OLD | NEW |
| (Empty) |
1 OpenSSL on the Android platform. | |
2 --- | |
3 | |
4 The code in this directory is based on $OPENSSL_VERSION in the file | |
5 openssl.version. See patches/README for more information on how the | |
6 code differs from $OPENSSL_VERSION. | |
7 | |
8 Porting New Versions of OpenSSL. | |
9 -- | |
10 | |
11 The following steps are recommended for porting new OpenSSL versions. | |
12 | |
13 1) Retrieve the appropriate version of the OpenSSL source from | |
14 www.openssl.org/source (in openssl-*.tar.gz file). Check the PGP | |
15 signature (found in matching openssl-*.tar.gz.asc file) with: | |
16 | |
17 gpg openssl-*.tar.gz.asc | |
18 | |
19 If the public key is not found, import the the one with the | |
20 matching RSA key ID from http://www.openssl.org/about/, using: | |
21 | |
22 gpg --import # paste PGP public key block on stdin | |
23 | |
24 2) Update the variables in openssl.config and openssl.version as appropriate. | |
25 At the very least you will need to update the openssl.version. | |
26 | |
27 3) Run: | |
28 | |
29 ./import_openssl.sh import openssl-*.tar.gz | |
30 | |
31 4) If there are any errors, then modify openssl.config, openssl.version | |
32 and patches in patches/ as appropriate. You might want to use: | |
33 | |
34 ./import_openssl.sh regenerate patches/*.patch | |
35 | |
36 Repeat step 3. | |
37 | |
38 5) Cleanup before building with: | |
39 | |
40 m -j16 clean-libcrypto clean-libssl clean-openssl clean-ssltest | |
41 | |
42 6) Build openssl from the external/openssl directory with: | |
43 | |
44 mm -j16 snod && adb remount && adb sync system | |
45 | |
46 If there are build errors, then patches/*.mk, openssl.config, or | |
47 android-config.mk may need updating. | |
48 | |
49 7) Run tests to make sure things are working: | |
50 | |
51 # Run local openssl tests | |
52 (cd android.testssl/ && ./testssl.sh) | |
53 # Build and sync libcore tests | |
54 (croot && cd libcore && mm -j16 snod && adb remount && adb sync) | |
55 # Run tests from libcore | |
56 (croot && vogar --classpath out/target/common/obj/JAVA_LIBRARIES/core-tests
_intermediates/classes.jar javax.net.ssl tests.api.javax.net) | |
57 # Run tests from Harmony | |
58 (croot && vogar --classpath out/target/common/obj/JAVA_LIBRARIES/apache-har
mony-tests_intermediates/classes.jar tests.api.java.math.BigIntegerTest org.apac
he.harmony.tests.java.math) | |
59 # try an https website | |
60 adb shell am start https://online.citibank.com # confirm result in browser | |
61 | |
62 The vogar tool can be found externally at http://code.google.com/p/vogar/ | |
63 | |
64 Quick installation instructions (without rebuilding from source): | |
65 VOGAR=$HOME/vogar | |
66 svn co http://vogar.googlecode.com/svn/trunk/ $VOGAR | |
67 mkdir -p $VOGAR/build/ | |
68 curl -o $VOGAR/build/vogar.jar https://vogar.googlecode.com/files/vogar.
jar | |
69 PATH=$PATH:$VOGAR/bin | |
70 | |
71 Within Google, you can find it under: | |
72 /home/dalvik-prebuild/vogar/bin/vogar | |
73 | |
74 # You can also run openssl s_server as a test server on the device: | |
75 adb push ./android.testssl/CAss.cnf /sdcard/CAss.cnf | |
76 adb shell openssl req -config /sdcard/CAss.cnf -x509 -nodes -days 365 -subj
'/C=US/ST=California/L=Mountain View/CN=localhost' -newkey rsa:1024 -keyout /sd
card/server.pem -out /sdcard/server.pem | |
77 adb shell openssl s_server -cert /sdcard/server.pem -www -verify 1 | |
78 adb shell am start https://localhost:4433 # confirm result in browser | |
79 | |
80 8) Do a full build before checking in: | |
81 | |
82 m -j16 | |
83 | |
84 Optionally, check whether build flags (located in CONFIGURE_ARGS in | |
85 openssl.config, plus some extras in android-config.mk), need to be updated. | |
86 Doing this step will help ensure that the compiled library is appropriately | |
87 optimized for speed and size. | |
OLD | NEW |