Merge pull request #13 from bandi13/addAndroid

Add in sample IDE/android environment

Author: JacobBarthelmeh

.gitignore

@@ -55,3 +55,10 @@
 # Installed dependencies
 /openssl*
 /wolfssl*
+
+IDE/Android/android-ndk-r26b/
+IDE/Android/openssl/
+IDE/Android/openssl-install/
+IDE/Android/wolfssl/
+IDE/Android/wolfssl-install/
+IDE/Android/wolfProvider/

IDE/Android/README.md

@@ -0,0 +1,43 @@
+Installing WolfProvider on Android
+
+# Prerequisites
+You will need Android Studio to run an emulator. Though having an Android device plugged in via USB and able to connect via ADB should also work.
+
+This example works with an x86_64 version of Android, but it should be relatively simple to change and use ARM or ARM64. You would need to modify `build.sh`.
+
+You'll need to get the [Android NDK](https://developer.android.com/ndk/downloads/). I used [this one](https://dl.google.com/android/repository/android-ndk-r26b-linux.zip). The `build.sh` script should do this for you.
+
+# Usage
+Have your Android device up and running. You can confirm it is reachable with `adb devices`.
+
+Run the `build.sh` command which will compile OpenSSL as well as WolfProvider. Once the libraries are built, it will remove the symbolic links from the folders (because `adb push` is unable to deal with them). Lastly it will upload the files to `/data/local/tmp` on your Android device. It will also copy `run.sh` and execute it.
+
+`run.sh` is a script that will attempt to run OpenSSL with wolfProvider and should output something like:
+```
+Providers:
+  libwolfprov
+    name: wolfSSL Provider
+    version: 0.0.1
+    status: active
+    build info: wolfSSL 5.6.4
+    gettable provider parameters:
+      name: pointer to a UTF8 encoded string (arbitrary size)
+      version: pointer to a UTF8 encoded string (arbitrary size)
+      buildinfo: pointer to a UTF8 encoded string (arbitrary size)
+      status: integer (arbitrary size)
+		evpciph_aes_wrap.txt ... PASS
+		evpencod.txt ... PASS
+		evpkdf_hkdf.txt ... PASS
+		evpkdf_pbkdf2.txt ... PASS
+		evpkdf_tls11_prf.txt ... PASS
+		evpkdf_tls12_prf.txt ... PASS
+		evpkdf_tls13_kdf.txt ... PASS
+		evpmd_md.txt ... PASS
+		evpmd_sha.txt ... PASS
+		evppbe_pbkdf2.txt ... PASS
+		evppbe_pkcs12.txt ... PASS
+		evppkey_kdf_hkdf.txt ... PASS
+		evppkey_kdf_tls1_prf.txt ... PASS
+```
+
+An alternate way of running `build.sh` is within a Docker environment. This can avoid unwanted local changes to your system by wrapping the environment in a container. Simply launch Docker with `docker run --rm -it -v $(pwd)/../../:/ws -w /ws/IDE/Android ubuntu:22.04 ./build.sh`. This should start the script and build everything in the local folder. Then you can take the `run.sh` script and run it from your host environment.

IDE/Android/build.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+
+set -e
+WORKSPACE=$(pwd)
+
+AUTO_INSTALL_TOOLS=${AUTO_INSTALL_TOOLS:-true}
+if [ "${AUTO_INSTALL_TOOLS}" == "true" ]; then
+    DEBIAN_FRONTEND=noninteractive apt update && apt install -y git make autoconf libtool android-tools-adb unzip wget
+fi
+
+# https://developer.android.com/ndk/downloads/
+export ANDROID_NDK_ROOT=${ANDROID_NDK_ROOT:-${WORKSPACE}/android-ndk-r26b}
+if [ ! -e ${ANDROID_NDK_ROOT} ]; then
+    wget -q https://dl.google.com/android/repository/android-ndk-r26b-linux.zip
+    unzip android-ndk-r26b-linux.zip
+fi
+PATH="${ANDROID_NDK_ROOT}/toolchains/llvm/prebuilt/linux-x86_64/bin:$PATH"
+
+# Compile OpenSSL
+export OPENSSL_ALL_CIPHERS="-cipher ALL -ciphersuites TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256"
+if [ ! -e ${WORKSPACE}/openssl ]; then
+    git clone https://github.com/openssl/openssl.git ${WORKSPACE}/openssl
+    cd ${WORKSPACE}/openssl && \
+        ./Configure android-x86_64 --prefix=${WORKSPACE}/openssl-install && \
+        sed -i 's/-ldl//g' Makefile && \
+        sed -i 's/-pie//g' Makefile && \
+        make -j && \
+        make -j install
+fi
+export LD_LIBRARY_PATH="${WORKSPACE}/openssl-install/lib64:$LD_LIBRARY_PATH"
+
+# Compile WolfSSL
+export WOLFSSL_CONFIG_OPTS='--enable-debug --enable-opensslcoexist --enable-cmac --enable-keygen --enable-sha --enable-aesctr --enable-aesccm --enable-x963kdf --enable-compkey --enable-certgen --enable-aeskeywrap --enable-enckeys --enable-base16 --enable-aesgcm-stream --enable-curve25519 --enable-curve448 --enable-ed25519 --enable-ed448 --enable-pwdbased'
+export WOLFSSL_CONFIG_CPPFLAGS=CPPFLAGS="-I${WORKSPACE}/openssl-install -DHAVE_AES_ECB -DWOLFSSL_AES_DIRECT -DWC_RSA_NO_PADDING -DWOLFSSL_PUBLIC_MP -DECC_MIN_KEY_SZ=192 -DHAVE_PUBLIC_FFDHE -DHAVE_FFDHE_6144 -DHAVE_FFDHE_8192 -DFP_MAX_BITS=16384 -DWOLFSSL_DH_EXTRA -DWOLFSSL_PSS_LONG_SALT -DWOLFSSL_PSS_SALT_LEN_DISCOVER"
+export UNAME=Android
+export CROSS_COMPILE=${ANDROID_NDK_ROOT}/toolchains/llvm/prebuilt/linux-x86_64/bin/x86_64-linux-android34-
+export CC=x86_64-linux-android34-clang
+if [ ! -e ${WORKSPACE}/wolfssl ]; then
+    git clone https://github.com/wolfssl/wolfssl ${WORKSPACE}/wolfssl
+    cd ${WORKSPACE}/wolfssl && \
+        ./autogen.sh && \
+        ./configure ${WOLFSSL_CONFIG_OPTS} "${WOLFSSL_CONFIG_CPPFLAGS}" -prefix=${WORKSPACE}/wolfssl-install --host=x86_64-linux-android --disable-asm CFLAGS=-fPIC && \
+        make -j install
+fi
+export LD_LIBRARY_PATH="${WORKSPACE}/wolfssl-install/lib:$LD_LIBRARY_PATH"
+export LIBRARY_PATH="${WORKSPACE}/wolfssl-install/lib:$LIBRARY_PATH"
+
+# If running in wolfProvider/IDE/Android, then 'ln -s ../../ wolfProvider'
+if [ ! -e ${WORKSPACE}/wolfProvider ]; then
+    git clone https://github.com/wolfssl/wolfProvider ${WORKSPACE}/wolfProvider
+fi
+cd ${WORKSPACE}/wolfProvider && \
+    ./autogen.sh && \
+    ./configure --with-openssl=${WORKSPACE}/openssl-install --with-wolfssl=${WORKSPACE}/wolfssl-install --host=x86_64-linux-android CFLAGS="-lm -fPIC" --enable-debug && \
+    make -j

IDE/Android/run.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+set -e
+WORKSPACE=$(pwd)
+
+# Prepare to copy over and run on an Android system
+rm -rf ${WORKSPACE}/openssl-install/share
+rm -rf ${WORKSPACE}/openssl-install/ssl/misc/tsget
+
+adb push --sync ${WORKSPACE}/openssl-install ${WORKSPACE}/wolfssl/src/.libs/libwolfssl.so ${WORKSPACE}/wolfProvider/.libs/libwolfprov.so ${WORKSPACE}/wolfProvider/provider.conf ${WORKSPACE}/wolfProvider/scripts run_helper.sh /data/local/tmp/.
+
+adb shell "cd /data/local/tmp/ && ./run_helper.sh"
+

IDE/Android/run_helper.sh

@@ -0,0 +1,49 @@
+RUNDIR=/data/local/tmp/
+export LD_LIBRARY_PATH=${RUNDIR}:${RUNDIR}/openssl-install/lib
+export OPENSSL_MODULES=${RUNDIR}
+export OPENSSL_CONF=${RUNDIR}/provider.conf
+${RUNDIR}/openssl-install/bin/openssl list -provider-path ${RUNDIR} -providers -verbose
+#${RUNDIR}/openssl-install/bin/openssl help list
+
+EVP_TESTS=(
+#    evpciph_aes_ccm_cavs.txt
+#    evpciph_aes_common.txt
+    evpciph_aes_wrap.txt
+    evpencod.txt
+    evpkdf_hkdf.txt
+    evpkdf_pbkdf2.txt
+    evpkdf_tls11_prf.txt
+    evpkdf_tls12_prf.txt
+    evpkdf_tls13_kdf.txt
+#    evpmac_common.txt
+    evpmd_md.txt
+    evpmd_sha.txt
+    evppbe_pbkdf2.txt
+    evppbe_pkcs12.txt
+#    evppkey_dh.txt
+#    evppkey_ecc.txt
+#    evppkey_ecdh.txt
+#    evppkey_ecdsa.txt
+#    evppkey_ecx.txt
+#    evppkey_ffdhe.txt
+#    evppkey_kas.txt
+    evppkey_kdf_hkdf.txt
+    evppkey_kdf_tls1_prf.txt
+#    evppkey_mismatch.txt
+#    evppkey_rsa_common.txt
+#    evppkey_rsa.txt
+)
+for T in ${EVP_TESTS[@]}
+do
+    printf "\t\t$T ... "
+    ${RUNDIR}/openssl/test/evp_test -config ${RUNDIR}/provider.conf \
+        ${RUNDIR}/scripts/evp_test/$T \
+        >$T.log 2>&1
+    if [ "$?" = "0" ]; then
+        echo "PASS"
+    else
+        echo "ERROR"
+        FAIL_CNT=$((FAIL_CNT+1))
+    fi
+done
+