当前位置: 首页 > 工具软件 > OpenSSL > 使用案例 >

openssl:获取openssl版本号

唐炜
2023-12-01

openssl:获取openssl版本号


一、代码

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <openssl/opensslv.h>
#include <openssl/crypto.h>

int main() {

	printf("OPENSSL_VERSION_NUMBER:\n\t\t\t0x%x\n", OPENSSL_VERSION_NUMBER);
	printf("OPENSSL_VERSION_TEXT:\n\t\t\t%s\n", OPENSSL_VERSION_TEXT);
#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
	printf("SSLeay:\n\t\t\t0x%x\n", SSLeay());
	printf("SSLeay_version(SSLEAY_VERSION):\n\t\t\t%s\n", SSLeay_version(SSLEAY_VERSION));
	printf("SSLeay_version(SSLEAY_CFLAGS):\n\t\t\t%s\n", SSLeay_version(SSLEAY_CFLAGS));
	printf("SSLeay_version(SSLEAY_BUILT_ON):\n\t\t\t%s\n", SSLeay_version(SSLEAY_BUILT_ON));
	printf("SSLeay_version(SSLEAY_PLATFORM):\n\t\t\t%s\n", SSLeay_version(SSLEAY_PLATFORM));
	printf("SSLeay_version(SSLEAY_DIR):\n\t\t\t%s\n", SSLeay_version(SSLEAY_DIR));
#else
	printf("OpenSSL_version_num:\n\t\t\t0x%x\n", OpenSSL_version_num());
	printf("OpenSSL_version(OPENSSL_VERSION):\n\t\t\t%s\n", OpenSSL_version(OPENSSL_VERSION));
	printf("OpenSSL_version(OPENSSL_CFLAGS):\n\t\t\t%s\n", OpenSSL_version(OPENSSL_CFLAGS));
	printf("OpenSSL_version(OPENSSL_BUILT_ON):\n\t\t\t%s\n", OpenSSL_version(OPENSSL_BUILT_ON));
	printf("OpenSSL_version(OPENSSL_PLATFORM):\n\t\t\t%s\n", OpenSSL_version(OPENSSL_PLATFORM));
	printf("OpenSSL_version(OPENSSL_DIR):\n\t\t\t%s\n", OpenSSL_version(OPENSSL_DIR));
	printf("OpenSSL_version(OPENSSL_ENGINES_DIR):\n\t\t\t%s\n", OpenSSL_version(OPENSSL_ENGINES_DIR));
#endif

    return 0;
}

在 openssl 1.1.0 环境中编译运行:

[test1280@localhost ~]$ gcc -o main main.c -lssl -lcrypto
[test1280@localhost ~]$ ./main
OPENSSL_VERSION_NUMBER:
			0x1010103f
OPENSSL_VERSION_TEXT:
			OpenSSL 1.1.1c FIPS  28 May 2019
OpenSSL_version_num:
			0x1010103f
OpenSSL_version(OPENSSL_VERSION):
			OpenSSL 1.1.1c FIPS  28 May 2019
OpenSSL_version(OPENSSL_CFLAGS):
			compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -Wa,--noexecstack -Wa,--generate-missing-build-notes=yes -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG -DPURIFY -DDEVRANDOM="\"/dev/urandom\"" -DSYSTEM_CIPHERS_FILE="/etc/crypto-policies/back-ends/openssl.config"
OpenSSL_version(OPENSSL_BUILT_ON):
			built on: Thu Apr  9 19:02:31 2020 UTC
OpenSSL_version(OPENSSL_PLATFORM):
			platform: linux-x86_64
OpenSSL_version(OPENSSL_DIR):
			OPENSSLDIR: "/etc/pki/tls"
OpenSSL_version(OPENSSL_ENGINES_DIR):
			ENGINESDIR: "/usr/lib64/engines-1.1"

在 openssl 1.0.1e 环境中编译运行:

[test1280@test1280 ~]$ gcc -o main main.c -lssl -lcrypto 
[test1280@test1280 ~]$ ./main
OPENSSL_VERSION_NUMBER:
			0x1000105f
OPENSSL_VERSION_TEXT:
			OpenSSL 1.0.1e 11 Feb 2013
SSLeay:
			0x1000105f
SSLeay_version(SSLEAY_VERSION):
			OpenSSL 1.0.1e-fips 11 Feb 2013
SSLeay_version(SSLEAY_CFLAGS):
			compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -m64 -DL_ENDIAN -DTERMIO -Wall -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wa,--noexecstack -DPURIFY -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
SSLeay_version(SSLEAY_BUILT_ON):
			built on: Wed Aug 14 16:32:19 UTC 2019
SSLeay_version(SSLEAY_PLATFORM):
			platform: linux-x86_64
SSLeay_version(SSLEAY_DIR):
			OPENSSLDIR: "/etc/pki/tls"

查看man手册:man OPENSSL_VERSION_NUMBER

SSLeay和SSLeay_version在openssl 1.1.0+版本中已经被废弃(deprecated )。

在 openssl 1.1.0+ 版本中应当使用:

  • OpenSSL_version_num
  • OpenSSL_version

openssl 1.0.2
https://www.openssl.org/docs/man1.0.2//man3/OPENSSL_VERSION_NUMBER.html

openssl 1.1.0
https://www.openssl.org/docs/man1.1.0/man3/OPENSSL_VERSION_NUMBER.html


