diff options
author | Parménides GV <parmegv@sdf.org> | 2014-04-08 11:38:09 +0200 |
---|---|---|
committer | Parménides GV <parmegv@sdf.org> | 2014-04-08 11:43:27 +0200 |
commit | 5fc5d37330d3535a0f421632694d1e7918fc22d7 (patch) | |
tree | 1aad0c286e58962c8895854907e530b9bc9bce5a /app/openssl/patches | |
parent | c206a91d320995f37f8abb33188bfd384249da3d (diff) |
Compiles correctly: app/build-native + gradle.
Diffstat (limited to 'app/openssl/patches')
-rw-r--r-- | app/openssl/patches/README | 39 | ||||
-rw-r--r-- | app/openssl/patches/apps_Android.mk | 87 | ||||
-rw-r--r-- | app/openssl/patches/crypto_Android.mk | 559 | ||||
-rw-r--r-- | app/openssl/patches/ssl_Android.mk | 98 | ||||
-rwxr-xr-x | app/openssl/patches/testssl.sh | 77 |
5 files changed, 860 insertions, 0 deletions
diff --git a/app/openssl/patches/README b/app/openssl/patches/README new file mode 100644 index 00000000..54b6e068 --- /dev/null +++ b/app/openssl/patches/README @@ -0,0 +1,39 @@ +progs.patch: + +Fixup sources under the apps/ directory that are not built under the android environment. + + +small_records.patch: + +Reduce OpenSSL memory consumption. +SSL records may be as large as 16K, but are typically < 2K. In +addition, a historic bug in Windows allowed records to be as large +32K. OpenSSL statically allocates read and write buffers (34K and +18K respectively) used for processing records. +With this patch, OpenSSL statically allocates 4K + 4K buffers, with +the option of dynamically growing buffers to 34K + 4K, which is a +saving of 44K per connection for the typical case. + + +handshake_cutthrough.patch + +Enables SSL3+ clients to send application data immediately following the +Finished message even when negotiating full-handshakes. With this patch, +clients can negotiate SSL connections in 1-RTT even when performing +full-handshakes. + +jsse.patch + +Support for JSSE implementation based on OpenSSL. + +npn.patch + +Transport Layer Security (TLS) Next Protocol Negotiation Extension + +sslv3_uninit_padding.patch + +This patch sets the padding for SSLv3 block ciphers to zero. + +sha1_armv4_large.patch + +This patch eliminates memory stores to addresses below SP. diff --git a/app/openssl/patches/apps_Android.mk b/app/openssl/patches/apps_Android.mk new file mode 100644 index 00000000..20cc5a9d --- /dev/null +++ b/app/openssl/patches/apps_Android.mk @@ -0,0 +1,87 @@ +# Copyright 2006 The Android Open Source Project + +LOCAL_PATH:= $(call my-dir) + +local_src_files:= \ + app_rand.c \ + apps.c \ + asn1pars.c \ + ca.c \ + ciphers.c \ + crl.c \ + crl2p7.c \ + dgst.c \ + dh.c \ + dhparam.c \ + dsa.c \ + dsaparam.c \ + ecparam.c \ + ec.c \ + enc.c \ + engine.c \ + errstr.c \ + gendh.c \ + gendsa.c \ + genpkey.c \ + genrsa.c \ + nseq.c \ + ocsp.c \ + openssl.c \ + passwd.c \ + pkcs12.c \ + pkcs7.c \ + pkcs8.c \ + pkey.c \ + pkeyparam.c \ + pkeyutl.c \ + prime.c \ + rand.c \ + req.c \ + rsa.c \ + rsautl.c \ + s_cb.c \ + s_client.c \ + s_server.c \ + s_socket.c \ + s_time.c \ + sess_id.c \ + smime.c \ + speed.c \ + spkac.c \ + verify.c \ + version.c \ + x509.c + +local_shared_libraries := \ + libssl \ + libcrypto + +local_c_includes := \ + external/openssl \ + external/openssl/include + +local_cflags := -DMONOLITH + +# These flags omit whole features from the commandline "openssl". +# However, portions of these features are actually turned on. +local_cflags += -DOPENSSL_NO_DTLS1 + +include $(CLEAR_VARS) +LOCAL_MODULE:= openssl +LOCAL_MODULE_TAGS := optional +LOCAL_SRC_FILES := $(local_src_files) +LOCAL_SHARED_LIBRARIES := $(local_shared_libraries) +LOCAL_C_INCLUDES := $(local_c_includes) +LOCAL_CFLAGS := $(local_cflags) +include $(LOCAL_PATH)/../android-config.mk +include $(BUILD_EXECUTABLE) + +include $(CLEAR_VARS) +LOCAL_MODULE:= openssl +LOCAL_MODULE_TAGS := optional +LOCAL_SRC_FILES := $(local_src_files) +LOCAL_SHARED_LIBRARIES := $(local_shared_libraries) +LOCAL_C_INCLUDES := $(local_c_includes) +LOCAL_CFLAGS := $(local_cflags) +include $(LOCAL_PATH)/../android-config.mk +include $(BUILD_HOST_EXECUTABLE) diff --git a/app/openssl/patches/crypto_Android.mk b/app/openssl/patches/crypto_Android.mk new file mode 100644 index 00000000..6f09fa53 --- /dev/null +++ b/app/openssl/patches/crypto_Android.mk @@ -0,0 +1,559 @@ +LOCAL_PATH:= $(call my-dir) + +arm_cflags := -DOPENSSL_BN_ASM_MONT -DAES_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM +arm_src_files := \ + aes/asm/aes-armv4.s \ + bn/asm/armv4-mont.s \ + sha/asm/sha1-armv4-large.s \ + sha/asm/sha256-armv4.s \ + sha/asm/sha512-armv4.s +non_arm_src_files := aes/aes_core.c + +local_src_files := \ + cryptlib.c \ + mem.c \ + mem_clr.c \ + mem_dbg.c \ + cversion.c \ + ex_data.c \ + cpt_err.c \ + ebcdic.c \ + uid.c \ + o_time.c \ + o_str.c \ + o_dir.c \ + aes/aes_cbc.c \ + aes/aes_cfb.c \ + aes/aes_ctr.c \ + aes/aes_ecb.c \ + aes/aes_misc.c \ + aes/aes_ofb.c \ + aes/aes_wrap.c \ + asn1/a_bitstr.c \ + asn1/a_bool.c \ + asn1/a_bytes.c \ + asn1/a_d2i_fp.c \ + asn1/a_digest.c \ + asn1/a_dup.c \ + asn1/a_enum.c \ + asn1/a_gentm.c \ + asn1/a_i2d_fp.c \ + asn1/a_int.c \ + asn1/a_mbstr.c \ + asn1/a_object.c \ + asn1/a_octet.c \ + asn1/a_print.c \ + asn1/a_set.c \ + asn1/a_sign.c \ + asn1/a_strex.c \ + asn1/a_strnid.c \ + asn1/a_time.c \ + asn1/a_type.c \ + asn1/a_utctm.c \ + asn1/a_utf8.c \ + asn1/a_verify.c \ + asn1/ameth_lib.c \ + asn1/asn1_err.c \ + asn1/asn1_gen.c \ + asn1/asn1_lib.c \ + asn1/asn1_par.c \ + asn1/asn_mime.c \ + asn1/asn_moid.c \ + asn1/asn_pack.c \ + asn1/bio_asn1.c \ + asn1/bio_ndef.c \ + asn1/d2i_pr.c \ + asn1/d2i_pu.c \ + asn1/evp_asn1.c \ + asn1/f_enum.c \ + asn1/f_int.c \ + asn1/f_string.c \ + asn1/i2d_pr.c \ + asn1/i2d_pu.c \ + asn1/n_pkey.c \ + asn1/nsseq.c \ + asn1/p5_pbe.c \ + asn1/p5_pbev2.c \ + asn1/p8_pkey.c \ + asn1/t_bitst.c \ + asn1/t_crl.c \ + asn1/t_pkey.c \ + asn1/t_req.c \ + asn1/t_spki.c \ + asn1/t_x509.c \ + asn1/t_x509a.c \ + asn1/tasn_dec.c \ + asn1/tasn_enc.c \ + asn1/tasn_fre.c \ + asn1/tasn_new.c \ + asn1/tasn_prn.c \ + asn1/tasn_typ.c \ + asn1/tasn_utl.c \ + asn1/x_algor.c \ + asn1/x_attrib.c \ + asn1/x_bignum.c \ + asn1/x_crl.c \ + asn1/x_exten.c \ + asn1/x_info.c \ + asn1/x_long.c \ + asn1/x_name.c \ + asn1/x_nx509.c \ + asn1/x_pkey.c \ + asn1/x_pubkey.c \ + asn1/x_req.c \ + asn1/x_sig.c \ + asn1/x_spki.c \ + asn1/x_val.c \ + asn1/x_x509.c \ + asn1/x_x509a.c \ + bf/bf_cfb64.c \ + bf/bf_ecb.c \ + bf/bf_enc.c \ + bf/bf_ofb64.c \ + bf/bf_skey.c \ + bio/b_dump.c \ + bio/b_print.c \ + bio/b_sock.c \ + bio/bf_buff.c \ + bio/bf_nbio.c \ + bio/bf_null.c \ + bio/bio_cb.c \ + bio/bio_err.c \ + bio/bio_lib.c \ + bio/bss_acpt.c \ + bio/bss_bio.c \ + bio/bss_conn.c \ + bio/bss_dgram.c \ + bio/bss_fd.c \ + bio/bss_file.c \ + bio/bss_log.c \ + bio/bss_mem.c \ + bio/bss_null.c \ + bio/bss_sock.c \ + bn/bn_add.c \ + bn/bn_asm.c \ + bn/bn_blind.c \ + bn/bn_const.c \ + bn/bn_ctx.c \ + bn/bn_div.c \ + bn/bn_err.c \ + bn/bn_exp.c \ + bn/bn_exp2.c \ + bn/bn_gcd.c \ + bn/bn_gf2m.c \ + bn/bn_kron.c \ + bn/bn_lib.c \ + bn/bn_mod.c \ + bn/bn_mont.c \ + bn/bn_mpi.c \ + bn/bn_mul.c \ + bn/bn_nist.c \ + bn/bn_prime.c \ + bn/bn_print.c \ + bn/bn_rand.c \ + bn/bn_recp.c \ + bn/bn_shift.c \ + bn/bn_sqr.c \ + bn/bn_sqrt.c \ + bn/bn_word.c \ + buffer/buf_err.c \ + buffer/buffer.c \ + comp/c_rle.c \ + comp/c_zlib.c \ + comp/comp_err.c \ + comp/comp_lib.c \ + conf/conf_api.c \ + conf/conf_def.c \ + conf/conf_err.c \ + conf/conf_lib.c \ + conf/conf_mall.c \ + conf/conf_mod.c \ + conf/conf_sap.c \ + des/cbc_cksm.c \ + des/cbc_enc.c \ + des/cfb64ede.c \ + des/cfb64enc.c \ + des/cfb_enc.c \ + des/des_enc.c \ + des/des_old.c \ + des/des_old2.c \ + des/ecb3_enc.c \ + des/ecb_enc.c \ + des/ede_cbcm_enc.c \ + des/enc_read.c \ + des/enc_writ.c \ + des/fcrypt.c \ + des/fcrypt_b.c \ + des/ofb64ede.c \ + des/ofb64enc.c \ + des/ofb_enc.c \ + des/pcbc_enc.c \ + des/qud_cksm.c \ + des/rand_key.c \ + des/read2pwd.c \ + des/rpc_enc.c \ + des/set_key.c \ + des/str2key.c \ + des/xcbc_enc.c \ + dh/dh_ameth.c \ + dh/dh_asn1.c \ + dh/dh_check.c \ + dh/dh_depr.c \ + dh/dh_err.c \ + dh/dh_gen.c \ + dh/dh_key.c \ + dh/dh_lib.c \ + dh/dh_pmeth.c \ + dsa/dsa_ameth.c \ + dsa/dsa_asn1.c \ + dsa/dsa_depr.c \ + dsa/dsa_err.c \ + dsa/dsa_gen.c \ + dsa/dsa_key.c \ + dsa/dsa_lib.c \ + dsa/dsa_ossl.c \ + dsa/dsa_pmeth.c \ + dsa/dsa_prn.c \ + dsa/dsa_sign.c \ + dsa/dsa_vrf.c \ + dso/dso_dl.c \ + dso/dso_dlfcn.c \ + dso/dso_err.c \ + dso/dso_lib.c \ + dso/dso_null.c \ + dso/dso_openssl.c \ + ec/ec2_mult.c \ + ec/ec2_smpl.c \ + ec/ec_ameth.c \ + ec/ec_asn1.c \ + ec/ec_check.c \ + ec/ec_curve.c \ + ec/ec_cvt.c \ + ec/ec_err.c \ + ec/ec_key.c \ + ec/ec_lib.c \ + ec/ec_mult.c \ + ec/ec_pmeth.c \ + ec/ec_print.c \ + ec/eck_prn.c \ + ec/ecp_mont.c \ + ec/ecp_nist.c \ + ec/ecp_smpl.c \ + ecdh/ech_err.c \ + ecdh/ech_key.c \ + ecdh/ech_lib.c \ + ecdh/ech_ossl.c \ + ecdsa/ecs_asn1.c \ + ecdsa/ecs_err.c \ + ecdsa/ecs_lib.c \ + ecdsa/ecs_ossl.c \ + ecdsa/ecs_sign.c \ + ecdsa/ecs_vrf.c \ + err/err.c \ + err/err_all.c \ + err/err_prn.c \ + evp/bio_b64.c \ + evp/bio_enc.c \ + evp/bio_md.c \ + evp/bio_ok.c \ + evp/c_all.c \ + evp/c_allc.c \ + evp/c_alld.c \ + evp/digest.c \ + evp/e_aes.c \ + evp/e_bf.c \ + evp/e_des.c \ + evp/e_des3.c \ + evp/e_null.c \ + evp/e_old.c \ + evp/e_rc2.c \ + evp/e_rc4.c \ + evp/e_rc5.c \ + evp/e_xcbc_d.c \ + evp/encode.c \ + evp/evp_acnf.c \ + evp/evp_enc.c \ + evp/evp_err.c \ + evp/evp_key.c \ + evp/evp_lib.c \ + evp/evp_pbe.c \ + evp/evp_pkey.c \ + evp/m_dss.c \ + evp/m_dss1.c \ + evp/m_ecdsa.c \ + evp/m_md4.c \ + evp/m_md5.c \ + evp/m_mdc2.c \ + evp/m_null.c \ + evp/m_ripemd.c \ + evp/m_sha1.c \ + evp/m_sigver.c \ + evp/m_wp.c \ + evp/names.c \ + evp/p5_crpt.c \ + evp/p5_crpt2.c \ + evp/p_dec.c \ + evp/p_enc.c \ + evp/p_lib.c \ + evp/p_open.c \ + evp/p_seal.c \ + evp/p_sign.c \ + evp/p_verify.c \ + evp/pmeth_fn.c \ + evp/pmeth_gn.c \ + evp/pmeth_lib.c \ + hmac/hm_ameth.c \ + hmac/hm_pmeth.c \ + hmac/hmac.c \ + krb5/krb5_asn.c \ + lhash/lh_stats.c \ + lhash/lhash.c \ + md4/md4_dgst.c \ + md4/md4_one.c \ + md5/md5_dgst.c \ + md5/md5_one.c \ + modes/cbc128.c \ + modes/cfb128.c \ + modes/ctr128.c \ + modes/ofb128.c \ + objects/o_names.c \ + objects/obj_dat.c \ + objects/obj_err.c \ + objects/obj_lib.c \ + objects/obj_xref.c \ + ocsp/ocsp_asn.c \ + ocsp/ocsp_cl.c \ + ocsp/ocsp_err.c \ + ocsp/ocsp_ext.c \ + ocsp/ocsp_ht.c \ + ocsp/ocsp_lib.c \ + ocsp/ocsp_prn.c \ + ocsp/ocsp_srv.c \ + ocsp/ocsp_vfy.c \ + pem/pem_all.c \ + pem/pem_err.c \ + pem/pem_info.c \ + pem/pem_lib.c \ + pem/pem_oth.c \ + pem/pem_pk8.c \ + pem/pem_pkey.c \ + pem/pem_seal.c \ + pem/pem_sign.c \ + pem/pem_x509.c \ + pem/pem_xaux.c \ + pem/pvkfmt.c \ + pkcs12/p12_add.c \ + pkcs12/p12_asn.c \ + pkcs12/p12_attr.c \ + pkcs12/p12_crpt.c \ + pkcs12/p12_crt.c \ + pkcs12/p12_decr.c \ + pkcs12/p12_init.c \ + pkcs12/p12_key.c \ + pkcs12/p12_kiss.c \ + pkcs12/p12_mutl.c \ + pkcs12/p12_npas.c \ + pkcs12/p12_p8d.c \ + pkcs12/p12_p8e.c \ + pkcs12/p12_utl.c \ + pkcs12/pk12err.c \ + pkcs7/pk7_asn1.c \ + pkcs7/pk7_attr.c \ + pkcs7/pk7_doit.c \ + pkcs7/pk7_lib.c \ + pkcs7/pk7_mime.c \ + pkcs7/pk7_smime.c \ + pkcs7/pkcs7err.c \ + rand/md_rand.c \ + rand/rand_egd.c \ + rand/rand_err.c \ + rand/rand_lib.c \ + rand/rand_unix.c \ + rand/randfile.c \ + rc2/rc2_cbc.c \ + rc2/rc2_ecb.c \ + rc2/rc2_skey.c \ + rc2/rc2cfb64.c \ + rc2/rc2ofb64.c \ + rc4/rc4_enc.c \ + rc4/rc4_skey.c \ + ripemd/rmd_dgst.c \ + ripemd/rmd_one.c \ + rsa/rsa_ameth.c \ + rsa/rsa_asn1.c \ + rsa/rsa_chk.c \ + rsa/rsa_eay.c \ + rsa/rsa_err.c \ + rsa/rsa_gen.c \ + rsa/rsa_lib.c \ + rsa/rsa_none.c \ + rsa/rsa_null.c \ + rsa/rsa_oaep.c \ + rsa/rsa_pk1.c \ + rsa/rsa_pmeth.c \ + rsa/rsa_prn.c \ + rsa/rsa_pss.c \ + rsa/rsa_saos.c \ + rsa/rsa_sign.c \ + rsa/rsa_ssl.c \ + rsa/rsa_x931.c \ + sha/sha1_one.c \ + sha/sha1dgst.c \ + sha/sha256.c \ + sha/sha512.c \ + sha/sha_dgst.c \ + stack/stack.c \ + ts/ts_err.c \ + txt_db/txt_db.c \ + ui/ui_compat.c \ + ui/ui_err.c \ + ui/ui_lib.c \ + ui/ui_openssl.c \ + ui/ui_util.c \ + x509/by_dir.c \ + x509/by_file.c \ + x509/x509_att.c \ + x509/x509_cmp.c \ + x509/x509_d2.c \ + x509/x509_def.c \ + x509/x509_err.c \ + x509/x509_ext.c \ + x509/x509_lu.c \ + x509/x509_obj.c \ + x509/x509_r2x.c \ + x509/x509_req.c \ + x509/x509_set.c \ + x509/x509_trs.c \ + x509/x509_txt.c \ + x509/x509_v3.c \ + x509/x509_vfy.c \ + x509/x509_vpm.c \ + x509/x509cset.c \ + x509/x509name.c \ + x509/x509rset.c \ + x509/x509spki.c \ + x509/x509type.c \ + x509/x_all.c \ + x509v3/pcy_cache.c \ + x509v3/pcy_data.c \ + x509v3/pcy_lib.c \ + x509v3/pcy_map.c \ + x509v3/pcy_node.c \ + x509v3/pcy_tree.c \ + x509v3/v3_akey.c \ + x509v3/v3_akeya.c \ + x509v3/v3_alt.c \ + x509v3/v3_bcons.c \ + x509v3/v3_bitst.c \ + x509v3/v3_conf.c \ + x509v3/v3_cpols.c \ + x509v3/v3_crld.c \ + x509v3/v3_enum.c \ + x509v3/v3_extku.c \ + x509v3/v3_genn.c \ + x509v3/v3_ia5.c \ + x509v3/v3_info.c \ + x509v3/v3_int.c \ + x509v3/v3_lib.c \ + x509v3/v3_ncons.c \ + x509v3/v3_ocsp.c \ + x509v3/v3_pci.c \ + x509v3/v3_pcia.c \ + x509v3/v3_pcons.c \ + x509v3/v3_pku.c \ + x509v3/v3_pmaps.c \ + x509v3/v3_prn.c \ + x509v3/v3_purp.c \ + x509v3/v3_skey.c \ + x509v3/v3_sxnet.c \ + x509v3/v3_utl.c \ + x509v3/v3err.c + +local_c_includes := \ + external/openssl \ + external/openssl/crypto/asn1 \ + external/openssl/crypto/evp \ + external/openssl/include \ + external/openssl/include/openssl \ + external/zlib + +local_c_flags := -DNO_WINDOWS_BRAINDEATH + +####################################### +# target static library +include $(CLEAR_VARS) +include $(LOCAL_PATH)/../android-config.mk + +ifneq ($(TARGET_ARCH),x86) +LOCAL_NDK_VERSION := 5 +LOCAL_SDK_VERSION := 9 +endif + +LOCAL_SRC_FILES += $(local_src_files) +LOCAL_CFLAGS += $(local_c_flags) +LOCAL_C_INCLUDES += $(local_c_includes) +ifeq ($(TARGET_ARCH),arm) + LOCAL_SRC_FILES += $(arm_src_files) + LOCAL_CFLAGS += $(arm_cflags) +else + LOCAL_SRC_FILES += $(non_arm_src_files) +endif +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE:= libcrypto_static +include $(BUILD_STATIC_LIBRARY) + +####################################### +# target shared library +include $(CLEAR_VARS) +include $(LOCAL_PATH)/../android-config.mk + +ifneq ($(TARGET_ARCH),x86) +LOCAL_NDK_VERSION := 5 +LOCAL_SDK_VERSION := 9 +# Use the NDK prebuilt libz and libdl. +LOCAL_LDFLAGS += -lz -ldl +else +LOCAL_SHARED_LIBRARIES += libz libdl +endif + +LOCAL_SRC_FILES += $(local_src_files) +LOCAL_CFLAGS += $(local_c_flags) +LOCAL_C_INCLUDES += $(local_c_includes) +ifeq ($(TARGET_ARCH),arm) + LOCAL_SRC_FILES += $(arm_src_files) + LOCAL_CFLAGS += $(arm_cflags) +else + LOCAL_SRC_FILES += $(non_arm_src_files) +endif +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE:= libcrypto +include $(BUILD_SHARED_LIBRARY) + +####################################### +# host shared library +include $(CLEAR_VARS) +include $(LOCAL_PATH)/../android-config.mk +LOCAL_SRC_FILES += $(local_src_files) +LOCAL_CFLAGS += $(local_c_flags) -DPURIFY +LOCAL_C_INCLUDES += $(local_c_includes) +LOCAL_SRC_FILES += $(non_arm_src_files) +LOCAL_STATIC_LIBRARIES += libz +LOCAL_LDLIBS += -ldl +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE:= libcrypto +include $(BUILD_HOST_SHARED_LIBRARY) + +######################################## +# host static library, which is used by some SDK tools. + +include $(CLEAR_VARS) +include $(LOCAL_PATH)/../android-config.mk +LOCAL_SRC_FILES += $(local_src_files) +LOCAL_CFLAGS += $(local_c_flags) -DPURIFY +LOCAL_C_INCLUDES += $(local_c_includes) +LOCAL_SRC_FILES += $(non_arm_src_files) +LOCAL_STATIC_LIBRARIES += libz +LOCAL_LDLIBS += -ldl +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE:= libcrypto_static +include $(BUILD_HOST_STATIC_LIBRARY) diff --git a/app/openssl/patches/ssl_Android.mk b/app/openssl/patches/ssl_Android.mk new file mode 100644 index 00000000..487aabbc --- /dev/null +++ b/app/openssl/patches/ssl_Android.mk @@ -0,0 +1,98 @@ +LOCAL_PATH:= $(call my-dir) + +local_c_includes := \ + external/openssl \ + external/openssl/include \ + external/openssl/crypto + +local_src_files:= \ + s2_meth.c \ + s2_srvr.c \ + s2_clnt.c \ + s2_lib.c \ + s2_enc.c \ + s2_pkt.c \ + s3_meth.c \ + s3_srvr.c \ + s3_clnt.c \ + s3_lib.c \ + s3_enc.c \ + s3_pkt.c \ + s3_both.c \ + s23_meth.c \ + s23_srvr.c \ + s23_clnt.c \ + s23_lib.c \ + s23_pkt.c \ + t1_meth.c \ + t1_srvr.c \ + t1_clnt.c \ + t1_lib.c \ + t1_enc.c \ + t1_reneg.c \ + ssl_lib.c \ + ssl_err2.c \ + ssl_cert.c \ + ssl_sess.c \ + ssl_ciph.c \ + ssl_stat.c \ + ssl_rsa.c \ + ssl_asn1.c \ + ssl_txt.c \ + ssl_algs.c \ + bio_ssl.c \ + ssl_err.c \ + kssl.c + +####################################### +# target static library +include $(CLEAR_VARS) +include $(LOCAL_PATH)/../android-config.mk + +ifneq ($(TARGET_ARCH),x86) +LOCAL_NDK_VERSION := 5 +LOCAL_SDK_VERSION := 9 +endif +LOCAL_SRC_FILES += $(local_src_files) +LOCAL_C_INCLUDES += $(local_c_includes) +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE:= libssl_static +include $(BUILD_STATIC_LIBRARY) + +####################################### +# target shared library +include $(CLEAR_VARS) +include $(LOCAL_PATH)/../android-config.mk + +ifneq ($(TARGET_ARCH),x86) +LOCAL_NDK_VERSION := 5 +LOCAL_SDK_VERSION := 9 +endif +LOCAL_SRC_FILES += $(local_src_files) +LOCAL_C_INCLUDES += $(local_c_includes) +LOCAL_SHARED_LIBRARIES += libcrypto +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE:= libssl +include $(BUILD_SHARED_LIBRARY) + +####################################### +# host shared library +include $(CLEAR_VARS) +include $(LOCAL_PATH)/../android-config.mk +LOCAL_SRC_FILES += $(local_src_files) +LOCAL_C_INCLUDES += $(local_c_includes) +LOCAL_SHARED_LIBRARIES += libcrypto +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE:= libssl +include $(BUILD_HOST_SHARED_LIBRARY) + +####################################### +# ssltest +include $(CLEAR_VARS) +include $(LOCAL_PATH)/../android-config.mk +LOCAL_SRC_FILES:= ssltest.c +LOCAL_C_INCLUDES += $(local_c_includes) +LOCAL_SHARED_LIBRARIES := libssl libcrypto +LOCAL_MODULE:= ssltest +LOCAL_MODULE_TAGS := optional +include $(BUILD_EXECUTABLE) diff --git a/app/openssl/patches/testssl.sh b/app/openssl/patches/testssl.sh new file mode 100755 index 00000000..cd560928 --- /dev/null +++ b/app/openssl/patches/testssl.sh @@ -0,0 +1,77 @@ +#!/bin/bash +# +# Copyright (C) 2010 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# +# Android testssl.sh driver script for openssl's testssl +# +# based on openssl's test/testss script and test/Makefile's test_ssl target +# + +set -e +trap "echo Exiting on unexpected error." ERR + +device=/sdcard/android.testssl + +digest='-sha1' +reqcmd="adb shell /system/bin/openssl req" +x509cmd="adb shell /system/bin/openssl x509 $digest" + +CAkey="$device/keyCA.ss" +CAcert="$device/certCA.ss" +CAreq="$device/reqCA.ss" +CAconf="$device/CAss.cnf" + +Uconf="$device/Uss.cnf" +Ureq="$device/reqU.ss" +Ukey="$device/keyU.ss" +Ucert="$device/certU.ss" + +echo +echo "setting up" +adb remount +adb shell rm -r $device +adb shell mkdir $device + +echo +echo "pushing test files to device" +adb push . $device + +echo +echo "make a certificate request using 'req'" +adb shell "echo \"string to make the random number generator think it has entropy\" >> $device/.rnd" +req_new='-new' +$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new + +echo +echo "convert the certificate request into a self signed certificate using 'x509'" +$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca + +echo +echo "make a user certificate request using 'req'" +$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new + +echo +echo "sign user certificate request with the just created CA via 'x509'" +$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee + +echo +echo "running testssl" +./testssl $Ukey $Ucert $CAcert + +echo +echo "cleaning up" +adb shell rm -r $device |