编译OpenSSL引擎(.so)无法加载未定义的符号

时间:2017-06-14 11:39:14

标签: c linker openssl shared-libraries

我正在为Atmel https://github.com/AtmelCSO/cryptoauth-openssl-engine/编译以下OpenSSL引擎,用于ARM平台。

代码,使用' eckey_asn1_meth'来自OpenSSL代码库:

git grep "eckey_asn1_meth"
engine_meth/eccx08_ameth.c:    extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.pub_encode = eckey_asn1_meth.pub_encode;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.pub_decode = eckey_asn1_meth.pub_decode;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.pub_cmp = eckey_asn1_meth.pub_cmp;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.pub_print = eckey_asn1_meth.pub_print;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.priv_decode = eckey_asn1_meth.priv_decode;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.priv_encode = eckey_asn1_meth.priv_encode;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.priv_print = eckey_asn1_meth.priv_print;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.pkey_size = eckey_asn1_meth.pkey_size;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.pkey_bits = eckey_asn1_meth.pkey_bits;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.pkey_security_bits = eckey_asn1_meth.pkey_security_bits;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.param_decode = eckey_asn1_meth.param_decode;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.param_encode = eckey_asn1_meth.param_encode;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.param_missing = eckey_asn1_meth.param_missing;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.param_copy = eckey_asn1_meth.param_copy;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.param_cmp = eckey_asn1_meth.param_cmp;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.param_print = eckey_asn1_meth.param_print;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.sig_print = eckey_asn1_meth.sig_print;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.pkey_ctrl = eckey_asn1_meth.pkey_ctrl;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.old_priv_decode = eckey_asn1_meth.old_priv_decode;
engine_meth/eccx08_ameth.c:    eccx08_pkey_asn1_meth.old_priv_encode = eckey_asn1_meth.old_priv_encode;

这是在OpenSSL代码中定义的:

crypto/ec/ec_ameth.c:const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = {

现在,这是编译.so(OpenSSL引擎)的Makefile行,我不完全理解:

LINK_SO=        \
   $(LD) -r -o $(LIBNAME).o $$ALLSYMSFLAGS $(LIB) $(LIBAMETH) && \
   ($(NM) -Pg $(LIBNAME).o | grep ' [BDT] ' | cut -f1 -d' ' > $(LIBNAME).exp; \
    $$SHAREDCMD $$SHAREDFLAGS -o $(SHLIB) $(LIBNAME).o $(LDFLAGS) -L ../install_dir/lib -lcrypto -lssl -lc \
    -Lengine_meth -Lcryptoauthlib/lib -leccx08_meth -lcryptoauth -lm -lrt)

这将生成共享库:

file libateccx08.so
libateccx08.so: ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, BuildID[sha1]=84875c59aecd0c53aaaac8aad84d6899441098c4, not stripped

但是,当我尝试在目标上加载引擎时,它会失败:

openssl engine -t dynamic -pre SO_PATH:/usr/lib/libateccx08.so -pre ID:atmel -pre LIST_ADD:1 -pre LOAD
(dynamic) Dynamic engine loading support
[Success]: SO_PATH:/usr/lib/libateccx08.so
[Success]: ID:atmel
[Success]: LIST_ADD:1
[Failure]: LOAD
1995961552:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:187:filename(/usr/lib/libateccx08.so): /usr/lib/libateccx08.so: undefined symbol: eckey_asn1_meth
1995961552:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:233:
1995961552:error:260B6084:engine routines:DYNAMIC_LOAD:dso not found:eng_dyn.c:467:
     [ unavailable ]

OpenSSL引擎的.so中不存在未定义的符号 eckey_asn1_meth 。 nm表明它是未知的(U):

nm libateccx08.so | grep eckey_asn1_meth
         U eckey_asn1_meth

但是,objdump显示OpenSSL引擎的.so需要libcrypto:

objdump -p libateccx08.so

libateccx08.so:     file format elf32-little

Program Header:
    LOAD off    0x00000000 vaddr 0x00000000 paddr 0x00000000 align 2**16
         filesz 0x00020e50 memsz 0x00020e50 flags r-x
    LOAD off    0x00021000 vaddr 0x00031000 paddr 0x00031000 align 2**16
         filesz 0x0000119a memsz 0x00001e64 flags rw-
 DYNAMIC off    0x00021144 vaddr 0x00031144 paddr 0x00031144 align 2**2
         filesz 0x000000f0 memsz 0x000000f0 flags rw-
    NOTE off    0x000000d4 vaddr 0x000000d4 paddr 0x000000d4 align 2**2
         filesz 0x00000024 memsz 0x00000024 flags r--
   STACK off    0x00000000 vaddr 0x00000000 paddr 0x00000000 align 2**4
         filesz 0x00000000 memsz 0x00000000 flags rw-

Dynamic Section:
  NEEDED               libcrypto.so.1.0.0
  NEEDED               libc.so.6
  SONAME               libateccx08.so
  INIT                 0x00005c0c
  FINI                 0x0001ed58
  INIT_ARRAY           0x00031000
  INIT_ARRAYSZ         0x00000004
  FINI_ARRAY           0x00031004
  FINI_ARRAYSZ         0x00000004
  GNU_HASH             0x000000f8
  STRTAB               0x00002d14
  SYMTAB               0x000010c4
  STRSZ                0x00001e3c
  SYMENT               0x00000010
  PLTGOT               0x00031234
  PLTRELSZ             0x00000a18
  PLTREL               0x00000011
  JMPREL               0x000051f4
  REL                  0x00004f1c
  RELSZ                0x000002d8
  RELENT               0x00000008
  VERNEED              0x00004edc
  VERNEEDNUM           0x00000002
  VERSYM               0x00004b50
  RELCOUNT             0x00000022

Version References:
  required from libc.so.6:
    0x0d696914 0x00 03 GLIBC_2.4
  required from libcrypto.so.1.0.0:
    0x06a2b2e4 0x00 02 OPENSSL_1.0.2d

libcrypto共享库确实包含符号eckey_asn1_meth:

nm libcrypto.so | grep eckey_asn1_meth
001642ac d eckey_asn1_meth

如果libcrypto.so中有未知符号,为什么这会在运行时失败?有没有办法可以为包含符号的OpenSSL引擎生成.so,并消除' U'从nm输出? 还有其他任何方法可以使这项工作吗?

0 个答案:

没有答案
相关问题
最新问题