Skip to content

OpenSSL Tracer: a Real Life Example

Tracing text encryption

OpenSSL ships with a command-line tool named openssl. We can use it to encrypt some text by issuing the following command:

$ echo some text | openssl enc -aes-256-cbc -k secret -base64

Since the openssl command line tool uses libcrypto in this case, the OpenSSL tracer component to choose is To obtain the trace corresponding to the execution of this command, the LD_PRELOAD environment variable needs to be set to the path of the tracer. For example, in an interactive shell session, the previous command line would be changed to become:

$ echo some text | LD_PRELOAD=/path/to/ openssl enc -aes-256-cbc -k secret -base64

The encrypted text is still printed on the standard output. This also creates a cs-trace-evp-PID_TIMESTAMP.cst trace file under /tmp, where PID is the Process ID.

Configuring where traces are stored

It is possible to configure where traces are stored using the CS_TRACE_DIR environment variable:

$ mkdir cs-tracer
$ export CS_TRACE_DIR=cs-tracer
$ echo some text | LD_PRELOAD=/path/to/ openssl enc -aes-256-cbc -k secret -base64
$ ls cs-tracer

Combining trace files

Since every run of the program creates a different trace file, you may eventually end up with a large number of trace files. It is possible to concatenate these files together before submitting them to the Cryptosense Analyzer web application:

$ ls cs-tracer
$ cat cs-trace-evp-*.cst > cryptosense-evp-joined.cst