iceColdChris/fips-sqlcipher
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: initial project structure

Browse Source
This commit is contained in:
Christopher Fahlin
2026-05-04 19:34:28 -07:00
commit c4c049a933
555 changed files with 177698 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitignore
+87
View File
@@ -0,0 +1,87 @@
# OS specific
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
Icon?
ehthumbs.db
Thumbs.db
# Build & Distribution
/build/
/dist/
/out/android/
/out/ios/
# Compiled Object files
*.slo
*.lo
*.o
*.obj
# Precompiled Headers
*.gch
*.pch
# Compiled Dynamic libraries
*.so
*.dylib
*.dll
# Compiled Static libraries
*.lai
*.la
*.a
*.lib
# Executables
*.exe
*.out
*.app
# CMake generated files (when building in-tree)
CMakeCache.txt
CMakeFiles/
CMakeScripts/
cmake_install.cmake
install_manifest.txt
Makefile
_deps/
# IDEs
.idea/
.vscode/
*.swp
*.swo
*.iml
# Android / Gradle
.gradle/
local.properties
# Note: These are generated by tests/android-fips/bootstrap.sh in this project
tests/android-fips/gradlew
tests/android-fips/gradlew.bat
tests/android-fips/gradle/wrapper/gradle-wrapper.jar
# Staged artifacts for Android tests
tests/android-fips/app/src/main/jniLibs/
tests/android-fips/app/src/main/cpp/include/
tests/android-fips/app/src/main/assets/fips/
# Sample app staged artifacts
samples/android/app/src/main/jniLibs/
samples/android/app/libs/
samples/android/app/build/
samples/android/.gradle/
samples/android/local.properties
# mise
.mise.local.toml
# grepai
.grepai/*.gob
.grepai/*.lock
# Tags
tags
TAGS
.grepai/config.yaml
+127
View File
@@ -0,0 +1,127 @@
version: 1
embedder:
provider: ollama
model: nomic-embed-text
endpoint: http://localhost:11434
dimensions: 768
parallelism: 4
store:
backend: gob
chunking:
size: 512
overlap: 50
watch:
debounce_ms: 500
last_index_time: 2026-05-04T19:27:24.134366-07:00
rpg_persist_interval_ms: 1000
rpg_derived_debounce_ms: 300
rpg_full_reconcile_interval_sec: 300
rpg_max_dirty_files_per_batch: 128
search:
boost:
enabled: true
penalties:
- pattern: /tests/
factor: 0.5
- pattern: /test/
factor: 0.5
- pattern: __tests__
factor: 0.5
- pattern: _test.
factor: 0.5
- pattern: .test.
factor: 0.5
- pattern: .spec.
factor: 0.5
- pattern: test_
factor: 0.5
- pattern: /mocks/
factor: 0.4
- pattern: /mock/
factor: 0.4
- pattern: .mock.
factor: 0.4
- pattern: /fixtures/
factor: 0.4
- pattern: /testdata/
factor: 0.4
- pattern: /generated/
factor: 0.4
- pattern: .generated.
factor: 0.4
- pattern: .gen.
factor: 0.4
- pattern: .md
factor: 0.6
- pattern: /docs/
factor: 0.6
bonuses:
- pattern: /src/
factor: 1.1
- pattern: /lib/
factor: 1.1
- pattern: /app/
factor: 1.1
hybrid:
enabled: false
k: 60
trace:
mode: fast
enabled_languages:
- .go
- .js
- .ts
- .jsx
- .tsx
- .py
- .php
- .lua
- .c
- .h
- .cpp
- .hpp
- .cc
- .cxx
- .rs
- .zig
- .cs
- .java
- .fs
- .fsx
- .fsi
- .pas
- .dpr
exclude_patterns:
- '*_test.go'
- '*.spec.ts'
- '*.spec.js'
- '*.test.ts'
- '*.test.js'
- __tests__/*
rpg:
enabled: false
feature_mode: local
drift_threshold: 0.35
max_traversal_depth: 3
llm_provider: ollama
llm_endpoint: http://localhost:11434/v1
llm_timeout_ms: 8000
feature_group_strategy: sample
update:
check_on_startup: false
ignore:
- .git
- .grepai
- node_modules
- vendor
- bin
- dist
- __pycache__
- .venv
- venv
- .idea
- .vscode
- target
- .zig-cache
- zig-out
- qdrant_storage
CLAUDE.md
+109
View File
@@ -0,0 +1,109 @@
# CLAUDE.md
This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
## Project Overview
A CMake-based cross-compile pipeline producing FIPS 140-3 compliant OpenSSL 3.0.x + SQLCipher 4.6.x for Android and iOS. Outputs: AAR (Android) and XCFramework (iOS). The FIPS provider is the validated cryptographic boundary; post-build binary mutation (strip, compress, re-sign) invalidates the HMAC integrity check.
## Build Commands
```bash
mise trust && mise install
export ANDROID_NDK_ROOT="$HOME/Library/Android/sdk/ndk/<version>"
# Android
./build.sh android # arm64-v8a (default)
ANDROID_ABI=x86_64 ./build.sh android # emulator
# iOS
./build.sh ios # device arm64
./build.sh ios-simulator # simulator arm64 + x86_64
./build.sh ios-all # all iOS slices
# Everything
./build.sh all
# Packaging
./build.sh package-aar # -> dist/fips-sqlcipher.aar
./build.sh package-xcframework # -> dist/FIPSSQLCipher.xcframework
./build.sh package # both
```
### Test App (tests/android-fips)
```bash
cd tests/android-fips
./bootstrap.sh
./gradlew assembleDebug
./gradlew installDebug
```
## Architecture
Single `CMakeLists.txt` dispatches on `-DTARGET_PLATFORM=Android|iOS`:
- **Android path:** NDK toolchain, shared libs, `dlopen`-based FIPS provider
- **iOS path:** Xcode SDK, static libs only (App Store constraint), incore FIPS
Platform-specific cmake modules:
| Android | iOS | Purpose |
| ------------------------- | -------------------------- | -------------------------- |
| cmake/BuildOpenSSL.cmake | cmake/BuildOpenSSL_iOS.cmake | Cross-compile OpenSSL |
| cmake/BuildSQLCipher.cmake| cmake/BuildSQLCipher_iOS.cmake | Build SQLCipher |
| cmake/PreserveFipsIntegrity.cmake | (shared) | Strip kill-switch, guards |
**Android:** Shared libs (`libfips.so` + `libcrypto.so` + `libsqlcipher.so`). FIPS integrity via HMAC in `fipsmodule.cnf`. Provider loaded at runtime via `dlopen`.
**iOS:** Static libs for crypto (`libcrypto.a` + `libssl.a` + `libsqlcipher.a`). FIPS provider is `fips.dylib` (Mach-O bundle, loaded via `OSSL_PROVIDER_load` which internally uses `dlopen`). Integrity via incore HMAC; must never be stripped.
**FIPS runtime probe:** `__attribute__((constructor))` that aborts if the FIPS provider isn't active. On Android linked via `--whole-archive`; on iOS via `-force_load`.
**Packaging:** `packaging/package_aar.sh` assembles the AAR; `packaging/package_xcframework.sh` runs `libtool` + `lipo` + `xcodebuild -create-xcframework`.
## Key Constraints
- `STRIP=/usr/bin/true` in all build env blocks. Never re-enable.
- `libfips.so` is chmod 0444 post-staging. Baseline sha256 recorded.
- `fipsmodule.cnf` must be generated on matching CPU architecture.
- CMake COMMAND lists cannot use inline `sh -c` (semicolons are list separators). Helper scripts emitted instead.
- Android `$ORIGIN` RUNPATH: `\$$ORIGIN` escaping for Make + shell layers.
- iOS builds use Ninja generator (`-G Ninja`); Android uses Unix Makefiles.
- iOS cmake is invoked with `-DTARGET_PLATFORM=iOS` (same top-level CMakeLists.txt, platform conditional).
- C++ interop: `include/fips_sqlcipher.h` wraps headers in `extern "C"`. Use shared libc++ on Android to avoid ODR violations.
## Configuration Variables
All settable via env: `ANDROID_NDK_ROOT`, `ANDROID_ABI`, `ANDROID_PLATFORM`, `OPENSSL_VERSION`, `SQLCIPHER_VERSION`, `OPENSSL_URL_HASH`, `OPENSSL_HOST_BIN`, `IOS_DEPLOYMENT_TARGET` (default 17.0), `BUILD_TYPE`, `JOBS`.
CMake-only options:
- `-DFIPS_DEVELOPER_MODE=ON` -- enables `-Wall -Wextra -Werror` on probe code and `CMAKE_EXPORT_COMPILE_COMMANDS`
- `-DFIPS_PARALLEL_JOBS=N` -- caps `make -j` in ExternalProject (defaults to host CPU count)
Bumping `OPENSSL_VERSION` requires updating `OPENSSL_URL_HASH` and re-running FIPS integrity baselines.
## CMake Module Structure
- `cmake/FIPSConfig.cmake` -- shared constants (URL/hash, job cap, probe source generator, no-op strip path)
- `cmake/FIPSSQLCipherConfig.cmake.in` -- package config template for `find_package(FIPSSQLCipher)` consumers
## FIPS Initialization Helpers
`include/fips_init.h` + `src/fips_init.c` -- portable C API for FIPS provider bootstrap at app startup. Platform-specific wrappers:
- `src/fips_init_android.c` -- handles `OPENSSL_MODULES` / `FIPSMODULE_CNF` env from Context paths
- `src/fips_init_ios.c` -- loads provider from bundle resource path
`scripts/verify_package_integrity.sh` -- CI script that extracts FIPS modules from AAR/XCFramework and validates SHA256, .symtab, and .rodata presence.
## Output
`./build.sh package` stages everything needed for integration into `out/`:
- `out/android/fips-sqlcipher.aar`
- `out/ios/FIPSSQLCipher.xcframework`
- `out/include/` and `out/src/` -- FIPS init helpers
- `out/install.md` -- integration guide
## Tooling
Managed by `mise.toml`: cmake 3.29, ninja 1.12.1, perl 5.40.2, JDK temurin-17, Gradle 8.10.2. NDK and Xcode are NOT mise-managed.
CMakeLists.txt
+205
View File
@@ -0,0 +1,205 @@
# SPDX-License-Identifier: Apache-2.0
# ---------------------------------------------------------------------------
# FIPS-compliant SQLCipher cross-platform build pipeline.
# Supports Android (NDK) and iOS (Xcode) targets.
#
# Platform selection:
# -DTARGET_PLATFORM=Android (default) NDK cross-compile, shared libs
# -DTARGET_PLATFORM=iOS Xcode cross-compile, static libs
#
# Developer mode (probe code warnings + compile_commands.json):
# -DFIPS_DEVELOPER_MODE=ON
# ---------------------------------------------------------------------------
cmake_minimum_required(VERSION 3.22)
project(fips_sqlcipher
VERSION 1.0.0
DESCRIPTION "FIPS-compliant SQLCipher orchestration for mobile targets"
LANGUAGES C
)
# ---------------------------------------------------------------------------
# Options and cache variables
# ---------------------------------------------------------------------------
set(TARGET_PLATFORM "Android" CACHE STRING "Target platform: Android or iOS")
set_property(CACHE TARGET_PLATFORM PROPERTY STRINGS "Android" "iOS")
set(OPENSSL_VERSION "3.0.8" CACHE STRING "OpenSSL FIPS source version")
set(SQLCIPHER_VERSION "v4.6.1" CACHE STRING "SQLCipher release tag")
option(FIPS_DEVELOPER_MODE "Enable warnings and compile_commands.json for in-project code" OFF)
# ---------------------------------------------------------------------------
# Developer mode: compile_commands.json for LSP/static analysis
# ---------------------------------------------------------------------------
if(FIPS_DEVELOPER_MODE)
set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
endif()
# ---------------------------------------------------------------------------
# Module path and shared infrastructure
# ---------------------------------------------------------------------------
list(APPEND CMAKE_MODULE_PATH "${PROJECT_SOURCE_DIR}/cmake")
include(ExternalProject)
include(FIPSConfig)
# ---------------------------------------------------------------------------
# Dist layout (shared structure, platform-specific prefix)
# ---------------------------------------------------------------------------
set(DIST_ROOT "${PROJECT_SOURCE_DIR}/dist")
# ===========================================================================
# ANDROID
# ===========================================================================
if(TARGET_PLATFORM STREQUAL "Android")
set(ANDROID_ABI "arm64-v8a" CACHE STRING "Target Android ABI")
set(ANDROID_PLATFORM "android-24" CACHE STRING "Minimum Android API level")
if(NOT ANDROID_NDK AND DEFINED ENV{ANDROID_NDK_ROOT})
set(ANDROID_NDK "$ENV{ANDROID_NDK_ROOT}" CACHE PATH "Android NDK root")
endif()
if(NOT ANDROID_NDK OR NOT EXISTS "${ANDROID_NDK}")
message(FATAL_ERROR
"ANDROID_NDK is not set or does not exist. "
"Export ANDROID_NDK_ROOT or pass -DANDROID_NDK=/path/to/ndk.")
endif()
set(DIST_ABI_DIR "${DIST_ROOT}/${ANDROID_ABI}")
set(DIST_LIB_DIR "${DIST_ABI_DIR}/lib")
set(DIST_INCLUDE_DIR "${DIST_ABI_DIR}/include")
set(DIST_FIPS_DIR "${DIST_ABI_DIR}/fips")
file(MAKE_DIRECTORY
"${DIST_LIB_DIR}" "${DIST_INCLUDE_DIR}" "${DIST_FIPS_DIR}")
include(PreserveFipsIntegrity)
include(BuildOpenSSL)
include(BuildSQLCipher)
add_custom_target(fips_sqlcipher ALL
DEPENDS sqlcipher_ep
COMMAND ${CMAKE_COMMAND} -E echo ""
COMMAND ${CMAKE_COMMAND} -E echo "FIPS SQLCipher pipeline complete [Android]"
COMMAND ${CMAKE_COMMAND} -E echo " ABI: ${ANDROID_ABI}"
COMMAND ${CMAKE_COMMAND} -E echo " API: ${ANDROID_PLATFORM}"
COMMAND ${CMAKE_COMMAND} -E echo " OpenSSL: ${OPENSSL_VERSION}"
COMMAND ${CMAKE_COMMAND} -E echo " SQLCipher: ${SQLCIPHER_VERSION}"
COMMAND ${CMAKE_COMMAND} -E echo " Artifacts: ${DIST_ABI_DIR}"
)
message(STATUS "FIPS SQLCipher [Android] configuration:")
message(STATUS " ANDROID_NDK = ${ANDROID_NDK}")
message(STATUS " CMAKE_TOOLCHAIN_FILE = ${CMAKE_TOOLCHAIN_FILE}")
message(STATUS " ANDROID_ABI = ${ANDROID_ABI}")
message(STATUS " ANDROID_PLATFORM = ${ANDROID_PLATFORM}")
message(STATUS " OPENSSL_VERSION = ${OPENSSL_VERSION}")
message(STATUS " SQLCIPHER_VERSION = ${SQLCIPHER_VERSION}")
message(STATUS " FIPS_PARALLEL_JOBS = ${FIPS_PARALLEL_JOBS}")
message(STATUS " DIST_ABI_DIR = ${DIST_ABI_DIR}")
# ===========================================================================
# iOS
# ===========================================================================
elseif(TARGET_PLATFORM STREQUAL "iOS")
set(IOS_ARCH "arm64" CACHE STRING "Target arch: arm64 or x86_64")
set(IOS_PLATFORM "OS" CACHE STRING "OS (device) or SIMULATOR")
set(IOS_DEPLOYMENT_TARGET "15.0" CACHE STRING "Minimum iOS version")
set_property(CACHE IOS_PLATFORM PROPERTY STRINGS "OS" "SIMULATOR")
if(IOS_PLATFORM STREQUAL "OS")
set(_sdk_name "iphoneos")
set(_slice_name "ios-${IOS_ARCH}")
else()
set(_sdk_name "iphonesimulator")
set(_slice_name "ios-simulator-${IOS_ARCH}")
endif()
execute_process(
COMMAND xcrun --sdk ${_sdk_name} --show-sdk-path
OUTPUT_VARIABLE CMAKE_OSX_SYSROOT
OUTPUT_STRIP_TRAILING_WHITESPACE
RESULT_VARIABLE _xcrun_rc
)
if(NOT _xcrun_rc EQUAL 0)
message(FATAL_ERROR
"xcrun --sdk ${_sdk_name} --show-sdk-path failed. "
"Install Xcode Command Line Tools: xcode-select --install")
endif()
set(DIST_ABI_DIR "${DIST_ROOT}/${_slice_name}")
set(DIST_LIB_DIR "${DIST_ABI_DIR}/lib")
set(DIST_INCLUDE_DIR "${DIST_ABI_DIR}/include")
set(DIST_FIPS_DIR "${DIST_ABI_DIR}/fips")
file(MAKE_DIRECTORY
"${DIST_LIB_DIR}" "${DIST_INCLUDE_DIR}" "${DIST_FIPS_DIR}")
include(BuildOpenSSL_iOS)
include(BuildSQLCipher_iOS)
add_custom_target(fips_sqlcipher_ios ALL
DEPENDS sqlcipher_ios_ep
COMMAND ${CMAKE_COMMAND} -E echo ""
COMMAND ${CMAKE_COMMAND} -E echo "FIPS SQLCipher pipeline complete [iOS]"
COMMAND ${CMAKE_COMMAND} -E echo " Arch: ${IOS_ARCH}"
COMMAND ${CMAKE_COMMAND} -E echo " Platform: ${IOS_PLATFORM}"
COMMAND ${CMAKE_COMMAND} -E echo " Min iOS: ${IOS_DEPLOYMENT_TARGET}"
COMMAND ${CMAKE_COMMAND} -E echo " OpenSSL: ${OPENSSL_VERSION}"
COMMAND ${CMAKE_COMMAND} -E echo " SQLCipher: ${SQLCIPHER_VERSION}"
COMMAND ${CMAKE_COMMAND} -E echo " Artifacts: ${DIST_ABI_DIR}"
)
message(STATUS "FIPS SQLCipher [iOS] configuration:")
message(STATUS " IOS_ARCH = ${IOS_ARCH}")
message(STATUS " IOS_PLATFORM = ${IOS_PLATFORM}")
message(STATUS " IOS_DEPLOYMENT_TARGET = ${IOS_DEPLOYMENT_TARGET}")
message(STATUS " CMAKE_OSX_SYSROOT = ${CMAKE_OSX_SYSROOT}")
message(STATUS " OPENSSL_VERSION = ${OPENSSL_VERSION}")
message(STATUS " SQLCIPHER_VERSION = ${SQLCIPHER_VERSION}")
message(STATUS " FIPS_PARALLEL_JOBS = ${FIPS_PARALLEL_JOBS}")
message(STATUS " DIST_ABI_DIR = ${DIST_ABI_DIR}")
else()
message(FATAL_ERROR
"Unknown TARGET_PLATFORM: '${TARGET_PLATFORM}'. "
"Valid values: Android, iOS.")
endif()
# ===========================================================================
# Install / Export (allows find_package(FIPSSQLCipher) by downstream projects)
# ===========================================================================
include(CMakePackageConfigHelpers)
install(DIRECTORY "${DIST_ABI_DIR}/lib/"
DESTINATION lib
FILES_MATCHING
PATTERN "*.so"
PATTERN "*.a"
PATTERN "*.dylib"
)
install(DIRECTORY "${DIST_ABI_DIR}/include/"
DESTINATION include
)
install(DIRECTORY "${DIST_ABI_DIR}/fips/"
DESTINATION share/fips-sqlcipher/fips
)
install(FILES "${PROJECT_SOURCE_DIR}/include/fips_sqlcipher.h"
"${PROJECT_SOURCE_DIR}/include/fips_verify.hpp"
DESTINATION include
)
configure_package_config_file(
"${PROJECT_SOURCE_DIR}/cmake/FIPSSQLCipherConfig.cmake.in"
"${CMAKE_BINARY_DIR}/FIPSSQLCipherConfig.cmake"
INSTALL_DESTINATION lib/cmake/FIPSSQLCipher
)
write_basic_package_version_file(
"${CMAKE_BINARY_DIR}/FIPSSQLCipherConfigVersion.cmake"
VERSION ${PROJECT_VERSION}
COMPATIBILITY SameMajorVersion
)
install(FILES
"${CMAKE_BINARY_DIR}/FIPSSQLCipherConfig.cmake"
"${CMAKE_BINARY_DIR}/FIPSSQLCipherConfigVersion.cmake"
DESTINATION lib/cmake/FIPSSQLCipher
)
README.md
+370
View File
@@ -0,0 +1,370 @@
# fips-sqlcipher
A reproducible cross-compile pipeline that produces **FIPS 140-3 compliant**
OpenSSL 3.0.x + SQLCipher 4.6.x for **Android** and **iOS**. Output:
- **Android:** Self-contained AAR with `arm64-v8a` + `x86_64` shared libs,
FIPS provider module, and runtime config.
- **iOS:** Universal XCFramework (device `arm64` + simulator `arm64`/`x86_64`)
with static libs, module maps for Swift/Objective-C++, and FIPS config.
Sources are fetched automatically. CMake's `ExternalProject_Add` downloads the
OpenSSL tarball (sha256-pinned) and `git clone --depth=1`'s SQLCipher at the
configured tag. You do NOT need to vendor either source tree.
---
## Quick Start
```zsh
# 1. Install mise (one-time)
curl https://mise.run | sh
# 2. Bootstrap tooling
mise trust && mise install
# 3. Build everything
export ANDROID_NDK_ROOT="$HOME/Library/Android/sdk/ndk/26.3.11579264"
./build.sh all
# 4. Package
./build.sh package
```
---
## Environment Setup (Mise)
This repo uses [mise](https://mise.jdx.dev/) to pin deterministic versions of
all host build tools. The `.mise.toml` declares:
| Tool | Version | Purpose |
| ------- | --------- | ----------------------------------- |
| cmake | 3.29 | Build system orchestration |
| ninja | 1.12.1 | iOS cmake generator (faster builds) |
| perl | 5.40.2 | OpenSSL Configure script |
| java | temurin-17| AAR packaging (Gradle/AGP 8.x) |
| gradle | 8.10.2 | AAR packaging + test app |
**Not managed by mise** (install separately):
- Android NDK r26+ (via `sdkmanager --install "ndk;26.3.11579264"`)
- Xcode + Command Line Tools (for iOS builds)
### Installation
```zsh
# Install mise
curl https://mise.run | sh
# Add to shell (if not already)
echo 'eval "$(mise activate zsh)"' >> ~/.zshrc
source ~/.zshrc
# From repo root:
mise trust
mise install
# Verify
cmake --version # 3.29.x
ninja --version # 1.12.1
perl --version # 5.40.x
```
### Android NDK
```zsh
# Via sdkmanager
sdkmanager --install "ndk;26.3.11579264"
export ANDROID_NDK_ROOT="$HOME/Library/Android/sdk/ndk/26.3.11579264"
# Or via Android Studio:
# Settings -> Languages & Frameworks -> Android SDK -> SDK Tools -> NDK
```
---
## Build Commands
```zsh
# --- Android ---
./build.sh android # arm64-v8a (default)
ANDROID_ABI=x86_64 ./build.sh android # emulator
./build.sh all # all platforms + arches
# --- iOS ---
./build.sh ios # device arm64
./build.sh ios-simulator # simulator arm64 + x86_64
./build.sh ios-all # device + simulator
# --- Packaging ---
./build.sh package-aar # -> dist/fips-sqlcipher.aar
./build.sh package-xcframework # -> dist/FIPSSQLCipher.xcframework
./build.sh package # both
```
### Configuration Variables
| Variable | Default | Description |
| ---------------------- | ------------- | -------------------------------------- |
| `ANDROID_NDK_ROOT` | (required) | Path to NDK r26+ |
| `ANDROID_ABI` | `arm64-v8a` | `arm64-v8a`, `armeabi-v7a`, `x86_64`, `x86` |
| `ANDROID_PLATFORM` | `android-24` | Minimum Android API level |
| `OPENSSL_VERSION` | `3.0.8` | FIPS 140-2 Cert #4282 baseline |
| `SQLCIPHER_VERSION` | `v4.6.1` | SQLCipher git tag |
| `IOS_DEPLOYMENT_TARGET`| `15.0` | Minimum iOS version |
| `OPENSSL_HOST_BIN` | (unset) | Host openssl for in-tree fipsinstall |
| `BUILD_TYPE` | `Release` | CMake build type |
| `JOBS` | auto | Parallel compile jobs |
---
## Artifacts
### Android (`dist/<abi>/`)
| Path | Purpose |
| ----------------------------- | ------------------------------------ |
| `lib/libcrypto.so` | OpenSSL crypto runtime |
| `lib/libssl.so` | OpenSSL TLS runtime |
| `lib/libsqlcipher.so` | SQLCipher (FIPS probe linked in) |
| `fips/libfips.so` | FIPS provider (HMAC-protected) |
| `fips/openssl.cnf` | Runtime config activating FIPS |
| `fips/fipsmodule.cnf` | HMAC manifest (generated on-device) |
| `fips/verify_integrity.sh` | CI integrity gate |
| `fips/fips_integrity.gradle` | AGP no-strip guard |
### iOS (`dist/ios-<arch>/`)
| Path | Purpose |
| ----------------------------- | ------------------------------------ |
| `lib/libcrypto.a` | OpenSSL (static, FIPS-enabled) |
| `lib/libssl.a` | OpenSSL TLS (static) |
| `lib/libsqlcipher.a` | SQLCipher (static, FIPS probe) |
| `fips/fips.a` | FIPS provider (static, incore HMAC) |
| `fips/fips.a.sha256` | Baseline integrity hash |
### Packaged
| Path | Format |
| --------------------------------- | ----------- |
| `dist/fips-sqlcipher.aar` | Android AAR |
| `dist/FIPSSQLCipher.xcframework` | XCFramework |
---
## Android Integration (AAR)
### Gradle Setup
```kotlin
// app/build.gradle.kts
dependencies {
implementation(files("libs/fips-sqlcipher.aar"))
}
android {
packaging {
jniLibs {
useLegacyPackaging = false
keepDebugSymbols += setOf("**/libfips.so")
}
}
}
```
### Runtime Initialization
```kotlin
class FipsInitializer : Initializer<Unit> {
override fun create(context: Context) {
val fipsDir = File(context.filesDir, "fips").apply { mkdirs() }
listOf("openssl.cnf", "fipsmodule.cnf").forEach { name ->
val dst = File(fipsDir, name)
if (!dst.exists()) {
context.assets.open("fips/$name").use { src ->
dst.outputStream().use { src.copyTo(it) }
}
}
}
Env.setenv("OPENSSL_CONF", File(fipsDir, "openssl.cnf").absolutePath)
Env.setenv("FIPSMODULE_CNF", File(fipsDir, "fipsmodule.cnf").absolutePath)
Env.setenv("OPENSSL_MODULES", context.applicationInfo.nativeLibraryDir)
System.loadLibrary("crypto")
System.loadLibrary("fips")
System.loadLibrary("sqlcipher")
}
override fun dependencies(): List<Class<out Initializer<*>>> = emptyList()
}
```
---
## iOS Integration (XCFramework)
### Setup
1. Drag `FIPSSQLCipher.xcframework` into your Xcode project (or add via SPM
binary target).
2. In Build Settings, add to "Other Linker Flags": `-lz`
3. Link `Security.framework`.
4. Copy `Resources/fips/openssl.cnf` and `fipsmodule.cnf` into your app bundle.
### Swift Usage
```swift
import FIPSSQLCipher
// Set env BEFORE any OpenSSL/SQLCipher call
let fipsDir = Bundle.main.path(forResource: "fips", ofType: nil)!
setenv("OPENSSL_CONF", "\(fipsDir)/openssl.cnf", 1)
setenv("FIPSMODULE_CNF", "\(fipsDir)/fipsmodule.cnf", 1)
```
### Xcode Build Settings (FIPS Integrity)
Apply `dist/ios-arm64/fips/fips_integrity.xcconfig` or set manually:
```
STRIP_INSTALLED_PRODUCT = NO
COPY_PHASE_STRIP = NO
DEPLOYMENT_POSTPROCESSING = NO
ENABLE_BITCODE = NO
```
---
## C++ Verification
The `include/` directory ships a C++ verification class. Include path:
`-I<repo>/include` (or it's bundled in the XCFramework headers).
```cpp
#include "fips_verify.hpp"
// After opening and keying a database:
auto result = fips::Verifier::check_all(db);
assert(result.provider_active); // OSSL_PROVIDER_available(NULL, "fips")
assert(result.self_test_passed); // POST KATs passed
assert(result.cipher_fips_status); // PRAGMA cipher_fips_status == 1
```
The `fips_sqlcipher.h` header wraps all OpenSSL and SQLCipher includes in
`extern "C"` for safe C++ interop without ODR violations:
```cpp
#include "fips_sqlcipher.h" // Safe from any C++ TU
```
**C++ flag compatibility:**
- Your C++ code can freely use `-frtti`, `-fexceptions`, or disable them.
- The FIPS incore HMAC covers only the provider's `.text`/`.rodata` sections,
not your application code. C++ flags in your TUs cannot invalidate it.
- On Android, use the NDK's shared `libc++` (default) to avoid ODR violations
when multiple shared libs link against the STL.
---
## Generating `fipsmodule.cnf`
The FIPS manifest must be produced on a matching CPU architecture.
### Android (on-device)
```zsh
adb push dist/arm64-v8a/fips /data/local/tmp/fips
adb push dist/arm64-v8a/bin/openssl /data/local/tmp/fips/openssl
adb shell sh /data/local/tmp/fips/run_fipsinstall_on_device.sh
adb pull /data/local/tmp/fips/fipsmodule.cnf dist/arm64-v8a/fips/
```
### Android (host shortcut, x86_64 only)
```zsh
OPENSSL_HOST_BIN=/opt/homebrew/bin/openssl ANDROID_ABI=x86_64 ./build.sh android
```
### iOS
On macOS arm64, the device slice (`ios-arm64`) can run `fipsinstall` via
Rosetta or on a connected device. For CI, use a matching-arch runner.
---
## Integrity Verification (CI)
```zsh
# Android
dist/arm64-v8a/fips/verify_integrity.sh dist/arm64-v8a/fips/libfips.so
# After APK packaging
unzip -p app-release.apk lib/arm64-v8a/libfips.so > /tmp/libfips.so
dist/arm64-v8a/fips/verify_integrity.sh /tmp/libfips.so
shasum -a 256 /tmp/libfips.so | diff - dist/arm64-v8a/fips/libfips.so.sha256
# iOS (static module baseline)
shasum -a 256 dist/ios-arm64/fips/fips.a | diff - dist/ios-arm64/fips/fips.a.sha256
```
---
## FIPS Compliance Notes
- **Module boundary:** `libfips.so` (Android) / `fips.a` (iOS) is the sole
FIPS-validated cryptographic boundary. Everything else is a consumer.
- **Power-On Self-Tests (POST):** Required by FIPS 140-3. Run at first
`OSSL_PROVIDER_load(NULL, "fips")`. Failure aborts before any crypto API
returns.
- **Post-build mutation:** Strip, codesign with bitcode rewrite, ProGuard
native-symbol manipulation, or APK compression invalidates the HMAC.
The shipped `verify_integrity.sh` (Android) and `.sha256` baselines (iOS)
are your CI gates.
- **iOS static linking:** Since iOS prohibits `dlopen` of arbitrary dylibs in
production apps, the FIPS provider is statically linked. The incore integrity
mechanism embeds the HMAC verification into the binary itself.
- **Reproducibility:** OpenSSL tarball SHA256 is pinned in
`cmake/BuildOpenSSL.cmake`. SQLCipher git tag is pinned in
`cmake/BuildSQLCipher.cmake`. Do not bump without updating hashes and
re-running integrity baselines.
---
## Troubleshooting
| Symptom | Cause | Fix |
| ------- | ----- | --- |
| `FATAL: missing required host tools: cmake` | mise not bootstrapped | `mise trust && mise install` |
| `FATAL: export ANDROID_NDK_ROOT=...` | NDK not exported | See [Android NDK](#android-ndk) |
| Ninja not found (iOS build) | mise not activated | `eval "$(mise activate zsh)"` |
| `xcrun: error: SDK not found` | Xcode CLI tools missing | `xcode-select --install` |
| App aborts: `FIPS provider not active` | `OPENSSL_CONF` not set before first call | Move env setup earlier |
| FIPS audit fails after release packaging | AGP stripped `libfips.so` | Apply `fips_integrity.gradle` |
| XCFramework link error: `_EVP_*` undefined | Missing `-lz` or Security.framework | Add to Other Linker Flags |
---
## Project Structure
```
.mise.toml # Pinned build tools
build.sh # Orchestration (android/ios/package)
CMakeLists.txt # Android entry point
CMakeLists_iOS.cmake # iOS entry point
cmake/
BuildOpenSSL.cmake # Android OpenSSL (shared, enable-fips)
BuildOpenSSL_iOS.cmake # iOS OpenSSL (static, enable-fips)
BuildSQLCipher.cmake # Android SQLCipher
BuildSQLCipher_iOS.cmake # iOS SQLCipher
PreserveFipsIntegrity.cmake # Strip kill-switch, integrity guards
include/
fips_sqlcipher.h # C/C++ interop header (extern "C")
fips_verify.hpp # C++ FIPS verification class
packaging/
package_aar.sh # Android AAR assembly
package_xcframework.sh # iOS XCFramework assembly
tests/android-fips/ # Runtime compliance test app
dist/ # Build output (gitignored)
```
agents.md
+29
View File
@@ -0,0 +1,29 @@
# Agent: FIPS SQLCipher Build Master
## Role & Persona
You are a Senior DevOps and Systems Engineer specializing in cryptographic library orchestration. You have deep expertise in **CMake**, **Cross-Compilation (Android NDK & iOS SDK)**, and the **OpenSSL 3.x Provider Architecture**.
Your primary mission is to assist the user in a DIY build of a FIPS-compliant SQLCipher implementation for mobile platforms. You understand that "simplicity" in FIPS is achieved through rigorous automation and adherence to the NIST Security Policy.
## Technical Constraints & Directives
1. **Tooling Choice**: Prioritize **CMake** as the primary build system. While the user has used Bazel, you will focus on CMake for its native integration with Android NDK and Xcode.
2. **OpenSSL Version**: Exclusively use **OpenSSL 3.0+**. You must guide the user through the "Provider" model where the FIPS module (`fips.so`/`fips.dll`) is a separate, dynamically loadable entity.
3. **Integrity Preservation**: You must warn the user before any step that might alter the binary after the `fipsinstall` step (e.g., stripping symbols, re-linking, or code-signing changes), as these will break the mandatory HMAC integrity check.
4. **Mobile Packaging**:
- **Android**: Ensure the build prevents the FIPS module from being compressed inside the APK (use `extractNativeLibs="true"`).
- **iOS**: Orchestrate the creation of an `.xcframework` that bundles the FIPS provider in a compliant path.
5. **Syntax Rules**: Avoid em-dashes and fancy quotes. Use clean, copy-pasteable shell scripts and CMake logic.
## Knowledge Base
- **FIPS 140-3**: Knowledge of the transition from 140-2 to 140-3, specifically the requirement for Power-On Self-Tests (POST).
- **SQLCipher Core**: Understanding of `SQLITE_HAS_CODEC` and the specific preprocessor macros needed to redirect crypto calls to the OpenSSL FIPS provider.
- **Architectures**: Support for `arm64-v8a`, `x86_64` (Android), and `arm64`, `x86_64-simulator` (iOS).
## Response Protocol
- **No Dumbing Down**: The user is a technical Software Development Advisor with home lab experience. Provide raw compiler flags, linker scripts, and toolchain configurations.
- **Follow-up Habit**: Always ask for the specific target ABI or NDK version before providing large code blocks to ensure accuracy.
- **Verification**: Always include a "Verification" step in your build instructions (e.g., how to run `ldd` or `readelf` to check for FIPS provider linkage).
## Example Commands
- **OpenSSL Config**: `./Configure android-arm64 -D__ANDROID_API__=24 enable-fips shared`
- **SQLCipher CMAKE**: `cmake -DOPENSSL_ROOT_DIR=/path/to/fips_prefix -DSQLITE_HAS_CODEC=1 ..`
build.sh
Executable
+323
View File
@@ -0,0 +1,323 @@
#!/usr/bin/env bash
# ---------------------------------------------------------------------------
# build.sh -- FIPS SQLCipher cross-compile orchestrator
#
# Supports Android (NDK) and iOS (Xcode) targets, plus packaging into
# AAR (Android) and XCFramework (iOS).
#
# Subcommands:
# ./build.sh # Android arm64-v8a (default)
# ./build.sh android # Android (respects ANDROID_ABI env)
# ./build.sh ios # iOS device arm64
# ./build.sh ios-simulator # iOS simulator arm64 + x86_64
# ./build.sh ios-all # Device + both simulator arches
# ./build.sh all # Android arm64+x86_64 + iOS all
# ./build.sh package-aar # Package Android artifacts into AAR
# ./build.sh package-xcframework # Package iOS artifacts into XCFramework
# ./build.sh package # Both AAR + XCFramework
#
# Required (Android):
# ANDROID_NDK_ROOT Path to NDK r26+ (sets ANDROID_NDK for CMake)
#
# Required (iOS):
# Xcode + Command Line Tools (xcrun must resolve)
#
# Optional (with defaults):
# ANDROID_ABI arm64-v8a
# ANDROID_PLATFORM android-24
# OPENSSL_VERSION 3.0.8
# SQLCIPHER_VERSION v4.6.1
# IOS_DEPLOYMENT_TARGET 15.0
# CMAKE_TOOLCHAIN_FILE $ANDROID_NDK_ROOT/build/cmake/android.toolchain.cmake
# OPENSSL_HOST_BIN Host openssl binary (enables in-tree fipsinstall
# when host arch == target arch)
# BUILD_TYPE Release
# JOBS auto-detected
#
# Usage:
# ANDROID_NDK_ROOT=$HOME/Library/Android/sdk/ndk/26.3.11579264 ./build.sh
# ANDROID_ABI=x86_64 ./build.sh android
# ./build.sh ios-all
# ./build.sh all
# ./build.sh package
# ---------------------------------------------------------------------------
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
SUBCOMMAND="${1:-android}"
# ---------------------------------------------------------------------------
# Pre-flight: required host tooling
# ---------------------------------------------------------------------------
doctor() {
local missing=()
local tool
local tools=(cmake perl make git)
case "${SUBCOMMAND}" in
ios*) tools+=(xcrun xcodebuild) ;;
esac
for tool in "${tools[@]}"; do
if ! command -v "${tool}" >/dev/null 2>&1; then
missing+=("${tool}")
fi
done
if [ "${#missing[@]}" -gt 0 ]; then
echo "FATAL: missing required host tools: ${missing[*]}" >&2
if [ -f "${SCRIPT_DIR}/mise.toml" ] || [ -f "${SCRIPT_DIR}/.mise.toml" ]; then
echo "Hint: this repo ships a mise.toml. Run:" >&2
echo " mise trust && mise install" >&2
echo " then re-run ./build.sh." >&2
fi
exit 127
fi
}
doctor
# ---------------------------------------------------------------------------
# Shared inputs
# ---------------------------------------------------------------------------
: "${OPENSSL_VERSION:=3.0.8}"
: "${SQLCIPHER_VERSION:=v4.6.1}"
: "${OPENSSL_HOST_BIN:=}"
: "${BUILD_TYPE:=Release}"
: "${IOS_DEPLOYMENT_TARGET:=17.0}"
if command -v nproc >/dev/null 2>&1; then
JOBS="${JOBS:-$(nproc)}"
elif command -v sysctl >/dev/null 2>&1; then
JOBS="${JOBS:-$(sysctl -n hw.ncpu)}"
else
JOBS="${JOBS:-4}"
fi
_uname_s=$(uname -s)
_uname_m=$(uname -m)
# ===========================================================================
# ANDROID BUILD
# ===========================================================================
build_android() {
local abi="${1:-${ANDROID_ABI:-arm64-v8a}}"
: "${ANDROID_NDK_ROOT:?FATAL: export ANDROID_NDK_ROOT=<path/to/ndk>}"
local platform="${ANDROID_PLATFORM:-android-24}"
local toolchain_file="${CMAKE_TOOLCHAIN_FILE:-${ANDROID_NDK_ROOT}/build/cmake/android.toolchain.cmake}"
if [ ! -f "${toolchain_file}" ]; then
echo "FATAL: CMAKE_TOOLCHAIN_FILE not found: ${toolchain_file}" >&2
exit 1
fi
# NDK host tag
local ndk_host_tag
case "${_uname_s}" in
Darwin)
if [ -d "${ANDROID_NDK_ROOT}/toolchains/llvm/prebuilt/darwin-arm64" ]; then
ndk_host_tag="darwin-arm64"
else
ndk_host_tag="darwin-x86_64"
fi
;;
Linux) ndk_host_tag="linux-x86_64" ;;
*) echo "FATAL: Unsupported host OS: ${_uname_s}" >&2; exit 1 ;;
esac
local ndk_toolchain="${ANDROID_NDK_ROOT}/toolchains/llvm/prebuilt/${ndk_host_tag}"
if [ ! -x "${ndk_toolchain}/bin/clang" ]; then
echo "FATAL: NDK clang not found at ${ndk_toolchain}/bin/clang" >&2
exit 1
fi
export PATH="${ndk_toolchain}/bin:${PATH}"
export ANDROID_NDK="${ANDROID_NDK_ROOT}"
export OPENSSL_HOST_BIN
local build_dir="${SCRIPT_DIR}/build/${abi}"
local dist_dir="${SCRIPT_DIR}/dist/${abi}"
cat <<EOF
================================================================
FIPS SQLCipher build [Android]
----------------------------------------------------------------
Host: ${_uname_s}/${_uname_m} (ndk: ${ndk_host_tag})
ABI: ${abi}
API: ${platform}
NDK: ${ANDROID_NDK_ROOT}
OpenSSL: ${OPENSSL_VERSION}
SQLCipher: ${SQLCIPHER_VERSION}
Jobs: ${JOBS}
================================================================
EOF
mkdir -p "${build_dir}" "${dist_dir}"
cmake -S "${SCRIPT_DIR}" -B "${build_dir}" -G "Unix Makefiles" \
-DCMAKE_BUILD_TYPE="${BUILD_TYPE}" \
-DCMAKE_TOOLCHAIN_FILE="${toolchain_file}" \
-DANDROID_NDK="${ANDROID_NDK_ROOT}" \
-DANDROID_ABI="${abi}" \
-DANDROID_PLATFORM="${platform}" \
-DOPENSSL_VERSION="${OPENSSL_VERSION}" \
-DSQLCIPHER_VERSION="${SQLCIPHER_VERSION}"
cmake --build "${build_dir}" --parallel "${JOBS}"
# Post-build integrity audit
echo ""
echo "--- Artifact listing: ${dist_dir} ---"
find "${dist_dir}" -maxdepth 3 -type f \
\( -name '*.so' -o -name '*.a' -o -name '*.cnf' -o -name '*.sh' \
-o -name '*.gradle' -o -name '*.xcconfig' -o -name '*.sha256' \) \
-print
if [ -x "${dist_dir}/fips/verify_integrity.sh" ] && \
[ -f "${dist_dir}/fips/libfips.so" ]; then
echo ""
"${dist_dir}/fips/verify_integrity.sh" "${dist_dir}/fips/libfips.so"
fi
if [ -f "${dist_dir}/lib/libsqlcipher.so" ] && \
command -v "${ndk_toolchain}/bin/llvm-readelf" >/dev/null 2>&1; then
echo ""
echo "--- libsqlcipher.so dependency audit ---"
"${ndk_toolchain}/bin/llvm-readelf" -d "${dist_dir}/lib/libsqlcipher.so" \
| grep -E '(NEEDED|SONAME|RUNPATH|RPATH)' || true
fi
}
# ===========================================================================
# iOS BUILD (single slice)
# ===========================================================================
build_ios_slice() {
local arch="$1" # arm64 | x86_64
local platform="$2" # OS | SIMULATOR
if [ "${platform}" = "OS" ]; then
local slice_name="ios-${arch}"
else
local slice_name="ios-simulator-${arch}"
fi
local build_dir="${SCRIPT_DIR}/build/${slice_name}"
local dist_dir="${SCRIPT_DIR}/dist/${slice_name}"
cat <<EOF
================================================================
FIPS SQLCipher build [iOS]
----------------------------------------------------------------
Arch: ${arch}
Platform: ${platform}
Min iOS: ${IOS_DEPLOYMENT_TARGET}
OpenSSL: ${OPENSSL_VERSION}
SQLCipher: ${SQLCIPHER_VERSION}
Jobs: ${JOBS}
================================================================
EOF
mkdir -p "${build_dir}" "${dist_dir}"
cmake -S "${SCRIPT_DIR}" -B "${build_dir}" -G "Ninja" \
-DCMAKE_BUILD_TYPE="${BUILD_TYPE}" \
-DTARGET_PLATFORM=iOS \
-DIOS_ARCH="${arch}" \
-DIOS_PLATFORM="${platform}" \
-DIOS_DEPLOYMENT_TARGET="${IOS_DEPLOYMENT_TARGET}" \
-DOPENSSL_VERSION="${OPENSSL_VERSION}" \
-DSQLCIPHER_VERSION="${SQLCIPHER_VERSION}"
cmake --build "${build_dir}" --parallel "${JOBS}"
echo ""
echo "--- Artifact listing: ${dist_dir} ---"
find "${dist_dir}" -maxdepth 3 -type f \
\( -name '*.a' -o -name '*.dylib' -o -name '*.cnf' -o -name '*.sha256' \) \
-print
if [ -f "${dist_dir}/fips/fips.dylib.sha256" ]; then
echo ""
echo "--- FIPS provider module baseline ---"
cat "${dist_dir}/fips/fips.dylib.sha256"
fi
}
# ===========================================================================
# DISPATCH
# ===========================================================================
case "${SUBCOMMAND}" in
android|"")
build_android "${ANDROID_ABI:-arm64-v8a}"
;;
ios)
build_ios_slice arm64 OS
;;
ios-simulator)
build_ios_slice arm64 SIMULATOR
build_ios_slice x86_64 SIMULATOR
;;
ios-all)
build_ios_slice arm64 OS
build_ios_slice arm64 SIMULATOR
build_ios_slice x86_64 SIMULATOR
;;
all)
build_android arm64-v8a
build_android x86_64
build_ios_slice arm64 OS
build_ios_slice arm64 SIMULATOR
build_ios_slice x86_64 SIMULATOR
;;
package-aar)
exec "${SCRIPT_DIR}/packaging/package_aar.sh"
;;
package-xcframework)
exec "${SCRIPT_DIR}/packaging/package_xcframework.sh"
;;
package)
"${SCRIPT_DIR}/packaging/package_aar.sh"
"${SCRIPT_DIR}/packaging/package_xcframework.sh"
# Stage final distributable artifacts into out/
out_dir="${SCRIPT_DIR}/out"
rm -rf "${out_dir}"
mkdir -p "${out_dir}/android" "${out_dir}/ios" "${out_dir}/include" "${out_dir}/src"
cp "${SCRIPT_DIR}/dist/fips-sqlcipher.aar" "${out_dir}/android/"
cp -R "${SCRIPT_DIR}/dist/FIPSSQLCipher.xcframework" "${out_dir}/ios/"
cp "${SCRIPT_DIR}/include/fips_init.h" "${out_dir}/include/"
cp "${SCRIPT_DIR}/include/fips_sqlcipher.h" "${out_dir}/include/"
cp "${SCRIPT_DIR}/include/fips_verify.hpp" "${out_dir}/include/"
cp "${SCRIPT_DIR}/src/fips_init.c" "${out_dir}/src/"
cp "${SCRIPT_DIR}/src/fips_init_android.c" "${out_dir}/src/"
cp "${SCRIPT_DIR}/src/fips_init_ios.c" "${out_dir}/src/"
cp "${SCRIPT_DIR}/install.md" "${out_dir}/"
echo ""
echo "Final artifacts staged in: ${out_dir}/"
;;
*)
echo "Unknown subcommand: ${SUBCOMMAND}" >&2
echo "Usage: ./build.sh [android|ios|ios-simulator|ios-all|all|package-aar|package-xcframework|package]" >&2
exit 1
;;
esac
cat <<EOF
================================================================
BUILD COMPLETE
================================================================
Subcommand: ${SUBCOMMAND}
Dist root: ${SCRIPT_DIR}/dist/
Packaging:
./build.sh package-aar # -> dist/fips-sqlcipher.aar
./build.sh package-xcframework # -> dist/FIPSSQLCipher.xcframework
./build.sh package # Both
EOF
cmake/BuildOpenSSL.cmake
+193
View File
@@ -0,0 +1,193 @@
# ---------------------------------------------------------------------------
# BuildOpenSSL.cmake
#
# Cross-compile OpenSSL 3.0.x with enable-fips for the Android NDK.
#
# Requires (set by parent before include):
# ANDROID_NDK, ANDROID_ABI, ANDROID_PLATFORM,
# DIST_LIB_DIR, DIST_INCLUDE_DIR, DIST_FIPS_DIR, DIST_ABI_DIR
#
# Provides (visible to subsequent includes via parent scope):
# NDK_TOOLCHAIN, NDK_HOST_TAG, ANDROID_API_NUM, OPENSSL_INSTALL
# ---------------------------------------------------------------------------
set(OPENSSL_STAGE "${CMAKE_BINARY_DIR}/openssl-${OPENSSL_VERSION}")
set(OPENSSL_INSTALL "${OPENSSL_STAGE}/install")
# ---------------------------------------------------------------------------
# Resolve NDK toolchain directory
# ---------------------------------------------------------------------------
if(CMAKE_HOST_APPLE)
if(EXISTS "${ANDROID_NDK}/toolchains/llvm/prebuilt/darwin-arm64/bin/clang")
set(NDK_HOST_TAG "darwin-arm64")
else()
set(NDK_HOST_TAG "darwin-x86_64")
endif()
elseif(CMAKE_HOST_SYSTEM_NAME STREQUAL "Linux")
set(NDK_HOST_TAG "linux-x86_64")
else()
message(FATAL_ERROR "Unsupported host for NDK: ${CMAKE_HOST_SYSTEM_NAME}")
endif()
set(NDK_TOOLCHAIN "${ANDROID_NDK}/toolchains/llvm/prebuilt/${NDK_HOST_TAG}")
if(NOT EXISTS "${NDK_TOOLCHAIN}/bin/clang")
message(FATAL_ERROR
"NDK toolchain clang not found: ${NDK_TOOLCHAIN}/bin/clang. "
"Verify ANDROID_NDK and host tag (${NDK_HOST_TAG}).")
endif()
# ---------------------------------------------------------------------------
# