一、代码
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <openssl/opensslv.h>
#include <openssl/crypto.h>
int main() {
printf("OPENSSL_VERSION_NUMBER:\n\t\t\t0x%x\n", OPENSSL_VERSION_NUMBER);
printf("OPENSSL_VERSION_TEXT:\n\t\t\t%s\n", OPENSSL_VERSION_TEXT);
#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
printf("SSLeay:\n\t\t\t0x%x\n", SSLeay());
printf("SSLeay_version(SSLEAY_VERSION):\n\t\t\t%s\n", SSLeay_version(SSLEAY_VERSION));
printf("SSLeay_version(SSLEAY_CFLAGS):\n\t\t\t%s\n", SSLeay_version(SSLEAY_CFLAGS));
printf("SSLeay_version(SSLEAY_BUILT_ON):\n\t\t\t%s\n", SSLeay_version(SSLEAY_BUILT_ON));
printf("SSLeay_version(SSLEAY_PLATFORM):\n\t\t\t%s\n", SSLeay_version(SSLEAY_PLATFORM));
printf("SSLeay_version(SSLEAY_DIR):\n\t\t\t%s\n", SSLeay_version(SSLEAY_DIR));
#else
printf("OpenSSL_version_num:\n\t\t\t0x%x\n", OpenSSL_version_num());
printf("OpenSSL_version(OPENSSL_VERSION):\n\t\t\t%s\n", OpenSSL_version(OPENSSL_VERSION));
printf("OpenSSL_version(OPENSSL_CFLAGS):\n\t\t\t%s\n", OpenSSL_version(OPENSSL_CFLAGS));
printf("OpenSSL_version(OPENSSL_BUILT_ON):\n\t\t\t%s\n", OpenSSL_version(OPENSSL_BUILT_ON));
printf("OpenSSL_version(OPENSSL_PLATFORM):\n\t\t\t%s\n", OpenSSL_version(OPENSSL_PLATFORM));
printf("OpenSSL_version(OPENSSL_DIR):\n\t\t\t%s\n", OpenSSL_version(OPENSSL_DIR));
printf("OpenSSL_version(OPENSSL_ENGINES_DIR):\n\t\t\t%s\n", OpenSSL_version(OPENSSL_ENGINES_DIR));
#endif
return 0;
}
在 openssl 1.1.0 环境中编译运行:
[test1280@localhost ~]$ gcc -o main main.c -lssl -lcrypto
[test1280@localhost ~]$ ./main
OPENSSL_VERSION_NUMBER:
0x1010103f
OPENSSL_VERSION_TEXT:
OpenSSL 1.1.1c FIPS 28 May 2019
OpenSSL_version_num:
0x1010103f
OpenSSL_version(OPENSSL_VERSION):
OpenSSL 1.1.1c FIPS 28 May 2019
OpenSSL_version(OPENSSL_CFLAGS):
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -Wa,--noexecstack -Wa,--generate-missing-build-notes=yes -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG -DPURIFY -DDEVRANDOM="\"/dev/urandom\"" -DSYSTEM_CIPHERS_FILE="/etc/crypto-policies/back-ends/openssl.config"
OpenSSL_version(OPENSSL_BUILT_ON):
built on: Thu Apr 9 19:02:31 2020 UTC
OpenSSL_version(OPENSSL_PLATFORM):
platform: linux-x86_64
OpenSSL_version(OPENSSL_DIR):
OPENSSLDIR: "/etc/pki/tls"
OpenSSL_version(OPENSSL_ENGINES_DIR):
ENGINESDIR: "/usr/lib64/engines-1.1"
在 openssl 1.0.1e 环境中编译运行:
[test1280@test1280 ~]$ gcc -o main main.c -lssl -lcrypto
[test1280@test1280 ~]$ ./main
OPENSSL_VERSION_NUMBER:
0x1000105f
OPENSSL_VERSION_TEXT:
OpenSSL 1.0.1e 11 Feb 2013
SSLeay:
0x1000105f
SSLeay_version(SSLEAY_VERSION):
OpenSSL 1.0.1e-fips 11 Feb 2013
SSLeay_version(SSLEAY_CFLAGS):
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -m64 -DL_ENDIAN -DTERMIO -Wall -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wa,--noexecstack -DPURIFY -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
SSLeay_version(SSLEAY_BUILT_ON):
built on: Wed Aug 14 16:32:19 UTC 2019
SSLeay_version(SSLEAY_PLATFORM):
platform: linux-x86_64
SSLeay_version(SSLEAY_DIR):
OPENSSLDIR: "/etc/pki/tls"
查看man手册:man OPENSSL_VERSION_NUMBER
SSLeay和SSLeay_version在openssl 1.1.0+版本中已经被废弃(deprecated )。
在 openssl 1.1.0+ 版本中应当使用:
openssl 1.0.2
https://www.openssl.org/docs/man1.0.2//man3/OPENSSL_VERSION_NUMBER.html
openssl 1.1.0
https://www.openssl.org/docs/man1.1.0/man3/OPENSSL_VERSION_NUMBER.html
二、openssl命令
参考:https://linux.die.net/man/1/version
[test1280@localhost ~]$ openssl version
OpenSSL 1.1.1c FIPS 28 May 2019
[test1280@localhost ~]$ openssl version -a
OpenSSL 1.1.1c FIPS 28 May 2019
built on: Thu Apr 9 19:02:31 2020 UTC
platform: linux-x86_64
options: bn(64,64) md2(char) rc4(16x,int) des(int) idea(int) blowfish(ptr)
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -Wa,--noexecstack -Wa,--generate-missing-build-notes=yes -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG -DPURIFY -DDEVRANDOM="\"/dev/urandom\"" -DSYSTEM_CIPHERS_FILE="/etc/crypto-policies/back-ends/openssl.config"
OPENSSLDIR: "/etc/pki/tls"
ENGINESDIR: "/usr/lib64/engines-1.1"
Seeding source: os-specific
engines: rdrand dynamic
三、头文件
openssl 1.1.1c
[test1280@localhost ~]$ grep OPENSSL_VERSION_NUMBER /usr/include/openssl/*
/usr/include/openssl/crypto.h:# define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
/usr/include/openssl/opensslconf-x86_64.h:#if OPENSSL_VERSION_NUMBER < 0x10200000L
/usr/include/openssl/opensslv.h:# define OPENSSL_VERSION_NUMBER 0x1010103fL
[test1280@localhost ~]$ grep OPENSSL_VERSION_TEXT /usr/include/openssl/*
/usr/include/openssl/opensslv.h:# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1c FIPS 28 May 2019"
openssl 1.0.1e
[test1280@test1280 ~]$ grep OPENSSL_VERSION_NUMBER /usr/include/openssl/*
/usr/include/openssl/crypto.h:#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
/usr/include/openssl/opensslv.h:#define OPENSSL_VERSION_NUMBER 0x1000105fL
[test1280@test1280 ~]$ grep OPENSSL_VERSION_TEXT /usr/include/openssl/*
/usr/include/openssl/opensslv.h:#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1e-fips 11 Feb 2013"
/usr/include/openssl/opensslv.h:#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1e 11 Feb 2013"
/usr/include/openssl/opensslv.h:#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
四、动态库
查看下 openssl 命令依赖的libssl和libcrypto动态库位置:
[test1280@localhost ~]$ ldd `which openssl` | grep -E "libssl|libcrypto"
libssl.so.1.1 => /lib64/libssl.so.1.1 (0x00007f4258df0000)
libcrypto.so.1.1 => /lib64/libcrypto.so.1.1 (0x00007f4258911000)
[test1280@localhost ~]$ strings /lib64/libssl.so.1.1 | grep -E "^OpenSSL\s+"
OpenSSL 1.1.1c FIPS 28 May 2019
[test1280@localhost ~]$ strings /lib64/libcrypto.so.1.1 | grep -E "^OpenSSL\s+"
OpenSSL I3E
OpenSSL I3
OpenSSL default
OpenSSL 1.1.1c FIPS 28 May 2019
OpenSSL X9.42 DH method
OpenSSL PKCS#3 DH method
OpenSSL DH Method
OpenSSL DSA method
OpenSSL 'dlfcn' shared library method
OpenSSL EC algorithm
OpenSSL EC_KEY method
OpenSSL ED448 algorithm
OpenSSL ED25519 algorithm
OpenSSL X448 algorithm
OpenSSL X25519 algorithm
OpenSSL HMAC method
OpenSSL POLY1305 method
OpenSSL NIST SP 800-90A DRBG
OpenSSL RSA-PSS method
OpenSSL RSA method
OpenSSL PKCS#1 RSA
OpenSSL SIPHASH method
OpenSSL NULL UI
OpenSSL default user interface
[test1280@test1280 ~]$ ldd `which openssl` | grep -E "libssl|libcrypto"
libssl.so.10 => /usr/lib64/libssl.so.10 (0x0000003510200000)
libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x000000350ee00000)
[test1280@test1280 ~]$ strings /usr/lib64/libssl.so.10 | grep -E "^OpenSSL\s+"
OpenSSL 1.0.1e-fips 11 Feb 2013
[test1280@test1280 ~]$ strings /usr/lib64/libcrypto.so.10 | grep -E "^OpenSSL\s+"
OpenSSL H
OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL 1.0.0-fips 29 Mar 2010
OpenSSL HMAC method
OpenSSL EC algorithm
OpenSSL RSA method
OpenSSL DSA method
OpenSSL ECDSA method
OpenSSL DH Method
OpenSSL PKCS#3 DH method
OpenSSL ECDH method
OpenSSL 'dlfcn' shared library method
OpenSSL default
OpenSSL default user interface
OpenSSL CMAC method
OpenSSL FIPS 140-2 Public Key RSA KAT
参考:https://stackoverflow.com/questions/23320480/how-to-determine-version-of-openssl-library