Openssl apps linker errors after adding new cipher

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Openssl apps linker errors after adding new cipher

Wang Hao Lee
Dear all,

I'm pretty new to this mailing list so please be easy on me :) I have integrated a custom 256bit symmetric cipher into OpenSSL 1.0.2g (the ubuntu version); and now i'm facing linker errors building openssl apps. My new cipher is called MYCIPH or myciph.

The format for the modifications are as follows:

<Filename>:

x* <Code> 

*x indicates the Line No. for the modification/insertion

openssl/Makefile.org:

                97 MYCIPH_ENC= myciph_enc.o

...

144 # dirs in crypto to build

145 SDIRS= \

...

148 des aes rc2 rc4 rc5 idea bf myciph cast camellia seed

...

231 MYCIPH_ENC= ‘$(MYCIPH_ENC)’

crypto/evp/Makefile:

22 e_des.c e_bf.c e_myciph.c e_idea.c …

...

35 e_des.o e_bf.o e_myciph.o e_idea.o …


obj_mac.num:*

958 myciph 958


objects.txt:

421 1 3 3 7 : MYCIPH  : myciph


evp.h:

87 # define EVP_MAX_IV_LENGTH 32


782 #endif

783 #ifndef OPENSSL_NO_MYCIPH

784 const EVP_CIPHER *EVP_myciph(void);

785 #endif

786 # ifndef OPENSSL_NO_RC4


c_allc.c:

145 #ifndef OPENSSL_NO_MYCIPH

146 EVP_add_cipher(EVP_myciph());

147 EVP_add_cipher_alias(SN_drgn_bd,"myciph");

148 EVP_add_cipher_alias(SN_drgn_bd,"MYCIPH");


149 #endif

ssl_algs.c:

 81 #ifndef OPENSSL_NO_MYCIPH

82 EVP_add_cipher(EVP_myciph());

83 #endif



ssl_locl.h:

357 # define SSL_MYCIPH   0x00004000L


ssl_ciph.c:

167 # define SSL_ENC_MYCIPH_IDX 14

168 # define SSL_ENC_NUM_IDX 15


172 static const EVP_CIPHER*ssl_cipher_methods[SSL_ENC_NUM_IDX]={

173 NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL, NULL

174 };


305 {0, SSL_TXT_MYCIPH, 0, 0, 0, SSL_MYCIPH, 0, 0, 0, 0, 0, 0},


//void ssl_load_ciphers(void){

407 ssl_cipher_methods[SSL_ENC_MYCIPH_IDX]= EVP_get_cipherbyname(SN_myciph


//int ssl_cipher_get_evp(...){

//switch (c->algorithm_enc){

585 case SSL_MYCIPH:

586 i = SSL_ENC_MYCIPH_IDX;

587 break;


675 else if (c->algorithm_enc == SSL_MYCIPH &&

676 (evp=EVP_get_cipherbyname("MYCIPH")))

677 *enc = evp, *md = NULL;



796 *enc |= (ssl_cipher_methods[SSL_ENC_MYCIPH_IDX ] ==

NULL) ? SSL_MYCIPH :0;


1784 case SSL_MYCIPH:

1785 enc="MYCIPH(256)"; 

1786 break;


s3_lib.c:

604 {

605 1,

606 SSL3_TXT_RSA_MYCIPH,

607 SSL3_CK_RSA_MYCIPH,

608 SSL_kRSA,

609 SSL_aRSA,

610 SSL_MYCIPH,

611 SSL_MD5,

612 SSL_SSLV3,

613 SSL_NOT_EXP|SSL_MEDIUM,

614 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,

615 256, //Key-Size (bits)

616 256, //IV-Size (bits)

617 },


ssl.h:

              300 # define SSL_TXT_MYCIPH "MYCIPH


ssl3.h:

179 # define SSL3_CK_RSA_MYCIPH 0x0300001C

...

