use libcryto.so and libssl.so in an android project?

Question

I\'m beginer to Android NDK. I want to build a RSA example base on openssl libary. First, I built libssl.so and libcrypto.so librairies with ndk-build in the guardianproje

Answer 1

You should build static libraries for libssl and libcrypto in your script. If you can't, rename these libraries (you can do this after build, while copying to your precompiled directory). The reason is that the system comes with its own (probably different) version of these shared libraries, and the loader will use /system/lib/libssl.so and /system/lib/libcrypto.so instead of your private copies.

Regarding the Android.mk file, I slightly cleaned it up for you (note that I did not change the names of prebuilt LOCAL_MODULEs, but changed the name of LOCAL_MODULE you finally build, because security is, well, too generic and could also happen to match a system library on some device):

LOCAL_PATH := $(call my-dir)

# Prebuilt libssl
include $(CLEAR_VARS)
LOCAL_MODULE := ssl
LOCAL_SRC_FILES := precompiled/libPrivateSsl.so
include $(PREBUILT_SHARED_LIBRARY)

# Prebuilt libcrypto
include $(CLEAR_VARS)
LOCAL_MODULE := crypto
LOCAL_SRC_FILES := precompiled/libPrivateCrypto.so
include $(PREBUILT_SHARED_LIBRARY)

include $(CLEAR_VARS)

LOCAL_MODULE := PrivateSecurity
LOCAL_C_INCLUDES := includes
LOCAL_SRC_FILES := TestJNI2.cpp
LOCAL_LDLIBS := -llog
LOCAL_SHARED_LIBRARIES := ssl crypto

include $(BUILD_SHARED_LIBRARY)

Don't forget that your Java should load the dependencies first:

{
    System.loadLibrary("PrivateSsl");
    System.loadLibrary("PrivateCrypto");
    System.loadLibrary("PrivateSecurity");
}

Answer 2

I'm beginer to Android NDK. I want to build a RSA example base on openssl libary.

You can, but you have to be careful. Here's the reason Alex told you to use static libraries for libssl and libcrypto in your script.

The master Android process is zygote. Its like init in Linux. Zygote loads OpenSSL when its start, and it loads version 0.9.8. If you link against OpenSSL 1.0.1, then you will get mysterious runtime crashes. The crashes are due to the Android loader using the 0.9.8 version of the library (already mapped from Zygote), and not your version of OpenSSL.

You can use a shared object, but your shared object must be a wrapper around the static version of libssl and libcrypto.

If you are not using Android's build system, then you can find additional instructions for building purely from the command line at OpenSSL's wiki. The wiki page includes setting the envrionment and cross compiling. See FIPS Library and Android.

Another thing to watch out for: be sure to build with -mfloat-abi=softfp. The stock OpenSSL misses that when cross compiling. You need it to ensure floats are passed on the stack, and not through floating point registers. Otherwise, all your floats will mysteriously have 0.0f value (like the floats used to estimate entropy in RAND_add).