| Nagendra Modadugu | e45f106 | 2009-09-30 11:36:48 -0700 | [diff] [blame] | 1 | OpenSSL on the Android platform. |
| The Android Open Source Project | 656d9c7 | 2009-03-03 19:30:25 -0800 | [diff] [blame] | 2 | --- |
| 3 | |
| Nagendra Modadugu | e45f106 | 2009-09-30 11:36:48 -0700 | [diff] [blame] | 4 | The code in this directory is based on $OPENSSL_VERSION in the file |
| 5 | openssl.config, and some backported OpenSSL code in crypto/0.9.9-dev. |
| Brian Carlstrom | f2ee5ff | 2010-03-30 09:41:16 -0700 | [diff] [blame] | 6 | See patches/README for more information on how the code differs from |
| 7 | $OPENSSL_VERSION. |
| The Android Open Source Project | 656d9c7 | 2009-03-03 19:30:25 -0800 | [diff] [blame] | 8 | |
| Nagendra Modadugu | e45f106 | 2009-09-30 11:36:48 -0700 | [diff] [blame] | 9 | Porting New Versions of OpenSSL. |
| 10 | -- |
| The Android Open Source Project | 656d9c7 | 2009-03-03 19:30:25 -0800 | [diff] [blame] | 11 | |
| 12 | The following steps are recommended for porting new OpenSSL versions. |
| 13 | |
| Nagendra Modadugu | e45f106 | 2009-09-30 11:36:48 -0700 | [diff] [blame] | 14 | 1) Retrieve the appropriate version of the OpenSSL source from |
| Brian Carlstrom | 98d58bb | 2010-03-09 09:56:55 -0800 | [diff] [blame] | 15 | www.openssl.org/source (in openssl-*.tar.gz file). Check the PGP |
| 16 | signature (found in matching openssl-*.tar.gz.asc file) with: |
| The Android Open Source Project | 656d9c7 | 2009-03-03 19:30:25 -0800 | [diff] [blame] | 17 | |
| Brian Carlstrom | 98d58bb | 2010-03-09 09:56:55 -0800 | [diff] [blame] | 18 | gpg openssl-*.tar.gz |
| The Android Open Source Project | 656d9c7 | 2009-03-03 19:30:25 -0800 | [diff] [blame] | 19 | |
| Brian Carlstrom | 98d58bb | 2010-03-09 09:56:55 -0800 | [diff] [blame] | 20 | If the public key is not found, import the the one with the |
| 21 | matching RSA key ID from http://www.openssl.org/about/, using: |
| 22 | |
| 23 | gpg --import # paste PGP public key block on stdin |
| 24 | |
| 25 | 2) Update the variables in openssl.config and openssl.version as appropriate. |
| 26 | At the very least you will need to update the openssl.version. |
| 27 | |
| 28 | 3) Run: |
| 29 | |
| 30 | ./import_openssl.sh import openssl-*.tar.gz |
| Nagendra Modadugu | e45f106 | 2009-09-30 11:36:48 -0700 | [diff] [blame] | 31 | |
| 32 | 4) If there are any errors, then modify openssl.config, openssl.version |
| Brian Carlstrom | 98d58bb | 2010-03-09 09:56:55 -0800 | [diff] [blame] | 33 | and patches in patches/ as appropriate. You might want to use: |
| Nagendra Modadugu | e45f106 | 2009-09-30 11:36:48 -0700 | [diff] [blame] | 34 | |
| Brian Carlstrom | 98d58bb | 2010-03-09 09:56:55 -0800 | [diff] [blame] | 35 | ./import_openssl.sh regenerate patches/*.patch |
| 36 | |
| 37 | Repeat step 3. |
| 38 | |
| 39 | 5) Cleanup before building with: |
| 40 | |
| Brian Carlstrom | ad88003 | 2010-05-14 11:42:48 -0700 | [diff] [blame^] | 41 | m -j16 clean-libcrypto clean-libssl clean-openssl clean-ssltest |
| Brian Carlstrom | 98d58bb | 2010-03-09 09:56:55 -0800 | [diff] [blame] | 42 | |
| 43 | 6) Build openssl from the external/openssl directory with: |
| 44 | |
| Brian Carlstrom | ad88003 | 2010-05-14 11:42:48 -0700 | [diff] [blame^] | 45 | mm -j16 snod && adb sync system |
| Nagendra Modadugu | e45f106 | 2009-09-30 11:36:48 -0700 | [diff] [blame] | 46 | |
| 47 | If there are build errors, then patches/*.mk, openssl.config, or |
| 48 | android-config.mk may need updating. |
| The Android Open Source Project | 656d9c7 | 2009-03-03 19:30:25 -0800 | [diff] [blame] | 49 | |
| Brian Carlstrom | 98d58bb | 2010-03-09 09:56:55 -0800 | [diff] [blame] | 50 | 7) Run tests to make sure things are working: |
| 51 | |
| 52 | (cd android.testssl/ && ./testssl.sh) |
| Brian Carlstrom | 7f9d8bc | 2010-04-13 15:51:25 -0700 | [diff] [blame] | 53 | adb shell run-core-tests tests.xnet.AllTests |
| Brian Carlstrom | e296ea5 | 2010-04-23 15:24:16 -0700 | [diff] [blame] | 54 | adb shell run-core-tests javax.net.ssl.AllTests |
| Brian Carlstrom | 674ff29 | 2010-04-15 14:22:36 -0700 | [diff] [blame] | 55 | adb shell run-core-tests org.apache.harmony.math.tests.java.math.AllTests |
| 56 | adb shell run-core-tests tests.api.java.math.BigIntegerTest |
| Brian Carlstrom | 925e1a4 | 2010-04-26 11:13:10 -0700 | [diff] [blame] | 57 | adb shell am start https://online.citibank.com # confirm result in browser |
| Brian Carlstrom | 98d58bb | 2010-03-09 09:56:55 -0800 | [diff] [blame] | 58 | |
| 59 | 8) Do a full build before checking in: |
| 60 | |
| 61 | m clobber && m -j16 |
| The Android Open Source Project | 656d9c7 | 2009-03-03 19:30:25 -0800 | [diff] [blame] | 62 | |
| Nagendra Modadugu | e45f106 | 2009-09-30 11:36:48 -0700 | [diff] [blame] | 63 | Optionally, check whether build flags (located in android-config.mk |
| 64 | need to be updated. Doing this step will help ensure that the |
| 65 | compiled library is appropriately optimized for speed and size. To |
| 66 | update build flags: |
| The Android Open Source Project | 656d9c7 | 2009-03-03 19:30:25 -0800 | [diff] [blame] | 67 | |
| Nagendra Modadugu | e45f106 | 2009-09-30 11:36:48 -0700 | [diff] [blame] | 68 | a) source openssl.config |
| 69 | b) tar -zxf openssl-*.tar.gz |
| 70 | c) cd openssl-*/ |
| 71 | d) ./Configure $CONFIGURE_ARGS |
| 72 | e) examine Makefile and compare with ../android-config.mk |
| 73 | f) modify ../openssl.config as appropriate and go to step 3) above. |
| The Android Open Source Project | 656d9c7 | 2009-03-03 19:30:25 -0800 | [diff] [blame] | 74 | |
| Brian Carlstrom | 98d58bb | 2010-03-09 09:56:55 -0800 | [diff] [blame] | 75 | Alternatively, ."/import_openssl.sh import" now prints the |
| 76 | post-Configure Makefile for review before deleting in on import. |