254 # define SSL3_TXT_RSA_MYCIPH "MYCIPH"


apps/prog.pl:

85 "cast-cbc", "rc5-cbc", "rc5-ecb", "rc5-cfb", "rc5-ofb",

86 "myciph", )


After I changed these files. Compiling using ./config fips; make depend; make was successful and the apps can link nicely. I even manage to test my cipher via the EVP interface: openssl speed -evp mynewcipher. 

However, when I build by configuring with ./config fips shared; make depend; make to generate shared objects for libcrypto and libssl I get the following linker error:

making all in apps...
make[1]: Entering directory '/home/wanghao/Documents/iVPN/openssl_new/openssl-1.0.2g/apps'
rm -f openssl
shlib_target=; if [ -n "libcrypto.so.1.0.2 libssl.so.1.0.2" ]; then \
shlib_target="linux-shared"; \
elif [ -n "" ]; then \
  FIPSLD_CC="gcc"; CC=/usr/local/ssl/fips-2.0/bin/fipsld; export CC FIPSLD_CC; \
fi; \
LIBRARIES="-L.. -lssl  -L.. -lcrypto" ; \
make -f ../Makefile.shared -e \
APPNAME=openssl OBJECTS="openssl.o verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o x509.o genrsa.o gendsa.o genpkey.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o app_rand.o version.o sess_id.o ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o srp.o" \
LIBDEPS=" $LIBRARIES -ldl" \
link_app.${shlib_target}
make[2]: Entering directory '/home/wanghao/Documents/iVPN/openssl_new/openssl-1.0.2g/apps'
../libssl.so: undefined reference to `EVP_flcn_bd'
collect2: error: ld returned 1 exit status
../Makefile.shared:171: recipe for target 'link_app.gnu' failed
make[2]: *** [link_app.gnu] Error 1
make[2]: Leaving directory '/home/wanghao/Documents/iVPN/openssl_new/openssl-1.0.2g/apps'
Makefile:156: recipe for target 'openssl' failed
make[1]: *** [openssl] Error 2
make[1]: Leaving directory '/home/wanghao/Documents/iVPN/openssl_new/openssl-1.0.2g/apps'
Makefile:297: recipe for target 'build_apps' failed
make: *** [build_apps] Error 1


Did I miss out anything I have to change? Were my changes correct? please advise thanks.

Best Regards
Wang Hao LEE

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: Openssl apps linker errors after adding new cipher

Benjamin Kaduk
On 07/10/2016 09:13 PM, Wang Hao Lee wrote:

After I changed these files. Compiling using ./config fips; make depend; make was successful and the apps can link nicely. I even manage to test my cipher via the EVP interface: openssl speed -evp mynewcipher. 

However, when I build by configuring with ./config fips shared; make depend; make to generate shared objects for libcrypto and libssl I get the following linker error:


If I remember correctly, the Debian packaging adds a layer that uses and export symbol list to restrict what symbols can be used from the shared library; presumably Ubuntu has also picked up that bit of code.  Look at openssl.ld in your source tree.

-Ben

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: Openssl apps linker errors after adding new cipher

Wang Hao Lee
Hi Benjamin

Great advice. After adding the symbol EVP_myciph to openssl.ld linker script. It compiled without problems.

Cheers!

Regards
Wang Hao

On Tue, Jul 12, 2016 at 7:06 AM, Benjamin Kaduk <[hidden email]> wrote:
On 07/10/2016 09:13 PM, Wang Hao Lee wrote:

After I changed these files. Compiling using ./config fips; make depend; make was successful and the apps can link nicely. I even manage to test my cipher via the EVP interface: openssl speed -evp mynewcipher. 

However, when I build by configuring with ./config fips shared; make depend; make to generate shared objects for libcrypto and libssl I get the following linker error:


If I remember correctly, the Debian packaging adds a layer that uses and export symbol list to restrict what symbols can be used from the shared library; presumably Ubuntu has also picked up that bit of code.  Look at openssl.ld in your source tree.

-Ben

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev



--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev