diff --git a/platform/android_aosp/README b/platform/android_aosp/README new file mode 100644 index 0000000..ea21da6 --- /dev/null +++ b/platform/android_aosp/README @@ -0,0 +1,32 @@ + +Installing wolfJSSE into Android OSP as a System Security Provider +-------------------------------------------------------------------------------- + +This directory contains a script and support files required when installing +wolfJSSE into Android OSP (AOSP) source tree as a system security provider. + +Files included in this directory: + +jsse_install.sh - Script to install wolfSSL and wolfSSL JNI source files into + Android AOSP source tree. + +wolfssl/ - Directory containing Android.mk and CleanSpec.mk files to be placed + in "/external/wolfssl" directory. Used by + jsse_install.sh + +wolfssljni/ - Directory containing Android.mk file to be placed in + /external/wolfssljni" directory. Used by + jsse_install.sh + +For instructions on installing wolfJSSE as a Android security provider, please +reference the document titled: + +"Installing a JSSE Provider in Android OSP" by wolfSSL + +Support: +-------------------------------------------------------------------------------- + +Please email support@wolfssl.com with any questions or inquiries. + +Copyright (C) 2019 wolfSSL Inc. + diff --git a/platform/android_aosp/jsse_install.sh b/platform/android_aosp/jsse_install.sh new file mode 100755 index 0000000..b84b66f --- /dev/null +++ b/platform/android_aosp/jsse_install.sh @@ -0,0 +1,111 @@ +#!/bin/bash + +# wolfSSL and wolfSSL JNI AOSP Install Script +# +# This script will install necessary source files from the wolfSSL C library +# source directory and the wolfSSL JNI source directory into an Android +# OSP (Open Source Project) working source tree. +# +# This script is used as one step to install wolfJSSE as an alternate SSL/TLS +# Security Provider into Android AOSP. +# +# Before using this script, please read: +# +# 1) README.android_asop (located in this same directory) +# 2) "Installing a JSSE Provider in Android AOSP" document, by wolfSSL +# +# Copyright (C) 2019, wolfSSL Inc. + +if [ "$#" -lt 3 ]; then + echo "-------------------------------------------" >&2 + echo "wolfSSL and wolfSSL JNI AOSP Install Script" >&2 + echo "-------------------------------------------" >&2 + echo "Usage: $0 [wolfssl_dir] [wolfssljni_dir] [aosp_dir]" >&2 + echo " [wolfssl_dir]: wolfSSL library source directory" >&2 + echo " [wolfssljni_dir]: wolfssljni source directory" >&2 + echo " [aosp_dir]: Android AOSP working source directory" >&2 + echo "" >&2 + echo "Note: This script will copy files into AOSP directory" >&2 + echo "" >&2 + exit 1 +fi + +wolfssl_dir=$1 +wolfssljni_dir=$2 +aosp_dir=$3 + +# Check if directories exist +if [ ! -d $wolfssl_dir ]; then + echo "wolfSSL directory does not exist: $wolfssl_dir" + exit 1 +fi + +if [ ! -d $wolfssljni_dir ]; then + echo "wolfSSL JNI directory does not exist: $wolfssljni_dir" + exit 1 +fi + +if [ ! -d $aosp_dir ]; then + echo "Android AOSP directory does not exist: $aosp_dir" + exit 1 +fi + +if [ ! -d $wolfssljni_dir/platform/android_aosp ]; then + echo "wolfSSL JNI does not contain 'platform/android_aosp' directory" + exit 1 +fi + +# Check if AOSP files exist in wolfssljni bundle +jni_has_aosp=1 +jni_aosp=$wolfssljni_dir/platform/android_aosp + +if [ ! -f $jni_aosp/wolfssl/Android.mk ]; then + jni_has_aosp=0 +fi + +if [ ! -f $jni_aosp/wolfssl/CleanSpec.mk ]; then + jni_has_aosp=0 +fi + +if [ ! -f $jni_aosp/wolfssljni/Android.mk ]; then + jni_has_aosp=0 +fi + +if [ $jni_has_aosp -eq 0 ]; then + echo "wolfSSL JNI does not contain necessary AOSP files, check bundle" + exit 1 +fi + +aosp_wolfssl=$aosp_dir/external/wolfssl +aosp_wolfssljni=$aosp_dir/external/wolfssljni + +# Copy wolfSSL sources over to AOSP code tree +if [ -d $aosp_wolfssl ]; then + echo "$aosp_wolfssl already exists, skipping wolfSSL copy" +else + mkdir -p $aosp_wolfssl + cp $jni_aosp/wolfssl/Android.mk $aosp_wolfssl + cp $jni_aosp/wolfssl/CleanSpec.mk $aosp_wolfssl + + cp -r $wolfssl_dir/certs $aosp_wolfssl/certs + cp -r $wolfssl_dir/src $aosp_wolfssl/src + cp -r $wolfssl_dir/wolfcrypt $aosp_wolfssl/wolfcrypt + cp -r $wolfssl_dir/wolfssl $aosp_wolfssl/wolfssl + + cp $wolfssl_dir/README $aosp_wolfssl + cp $wolfssl_dir/COPYING $aosp_wolfssl +fi + +# Copy wolfSSL JNI sources over to AOSP code tree +if [ -d $aosp_wolfssljni ]; then + echo "$aosp_wolfssljni already exists, skipping wolfSSL copy" +else + mkdir -p $aosp_wolfssljni + cp $jni_aosp/wolfssljni/Android.mk $aosp_wolfssljni + + cp -r $wolfssljni_dir/* $aosp_wolfssljni +fi + +echo "All Files copied into Android AOSP source tree." +echo "" + diff --git a/platform/android_aosp/wolfssl/Android.mk b/platform/android_aosp/wolfssl/Android.mk new file mode 100644 index 0000000..6efdc32 --- /dev/null +++ b/platform/android_aosp/wolfssl/Android.mk @@ -0,0 +1,91 @@ +LOCAL_PATH:= $(call my-dir) +include $(CLEAR_VARS) + +LOCAL_MODULE:= libwolfssl +LOCAL_MODULE_TAGS := optional +LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH) +LOCAL_CFLAGS:= -DWOLFSSL_JNI -DWOLFSSL_DTLS -DOPENSSL_EXTRA -DHAVE_CRL -DHAVE_OCSP -DHAVE_CRL_MONITOR -DPERSIST_SESSION_CACHE -DPERSIST_CERT_CACHE -DATOMIC_USER -DHAVE_ECC -DTFM_ECC256 -DHAVE_PK_CALLBACKS -DHAVE_DH -DWOLFSSL_CERT_EXT -DWOLFSSL_CERT_GEN -DUSE_FAST_MATH -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT -DWC_RSA_BLINDING -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_ALPN -DHAVE_TRUSTED_CA -DHAVE_SUPPORTED_CURVES -Os -fomit-frame-pointer +LOCAL_C_INCLUDES += \ + external/wolfssl/wolfssl \ + external/wolfssl \ + +LOCAL_SRC_FILES:= \ + ./src/crl.c \ + ./src/internal.c \ + ./src/keys.c \ + ./src/ocsp.c \ + ./src/sniffer.c \ + ./src/ssl.c \ + ./src/tls.c \ + ./src/tls13.c \ + ./src/wolfio.c + +LOCAL_SRC_FILES+= \ + ./wolfcrypt/src/aes.c \ + ./wolfcrypt/src/arc4.c \ + ./wolfcrypt/src/asm.c \ + ./wolfcrypt/src/asn.c \ + ./wolfcrypt/src/blake2b.c \ + ./wolfcrypt/src/blake2s.c \ + ./wolfcrypt/src/camellia.c \ + ./wolfcrypt/src/chacha.c \ + ./wolfcrypt/src/chacha20_poly1305.c \ + ./wolfcrypt/src/cmac.c \ + ./wolfcrypt/src/coding.c \ + ./wolfcrypt/src/compress.c \ + ./wolfcrypt/src/cpuid.c \ + ./wolfcrypt/src/cryptocb.c \ + ./wolfcrypt/src/curve25519.c \ + ./wolfcrypt/src/des3.c \ + ./wolfcrypt/src/dh.c \ + ./wolfcrypt/src/dsa.c \ + ./wolfcrypt/src/ecc.c \ + ./wolfcrypt/src/ecc_fp.c \ + ./wolfcrypt/src/ed25519.c \ + ./wolfcrypt/src/error.c \ + ./wolfcrypt/src/fe_low_mem.c \ + ./wolfcrypt/src/fe_operations.c \ + ./wolfcrypt/src/ge_low_mem.c \ + ./wolfcrypt/src/ge_operations.c \ + ./wolfcrypt/src/hash.c \ + ./wolfcrypt/src/hc128.c \ + ./wolfcrypt/src/hmac.c \ + ./wolfcrypt/src/idea.c \ + ./wolfcrypt/src/integer.c \ + ./wolfcrypt/src/logging.c \ + ./wolfcrypt/src/md2.c \ + ./wolfcrypt/src/md4.c \ + ./wolfcrypt/src/md5.c \ + ./wolfcrypt/src/memory.c \ + ./wolfcrypt/src/pkcs12.c \ + ./wolfcrypt/src/pkcs7.c \ + ./wolfcrypt/src/poly1305.c \ + ./wolfcrypt/src/pwdbased.c \ + ./wolfcrypt/src/rabbit.c \ + ./wolfcrypt/src/random.c \ + ./wolfcrypt/src/ripemd.c \ + ./wolfcrypt/src/rsa.c \ + ./wolfcrypt/src/selftest.c \ + ./wolfcrypt/src/sha.c \ + ./wolfcrypt/src/sha256.c \ + ./wolfcrypt/src/sha3.c \ + ./wolfcrypt/src/sha512.c \ + ./wolfcrypt/src/signature.c \ + ./wolfcrypt/src/sp_arm32.c \ + ./wolfcrypt/src/sp_arm64.c \ + ./wolfcrypt/src/sp_armthumb.c \ + ./wolfcrypt/src/sp_c32.c \ + ./wolfcrypt/src/sp_c64.c \ + ./wolfcrypt/src/sp_cortexm.c \ + ./wolfcrypt/src/sp_int.c \ + ./wolfcrypt/src/sp_x86_64.c \ + ./wolfcrypt/src/srp.c \ + ./wolfcrypt/src/tfm.c \ + ./wolfcrypt/src/wc_encrypt.c \ + ./wolfcrypt/src/wc_pkcs11.c \ + ./wolfcrypt/src/wc_port.c \ + ./wolfcrypt/src/wolfevent.c \ + ./wolfcrypt/src/wolfmath.c + +include $(BUILD_SHARED_LIBRARY) + diff --git a/platform/android_aosp/wolfssl/CleanSpec.mk b/platform/android_aosp/wolfssl/CleanSpec.mk new file mode 100644 index 0000000..ac41d23 --- /dev/null +++ b/platform/android_aosp/wolfssl/CleanSpec.mk @@ -0,0 +1,2 @@ +$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/EXECUTABLES/libwolfssl_intermediates) +$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libwolfssl_intermediates) diff --git a/platform/android_aosp/wolfssljni/Android.mk b/platform/android_aosp/wolfssljni/Android.mk new file mode 100644 index 0000000..f541210 --- /dev/null +++ b/platform/android_aosp/wolfssljni/Android.mk @@ -0,0 +1,46 @@ + +# Definitions for building the wolfSSL JNI library and native code + +LOCAL_PATH := $(call my-dir) + +javac_flags:=-Xmaxwarns 9999999 +native_cflags := -Wall + +# Create the wolfSSL JNI library +include $(CLEAR_VARS) +LOCAL_SRC_FILES := $(call all-java-files-under,src/java) +LOCAL_NO_STANDARD_LIBRARIES := true +LOCAL_JAVACFLAGS := $(javac_flags) +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE := wolfssljni +LOCAL_REQUIRED_MODULES := libwolfssljni libwolfssl +LOCAL_ADDITIONAL_DEPENDENCIES := $(LOCAL_PATH)/Android.mk +include $(BUILD_JAVA_LIBRARY) + +# Create wolfSSL JNI native library +include $(CLEAR_VARS) +LOCAL_CFLAGS += $(native_cflags) +LOCAL_CFLAGS:= -DWOLFSSL_JNI -DWOLFSSL_DTLS -DOPENSSL_EXTRA -DHAVE_CRL -DHAVE_OCSP -DHAVE_CRL_MONITOR -DPERSIST_SESSION_CACHE -DPERSIST_CERT_CACHE -DATOMIC_USER -DHAVE_ECC -DTFM_ECC256 -DHAVE_PK_CALLBACKS -DHAVE_DH -DWOLFSSL_CERT_EXT -DWOLFSSL_CERT_GEN -DUSE_FAST_MATH -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT -DWC_RSA_BLINDING -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_ALPN -DHAVE_TRUSTED_CA -DHAVE_SUPPORTED_CURVES -Os -fomit-frame-pointer +LOCAL_SRC_FILES := \ + native/com_wolfssl_wolfcrypt_ECC.c \ + native/com_wolfssl_wolfcrypt_EccKey.c \ + native/com_wolfssl_wolfcrypt_RSA.c \ + native/com_wolfssl_WolfSSL.c \ + native/com_wolfssl_WolfSSLCertificate.c \ + native/com_wolfssl_WolfSSLCertManager.c \ + native/com_wolfssl_WolfSSLContext.c \ + native/com_wolfssl_WolfSSLSession.c +LOCAL_C_INCLUDES := \ + $(LOCAL_PATH)/native \ + external/wolfssl +LOCAL_EXPORT_C_INCLUDES := $(LOCAL_PATH)/native +LOCAL_SHARED_LIBRARIES := libwolfssl +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE := libwolfssljni +LOCAL_ADDITIONAL_DEPENDENCIES := $(LOCAL_PATH)/Android.mk +include $(BUILD_SHARED_LIBRARY) + +# Clear local variables +native_cflags := +javac_flags := +