OpenSSL Android NDK的包装类

时间:2022-12-01 13:12:26

I follow the next tutorial for get the OpenSSL Fips in my app https://wiki.openssl.org/index.php/FIPS_Library_and_Android now I can import the library to my project and link it, but I need to create a wrapper class for connect my library with my Java code, my question is... is there a way to achieve this in a easy way? There are a lot of methods inside the OpenSSL library and i need to read the documentation of all of them and create a function in C for each one, and I don't have experience in C, so if you know another way to do this i'll appreciate your help.

我按照下一个教程在我的应用程序中获取OpenSSL Fips https://wiki.openssl.org/index.php/FIPS_Library_and_Android现在我可以将库导入我的项目并链接它,但我需要创建一个包装器类用我的Java代码连接我的库,我的问题是......有没有办法以简单的方式实现这一点? OpenSSL库中有很多方法,我需要阅读所有这些方法的文档并在C中为每个方法创建一个函数,而且我没有C语言的经验,所以如果你知道另一种方法可以做到这一点我将非常感谢你的帮助。

1 个解决方案

#1


0  

I need to create a wrapper class for connect my library with my Java code, my question is... is there a way to achieve this in a easy way?

我需要创建一个包装类来连接我的库和我的Java代码,我的问题是......有没有办法以一种简单的方式实现这一点?

The easiest way is to create the wrapper shared object. The wrapper shared object will link to the static version of the OpenSSL library and hide all its symbols. To hide the symbols, be sure to specify the option -Wl,--exclude-libs,all.

最简单的方法是创建包装器共享对象。包装器共享对象将链接到OpenSSL库的静态版本并隐藏其所有符号。要隐藏符号,请务必指定选项-Wl, - exclude-libs,all。

If you were working from the command line (and not a Java activity started from Zygote), then you could just use LD_PRELOAD tricks. But you have to work around Zygote loading the down level version of the library.

如果你是从命令行工作(而不是从Zygote开始的Java活动),那么你可以使用LD_PRELOAD技巧。但你必须解决Zygote加载库的低级版本。


read the documentation of all of them...

阅读所有这些文件......

Yep, there's no way around RTFM :)

是的,RTFM没办法:)


and create a function in C for each one...

并为每个人创建一个C函数...

No, you don't need to export 1 to 1. For example, your wrapper can just export a function like:

不,您不需要将1导出为1.例如,您的包装器只能导出如下函数:

MY_SSL_CTX* MyCreateClientContext(...);

MY_SSL_CTX would effectively wrap OpenSSL's SSL_CTX. But MyCreateClientContext would aggregate different functions calls. For example, it would likely call:

MY_SSL_CTX将有效地包装OpenSSL的SSL_CTX。但MyCreateClientContext将聚合不同的函数调用。例如,它可能会调用:

  • SSLv23_method
  • SSL_CTX_new
  • SSL_CTX_set_verify
  • SSL_CTX_set_options
  • SSL_CTX_load_verify_locations

You can see an example of what I would expect it to call in OpenSSL's SSL/TLS Client example. That would include configuring context options, like SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION.

您可以在OpenSSL的SSL / TLS客户端示例中看到我希望它调用的示例。这将包括配置上下文选项,如SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION。

#1


0  

I need to create a wrapper class for connect my library with my Java code, my question is... is there a way to achieve this in a easy way?

我需要创建一个包装类来连接我的库和我的Java代码,我的问题是......有没有办法以一种简单的方式实现这一点?

The easiest way is to create the wrapper shared object. The wrapper shared object will link to the static version of the OpenSSL library and hide all its symbols. To hide the symbols, be sure to specify the option -Wl,--exclude-libs,all.

最简单的方法是创建包装器共享对象。包装器共享对象将链接到OpenSSL库的静态版本并隐藏其所有符号。要隐藏符号,请务必指定选项-Wl, - exclude-libs,all。

If you were working from the command line (and not a Java activity started from Zygote), then you could just use LD_PRELOAD tricks. But you have to work around Zygote loading the down level version of the library.

如果你是从命令行工作(而不是从Zygote开始的Java活动),那么你可以使用LD_PRELOAD技巧。但你必须解决Zygote加载库的低级版本。


read the documentation of all of them...

阅读所有这些文件......

Yep, there's no way around RTFM :)

是的,RTFM没办法:)


and create a function in C for each one...

并为每个人创建一个C函数...

No, you don't need to export 1 to 1. For example, your wrapper can just export a function like:

不,您不需要将1导出为1.例如,您的包装器只能导出如下函数:

MY_SSL_CTX* MyCreateClientContext(...);

MY_SSL_CTX would effectively wrap OpenSSL's SSL_CTX. But MyCreateClientContext would aggregate different functions calls. For example, it would likely call:

MY_SSL_CTX将有效地包装OpenSSL的SSL_CTX。但MyCreateClientContext将聚合不同的函数调用。例如,它可能会调用:

  • SSLv23_method
  • SSL_CTX_new
  • SSL_CTX_set_verify
  • SSL_CTX_set_options
  • SSL_CTX_load_verify_locations

You can see an example of what I would expect it to call in OpenSSL's SSL/TLS Client example. That would include configuring context options, like SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION.

您可以在OpenSSL的SSL / TLS客户端示例中看到我希望它调用的示例。这将包括配置上下文选项,如SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION。