Home | History | Annotate | Download | only in openssl
      1 OpenSSL on the Android platform.
      2 ---
      3 
      4 The code in this directory is based on $OPENSSL_VERSION in the file
      5 openssl.version. See patches/README for more information on how the
      6 code differs from $OPENSSL_VERSION.
      7 
      8 Porting New Versions of OpenSSL.
      9 --
     10 
     11 The following steps are recommended for porting new OpenSSL versions.
     12 
     13 1) Retrieve the appropriate version of the OpenSSL source from
     14    www.openssl.org/source (in openssl-*.tar.gz file). Check the PGP
     15    signature (found in matching openssl-*.tar.gz.asc file) with:
     16 
     17      gpg openssl-*.tar.gz.asc
     18 
     19    If the public key is not found, import the the one with the
     20    matching RSA key ID from http://www.openssl.org/about/, using:
     21 
     22      gpg --import # paste PGP public key block on stdin
     23 
     24 2) Update the variables in openssl.config and openssl.version as appropriate.
     25    At the very least you will need to update the openssl.version.
     26 
     27 3) Run:
     28 
     29      ./import_openssl.sh import openssl-*.tar.gz
     30 
     31 4) If there are any errors, then modify openssl.config, openssl.version
     32    and patches in patches/ as appropriate.  You might want to use:
     33 
     34      ./import_openssl.sh regenerate patches/*.patch
     35 
     36    Repeat step 3.
     37 
     38 5) Cleanup before building with:
     39 
     40      m -j16 clean-libcrypto clean-libssl clean-openssl clean-ssltest
     41 
     42 6) Build openssl from the external/openssl directory with:
     43 
     44      mm -j16 snod && adb remount && adb sync system
     45 
     46    If there are build errors, then patches/*.mk, openssl.config, or
     47    android-config.mk may need updating.
     48 
     49 7) Run tests to make sure things are working:
     50 
     51      # Run local openssl tests
     52      (cd android.testssl/ && ./testssl.sh)
     53      # Build and sync libcore tests
     54      (croot && cd libcore && mm -j16 snod && adb remount && adb sync)
     55      # Run tests from libcore
     56      (croot && vogar --classpath out/target/common/obj/JAVA_LIBRARIES/core-tests_intermediates/classes.jar javax.net.ssl tests.api.javax.net)
     57      # Run tests from Harmony
     58      (croot && vogar --classpath out/target/common/obj/JAVA_LIBRARIES/apache-harmony-tests_intermediates/classes.jar tests.api.java.math.BigIntegerTest org.apache.harmony.tests.java.math)
     59      # try an https website
     60      adb shell am start https://online.citibank.com # confirm result in browser
     61 
     62      The vogar tool can be found externally at http://code.google.com/p/vogar/
     63 
     64      Quick installation instructions (without rebuilding from source):
     65         VOGAR=$HOME/vogar
     66         svn co http://vogar.googlecode.com/svn/trunk/ $VOGAR
     67         mkdir -p $VOGAR/build/
     68         curl -o $VOGAR/build/vogar.jar https://vogar.googlecode.com/files/vogar.jar
     69         PATH=$PATH:$VOGAR/bin
     70 
     71      Within Google, you can find it under:
     72        /home/dalvik-prebuild/vogar/bin/vogar
     73 
     74      # You can also run openssl s_server as a test server on the device:
     75      adb push ./android.testssl/CAss.cnf /sdcard/CAss.cnf
     76      adb shell openssl req -config /sdcard/CAss.cnf -x509 -nodes -days 365 -subj '/C=US/ST=California/L=Mountain View/CN=localhost' -newkey rsa:1024 -keyout /sdcard/server.pem -out /sdcard/server.pem
     77      adb shell openssl s_server -cert /sdcard/server.pem -www -verify 1
     78      adb shell am start https://localhost:4433 # confirm result in browser
     79 
     80 8) Do a full build before checking in:
     81 
     82      m -j16
     83 
     84 Optionally, check whether build flags (located in CONFIGURE_ARGS in
     85 openssl.config, plus some extras in android-config.mk), need to be updated.
     86 Doing this step will help ensure that the compiled library is appropriately
     87 optimized for speed and size.
     88