Python OpenSSL C扩展:未定义的符号:AES_set_encrypt_key

时间:2018-02-18 23:32:37

标签: python c cpython

我正在尝试写入Python的OpenSSL C扩展。生成共享库(* .so文件)但导入模块时遇到未定义的符号错误。它会引发以下错误(未定义的符号:AES_set_encrypt_key)

>>> import openssl_python
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ImportError: /home/rohith/python_c_extension/aes/openssl_python.cpython-35m-x86_64-linux-gnu.so: undefined symbol: AES_set_encrypt_key

以下是我的源代码

setup.py

from distutils.core import setup, Extension

openssl_module = Extension('openssl_python',
                       sources = ['openssl_python.c'])

setup(name = 'openssl',
      version = '1.0',
      description = 'Python Package with OpenSSL C Extension',
      ext_modules = [openssl_module])

openssl_python.c

#include <Python.h>
#include <stdio.h>
#include <openssl/des.h>
#include <openssl/aes.h>

static PyObject* openssl_module_aes_encrypt(PyObject *self, PyObject *args){
    char* sn;
    if (!PyArg_ParseTuple(args, "s", &sn))
        return NULL;

    AES_KEY       key;
    unsigned char ivec[AES_BLOCK_SIZE];

    unsigned char outBuf[16];

    memcpy(ivec, sqlcFirmwareIvec, sizeof(sqlcFirmwareIvec));

    AES_set_encrypt_key(sqlcFirmwareKey,
                            sizeof(sqlcFirmwareKey) * 8,
                            &key);
    int dataLen = 16;
    int requiredLen = (dataLen / AES_BLOCK_SIZE) * AES_BLOCK_SIZE;

    if (dataLen % AES_BLOCK_SIZE) {
        requiredLen += AES_BLOCK_SIZE;
    }

    AES_cbc_encrypt(sn, outBuf, requiredLen, &key, ivec, AES_ENCRYPT);

    return 1;
}

static PyMethodDef openssl_module_methods[] = { //Can add more functions here
    {   
        "aes_encrypt",
        openssl_module_aes_encrypt,
        METH_VARARGS,
        "Method to encrypt data using Openssl's AES algorithm"
    },  
    {NULL, NULL, 0, NULL}
};

static struct PyModuleDef openssl_module_definition = { 
    PyModuleDef_HEAD_INIT,
    "hello_module",
    "A Python module that prints 'hello world' from C code.",
    -1, 
    openssl_module_methods
};

PyMODINIT_FUNC PyInit_openssl_python(void)
{
    Py_Initialize();
    return PyModule_Create(&openssl_module_definition);
}

我使用CFLAGS="-lcrypto" python3 ./setup.py build_ext --inplace

编译它

有人可以帮我修复错误吗?

谢谢。我没有故意展示key和Ivec的价值。

修改

执行命令:python3 setup.py clean, CFLAGS="-Wl,-z,defs -lcrypto" python3 setup.py build_ext --inplace

这是输出

running build_ext
building 'openssl_python' extension
creating build
creating build/temp.linux-x86_64-3.5
x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -Wl,-z,defs -lcrypto -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.5m -c openssl_python.c -o build/temp.linux-x86_64-3.5/openssl_python.o
openssl_python.c: In function ‘openssl_module_aes_encrypt’:
openssl_python.c:49:21: warning: pointer targets in passing argument 1 of ‘AES_cbc_encrypt’ differ in signedness [-Wpointer-sign]
     AES_cbc_encrypt(sn,
                     ^
In file included from openssl_python.c:4:0:
/usr/include/openssl/aes.h:107:6: note: expected ‘const unsigned char *’ but argument is of type ‘char *’
 void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
      ^
openssl_python.c:61:12: warning: return makes pointer from integer without a cast [-Wint-conversion]
     return 1;
            ^
openssl_python.c:20:23: warning: unused variable ‘sqlcFirmwarePadding’ [-Wunused-variable]
  static unsigned char sqlcFirmwarePadding[] = {
                       ^
x86_64-linux-gnu-gcc -pthread -shared -Wl,-O1 -Wl,-Bsymbolic-functions -Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,defs -lcrypto -Wdate-time -D_FORTIFY_SOURCE=2 build/temp.linux-x86_64-3.5/openssl_python.o -o /home/rohith/python_c_extension/aes/openssl_python.cpython-35m-x86_64-linux-gnu.so
build/temp.linux-x86_64-3.5/openssl_python.o: In function `openssl_module_aes_encrypt':
/home/rohith/python_c_extension/aes/openssl_python.c:27: undefined reference to `PyArg_ParseTuple'
/home/rohith/python_c_extension/aes/openssl_python.c:37: undefined reference to `AES_set_encrypt_key'
/home/rohith/python_c_extension/aes/openssl_python.c:49: undefined reference to `AES_cbc_encrypt'
build/temp.linux-x86_64-3.5/openssl_python.o: In function `PyInit_openssl_python':
/home/rohith/python_c_extension/aes/openssl_python.c:84: undefined reference to `Py_Initialize'
/home/rohith/python_c_extension/aes/openssl_python.c:86: undefined reference to `PyModule_Create2'
collect2: error: ld returned 1 exit status
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

2 个答案:

答案 0 :(得分:1)

这里的基本问题是,当setup.py链接您的扩展程序时,它会在目标文件之前将-lcrypto放在命令行上,其中包含您的代码。 Unix链接器在命令行上严格地从左到右处理对象和库:-lcrypto foo.o将不使用libcrypto来解析foo.o中的符号。这是出于历史原因而不再具有多大意义,但我们仍然坚持使用它,因为它会破坏太多的Makefile来改变它。此外,由于历史原因不再有意义,如果您不在命令行中放置-Wl,-z,defs,则共享库(编译代码Python扩展是技术上的共享库)中包含未定义的符号它不是链接时错误,这就是构建似乎有效的原因。

您的扩展本质上需要libcrypto。如果我正确阅读Distutils文档,这意味着您应该在libraries=的{​​{1}}关键字参数中指定它,而不是将其放在CFLAGS中。像这样:

Extension(...)

答案 1 :(得分:0)

zwol的解决方案要好得多。但我只是为了完整性而将其包括在内。

发出以下命令:

x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.5m -c openssl_python.c -lcrypto -o build/temp.linux-x86_64-3.5/openssl_python.o

接着是

x86_64-linux-gnu-gcc -pthread -shared -Wl,-O1 -Wl,-Bsymbolic-functions -Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-Bsymbolic-functions -Wl,-z,relro -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 build/temp.linux-x86_64-3.5/openssl_python.o -lcrypto -o /home/rohith/python_c_extension/aes/openssl_python.cpython-35m-x86_64-linux-gnu.so

现在生成了共享库。