How to get memory address of tables (Te0, Te1, ...) in openssl AES?

Question

How to get memory address of tables (Te0, Te1, ...) in openssl AES?

The goal is to get the address of the precomputed tables in the openssl AES implementation. These tables are contained in the aes_core.c file and are named Te0, Te1, etc. I am trying to do this using the command info address SYMBOL_NAME

in gdb

.

So, these are the steps I followed :

Disable ASLR ( sudo sysctl kernel.randomize_va_space=0

)
Compile openssl (version 101e) with configure -d shared

to keep debug symbols
Link the program to the above openssl version (I verified this using info sharedlibrary

in gdb)
Run the program in gdb and use info address Te0

(or any other table)

Result :No symbol "Te0" in current context.

The same does not happen for, for example, a function private_AES_set_encrypt_key

(also in aes_core.c). In fact, the result in this case is: Symbol "private_AES_set_encrypt_key" is at 0x7ffff7a483f0 in a file compiled without debugging.

which is exactly what I need.

My idea : These tables are declared as static const

, so I think they can be optimized in some way, but then I intentionally compile openssl with debugging support. So why can't I see these symbols in gdb?

Thank you in advance for your help!

+3

symbols openssl aes gdb aslr

Marco chiappetta 30 oct. 14 at 0:02

source to share

1 answer

Marco chiappetta · Answer 1 · 2014-11-16T21:35:27+0000

It turns out that many modern processors (like Intel Core i3 +) implement AES on the hardware from which the compilation of aes_core.c (and any other AES related C file) comes from. To solve the problem, openssl must be compiled with the flag. / configure no-hw. The no-asm flag may also be useful (although I think the tables will still be loaded into memory).

This way I was finally able to see the address using gdb. :)

How to get memory address of tables (Te0, Te1, ...) in openssl AES?

More articles: