summaryrefslogtreecommitdiff
path: root/openssl/README.android
diff options
context:
space:
mode:
authorArne Schwabe <arne@rfc2549.org>2012-04-16 19:21:14 +0200
committerArne Schwabe <arne@rfc2549.org>2012-04-16 19:21:14 +0200
commit3e4d8f433239c40311037616b1b8833a06651ae0 (patch)
tree98ab7fce0d011d34677b0beb762d389cb5c39199 /openssl/README.android
Initial import
Diffstat (limited to 'openssl/README.android')
-rw-r--r--openssl/README.android92
1 files changed, 92 insertions, 0 deletions
diff --git a/openssl/README.android b/openssl/README.android
new file mode 100644
index 00000000..e93fb005
--- /dev/null
+++ b/openssl/README.android
@@ -0,0 +1,92 @@
+OpenSSL on the Android platform.
+---
+
+The code in this directory is based on $OPENSSL_VERSION in the file
+openssl.version. See patches/README for more information on how the
+code differs from $OPENSSL_VERSION.
+
+Porting New Versions of OpenSSL.
+--
+
+The following steps are recommended for porting new OpenSSL versions.
+
+1) Retrieve the appropriate version of the OpenSSL source from
+ www.openssl.org/source (in openssl-*.tar.gz file). Check the PGP
+ signature (found in matching openssl-*.tar.gz.asc file) with:
+
+ gpg openssl-*.tar.gz.asc
+
+ If the public key is not found, import the the one with the
+ matching RSA key ID from http://www.openssl.org/about/, using:
+
+ gpg --import # paste PGP public key block on stdin
+
+2) Update the variables in openssl.config and openssl.version as appropriate.
+ At the very least you will need to update the openssl.version.
+ Similarly update ThirdPartyProject.prop.
+
+3) Run:
+
+ ./import_openssl.sh import openssl-*.tar.gz
+
+4) If there are any errors, then modify openssl.config, openssl.version
+ and patches in patches/ as appropriate. You might want to use:
+
+ ./import_openssl.sh regenerate patches/*.patch
+
+ Repeat step 3.
+
+5) Cleanup before building with:
+
+ m -j16 clean-libcrypto clean-libssl clean-openssl clean-ssltest
+
+6) Build openssl from the external/openssl directory with:
+
+ mm -j16 snod && adb remount && adb sync system
+
+ If there are build errors, then patches/*.mk, openssl.config, or
+ android-config.mk may need updating.
+
+7) Run tests to make sure things are working:
+
+ # Run local openssl tests
+ (cd android.testssl/ && ./testssl.sh)
+ # Build and sync libcore tests
+ (croot && cd libcore && mm -j16 snod && adb remount && adb sync)
+ # Run tests from libcore
+ (croot && vogar --classpath out/target/common/obj/JAVA_LIBRARIES/core-tests-support_intermediates/classes.jar --classpath out/target/common/obj/JAVA_LIBRARIES/core-tests_intermediates/classes.jar javax.net.ssl tests.api.javax.net)
+ # Run tests from Harmony
+ (croot && vogar --classpath harmony_tests.jar tests.api.java.math.BigIntegerTest org.apache.harmony.tests.java.math)
+ # try an https website
+ adb shell am start https://online.citibank.com # confirm result in browser
+
+ The vogar tool can be found externally at http://code.google.com/p/vogar/
+ Within Google it can be run with ~dalvik-prebuild/vogar/bin/vogar
+
+ harmony_tests.jar is built from Subversion http://harmony.apache.org/
+ Within Google it can be found at ~dalvik-prebuild/bin/harmony_tests.jar
+
+ # You can also run openssl s_server as a test server on the device:
+ adb push ./android.testssl/CAss.cnf /sdcard/CAss.cnf
+ adb shell openssl req -config /sdcard/CAss.cnf -x509 -nodes -days 365 -subj '/C=US/ST=California/L=Mountain View/CN=localhost' -newkey rsa:1024 -keyout /sdcard/server.pem -out /sdcard/server.pem
+ adb shell openssl s_server -cert /sdcard/server.pem -www -verify 1
+ adb shell am start https://localhost:4433 # confirm result in browser
+
+8) Do a full build before checking in:
+
+ m -j16
+
+Optionally, check whether build flags (located in android-config.mk
+need to be updated. Doing this step will help ensure that the
+compiled library is appropriately optimized for speed and size. To
+update build flags:
+
+a) source openssl.config
+b) tar -zxf openssl-*.tar.gz
+c) cd openssl-*/
+d) ./Configure $CONFIGURE_ARGS
+e) examine Makefile and compare with ../android-config.mk
+f) modify ../openssl.config as appropriate and go to step 3) above.
+
+Alternatively, ."/import_openssl.sh import" now prints the
+post-Configure Makefile for review before deleting in on import.