.1 -> /usr/local/lib64/libcrypto.so.1.1 [root@localhost apps]# ldd ./openssl linux-vdso.so.1 => (0x00007ffd37b5e000) libssl.so.1.1 => /lib64/libssl.so.1.1 (0x00007f82881f8000) libcrypto.so.1.1 => /lib64/libcrypto.so.1.1 (0x00007f8287d73000) libdl.so.2 => /lib64/libdl.so.2 (0x00007f8287b6e000) libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f8287952000) libc.so.6 => /lib64/libc.so.6 (0x00007f8287591000) /lib64/ld-linux-x86-64.so.2 (0x000055f06bc67000) [root@localhost apps]# ./openssl version OpenSSL 1.1.0f 25 May 2017 STEP 4: [root@localhost afalg]# pwd /home/jlulla/openssl-1.1.0f/engines/afalg [root@localhost afalg]# ls afalg.so build.info e_afalg.c e_afalg.d e_afalg.ec e_afalg_err.c e_afalg_err.d e_afalg_err.h e_afalg_err.o e_afalg.h e_afalg.o [root@localhost afalg]# ldd afalg.so linux-vdso.so.1 => (0x00007fff1d7ef000) libcrypto.so.1.1 => /lib64/libcrypto.so.1.1 (0x00007f3a80166000) libdl.so.2 => /lib64/libdl.so.2 (0x00007f3a7ff62000) libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f3a7fd45000) libc.so.6 => /lib64/libc.so.6 (0x00007f3a7f984000) /lib64/ld-linux-x86-64.so.2 (0x0000560991976000) [root@localhost afalg]# nm afalg.so 0000000000202060 d AFALG_error_init 0000000000202220 b AFALG_lib_error_code 0000000000202160 d AFALG_str_functs 0000000000202080 d AFALG_str_reasons 0000000000202210 B __bss_start 0000000000202210 b completed.6344 w __cxa_finalize@@GLIBC_2.2.5 0000000000000a00 t deregister_tm_clones 0000000000000a70 t __do_global_dtors_aux 0000000000201da0 t __do_global_dtors_aux_fini_array_entry 0000000000201db0 d __dso_handle 0000000000201db8 d _DYNAMIC 0000000000202210 D _edata 0000000000202228 B _end 0000000000000af0 T engine_load_afalg_int 0000000000000bb0 T ERR_AFALG_error U ERR_get_next_error_library@@OPENSSL_1_1_0 0000000000000b00 T ERR_load_AFALG_strings U ERR_load_strings@@OPENSSL_1_1_0 U ERR_put_error@@OPENSSL_1_1_0 0000000000000b60 T ERR_unload_AFALG_strings U ERR_unload_strings@@OPENSSL_1_1_0 0000000000000bf8 T _fini 0000000000000ab0 t frame_dummy 0000000000201d98 t __frame_dummy_init_array_entry 0000000000000eb8 r __FRAME_END__ 0000000000202000 d _GLOBAL_OFFSET_TABLE_ w __gmon_start__ 0000000000000970 T _init w _ITM_deregisterTMCloneTable w _ITM_registerTMCloneTable 0000000000201da8 d __JCR_END__ 0000000000201da8 d __JCR_LIST__ w _Jv_RegisterClasses 0000000000000a30 t register_tm_clones 0000000000202210 d __TMC_END__ [root@localhost openssl-1.1.0f]# locate afalg.so /home/jlulla/openssl-1.1.0f/engines/afalg/afalg.so /usr/local/lib64/engines-1.1/afalg.so [root@localhost openssl-1.1.0f]# md5sum /home/jlulla/openssl-1.1.0f/engines/afalg/afalg.so /usr/local/lib64/engines-1.1/afalg.so ec273faa6eb6e25f55e44a7d37adf195 /home/jlulla/openssl-1.1.0f/engines/afalg/afalg.so ec273faa6eb6e25f55e44a7d37adf195 /usr/local/lib64/engines-1.1/afalg.so [root@localhost apps]# date Fri Aug 11 00:01:10 PDT 2017 [root@localhost apps]# ls -l /usr/local/ssl/openssl.cnf -rw-r--r--. 1 root root 10771 Aug 10 23:47 /usr/local/ssl/openssl.cnf [root@localhost apps]# md5sum /usr/local/ssl/openssl.cnf /home/jlulla/openssl-1.1.0f/apps/openssl.cnf f697ef5df0d006882e6326606e8dbf4a /usr/local/ssl/openssl.cnf f697ef5df0d006882e6326606e8dbf4a /home/jlulla/openssl-1.1.0f/apps/openssl.cnf openssl.cnf has the following: .. .. # Extra OBJECT IDENTIFIER info: #oid_file = $ENV::HOME/.oid oid_section = new_oids # To use this configuration file with the "-extfile" option of the # "openssl x509" utility, name here the section containing the # X.509v3 extensions to use: # extensions = # (Alternatively, use a configuration file that has only # X.509v3 extensions in its main [= default] section.) .. .. [root@localhost apps]# ./openssl speed -evp aes-128-cbc -engine afalg invalid engine "afalg" 139853452924736:error:2506406A:DSO support routines:dlfcn_bind_func:could not bind to the requested symbol name:crypto/dso/dso_dlfcn.c:178:symname(bind_engine): /usr/local/lib64/engines-1.1/afalg.so: undefined symbol: bind_engine 139853452924736:error:2506C06A:DSO support routines:DSO_bind_func:could not bind to the requested symbol name:crypto/dso/dso_lib.c:185: 139853452924736:error:260B6068:engine routines:dynamic_load:DSO failure:crypto/engine/eng_dyn.c:427: 139853452924736:error:2606A074:engine routines:ENGINE_by_id:no such engine:crypto/engine/eng_list.c:339:id=afalg 139853452924736:error:25066067:DSO support routines:dlfcn_load:could not load the shared library:crypto/dso/dso_dlfcn.c:113:filename(libafalg.so): libafalg.so: cannot open shared object file: No such file or directory 139853452924736:error:25070067:DSO support routines:DSO_load:could not load the shared library:crypto/dso/dso_lib.c:161: 139853452924736:error:260B6084:engine routines:dynamic_load:dso not found:crypto/engine/eng_dyn.c:414: ^C Modified both the files as the follwing: /usr/local/ssl/openssl.cnf /home/jlulla/openssl-1.1.0f/apps/openssl.cnf # Extra OBJECT IDENTIFIER info: #oid_file = $ENV::HOME/.oid oid_section = new_oids openssl_conf = openssl_def [openssl_def] engines = openssl_engines [openssl_engines] afalg = afalg_engine [afalg_engine] CIPHERS=aes-128-cbc With the above, the errors are more: [root@localhost apps]# ./openssl speed -evp aes-128-cbc -engine afalg invalid engine "afalg" 140473780422464:error:2506406A:DSO support routines:dlfcn_bind_func:could not bind to the requested symbol name:crypto/dso/dso_dlfcn.c:178:symname(bind_engine): /usr/local/lib64/engines-1.1/afalg.so: undefined symbol: bind_engine 140473780422464:error:2506C06A:DSO support routines:DSO_bind_func:could not bind to the requested symbol name:crypto/dso/dso_lib.c:185: 140473780422464:error:260B6068:engine routines:dynamic_load:DSO failure:crypto/engine/eng_dyn.c:427: 140473780422464:error:2606A074:engine routines:ENGINE_by_id:no such engine:crypto/engine/eng_list.c:339:id=afalg 140473780422464:error:260BC066:engine routines:int_engine_configure:engine configuration error:crypto/engine/eng_cnf.c:141:section=afalg_engine, name=CIPHERS, value=aes-128-cbc 140473780422464:error:0E07606D:configuration file routines:module_run:module initialization error:crypto/conf/conf_mod.c:173:module=engines, value=openssl_engines, retcode=-1 140473780422464:error:2506406A:DSO support routines:dlfcn_bind_func:could not bind to the requested symbol name:crypto/dso/dso_dlfcn.c:178:symname(bind_engine): /usr/local/lib64/engines-1.1/afalg.so: undefined symbol: bind_engine 140473780422464:error:2506C06A:DSO support routines:DSO_bind_func:could not bind to the requested symbol name:crypto/dso/dso_lib.c:185: 140473780422464:error:260B6068:engine routines:dynamic_load:DSO failure:crypto/engine/eng_dyn.c:427: 140473780422464:error:2606A074:engine routines:ENGINE_by_id:no such engine:crypto/engine/eng_list.c:339:id=afalg 140473780422464:error:25066067:DSO support routines:dlfcn_load:could not load the shared library:crypto/dso/dso_dlfcn.c:113:filename(libafalg.so): libafalg.so: cannot open shared object file: No such file or directory 140473780422464:error:25070067:DSO support routines:DSO_load:could not load the shared library:crypto/dso/dso_lib.c:161: 140473780422464:error:260B6084:engine routines:dynamic_load:dso not found:crypto/engine/eng_dyn.c:414: ^C -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