二、openssl命令

参考:https://linux.die.net/man/1/version

[test1280@localhost ~]$ openssl version
OpenSSL 1.1.1c FIPS  28 May 2019
[test1280@localhost ~]$ openssl version -a
OpenSSL 1.1.1c FIPS  28 May 2019
built on: Thu Apr  9 19:02:31 2020 UTC
platform: linux-x86_64
options:  bn(64,64) md2(char) rc4(16x,int) des(int) idea(int) blowfish(ptr) 
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -Wa,--noexecstack -Wa,--generate-missing-build-notes=yes -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG -DPURIFY -DDEVRANDOM="\"/dev/urandom\"" -DSYSTEM_CIPHERS_FILE="/etc/crypto-policies/back-ends/openssl.config"
OPENSSLDIR: "/etc/pki/tls"
ENGINESDIR: "/usr/lib64/engines-1.1"
Seeding source: os-specific
engines:  rdrand dynamic 

三、头文件

openssl 1.1.1c

[test1280@localhost ~]$ grep OPENSSL_VERSION_NUMBER /usr/include/openssl/*
/usr/include/openssl/crypto.h:#  define SSLEAY_VERSION_NUMBER   OPENSSL_VERSION_NUMBER
/usr/include/openssl/opensslconf-x86_64.h:#if OPENSSL_VERSION_NUMBER < 0x10200000L
/usr/include/openssl/opensslv.h:# define OPENSSL_VERSION_NUMBER  0x1010103fL
[test1280@localhost ~]$ grep OPENSSL_VERSION_TEXT /usr/include/openssl/*
/usr/include/openssl/opensslv.h:# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1c FIPS  28 May 2019"

openssl 1.0.1e

[test1280@test1280 ~]$ grep OPENSSL_VERSION_NUMBER /usr/include/openssl/*
/usr/include/openssl/crypto.h:#define SSLEAY_VERSION_NUMBER	OPENSSL_VERSION_NUMBER
/usr/include/openssl/opensslv.h:#define OPENSSL_VERSION_NUMBER	0x1000105fL
[test1280@test1280 ~]$ grep OPENSSL_VERSION_TEXT /usr/include/openssl/*
/usr/include/openssl/opensslv.h:#define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.1e-fips 11 Feb 2013"
/usr/include/openssl/opensslv.h:#define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.1e 11 Feb 2013"
/usr/include/openssl/opensslv.h:#define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT

四、动态库

查看下 openssl 命令依赖的libssl和libcrypto动态库位置:

[test1280@localhost ~]$ ldd `which openssl` | grep -E "libssl|libcrypto"
	libssl.so.1.1 => /lib64/libssl.so.1.1 (0x00007f4258df0000)
	libcrypto.so.1.1 => /lib64/libcrypto.so.1.1 (0x00007f4258911000)
[test1280@localhost ~]$ strings /lib64/libssl.so.1.1 | grep -E "^OpenSSL\s+"
OpenSSL 1.1.1c FIPS  28 May 2019
[test1280@localhost ~]$ strings /lib64/libcrypto.so.1.1 | grep -E "^OpenSSL\s+"
OpenSSL I3E
OpenSSL I3
OpenSSL default
OpenSSL 1.1.1c FIPS  28 May 2019
OpenSSL X9.42 DH method
OpenSSL PKCS#3 DH method
OpenSSL DH Method
OpenSSL DSA method
OpenSSL 'dlfcn' shared library method
OpenSSL EC algorithm
OpenSSL EC_KEY method
OpenSSL ED448 algorithm
OpenSSL ED25519 algorithm
OpenSSL X448 algorithm
OpenSSL X25519 algorithm
OpenSSL HMAC method
OpenSSL POLY1305 method
OpenSSL NIST SP 800-90A DRBG
OpenSSL RSA-PSS method
OpenSSL RSA method
OpenSSL PKCS#1 RSA
OpenSSL SIPHASH method
OpenSSL NULL UI
OpenSSL default user interface
[test1280@test1280 ~]$ ldd `which openssl` | grep -E "libssl|libcrypto"
	libssl.so.10 => /usr/lib64/libssl.so.10 (0x0000003510200000)
	libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x000000350ee00000)
[test1280@test1280 ~]$ strings /usr/lib64/libssl.so.10 | grep -E "^OpenSSL\s+"
OpenSSL 1.0.1e-fips 11 Feb 2013
[test1280@test1280 ~]$ strings /usr/lib64/libcrypto.so.10 | grep -E "^OpenSSL\s+"
OpenSSL H
OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL 1.0.0-fips 29 Mar 2010
OpenSSL HMAC method
OpenSSL EC algorithm
OpenSSL RSA method
OpenSSL DSA method
OpenSSL ECDSA method
OpenSSL DH Method
OpenSSL PKCS#3 DH method
OpenSSL ECDH method
OpenSSL 'dlfcn' shared library method
OpenSSL default
OpenSSL default user interface
OpenSSL CMAC method
OpenSSL FIPS 140-2 Public Key RSA KAT

参考:https://stackoverflow.com/questions/23320480/how-to-determine-version-of-openssl-library

 类似资料: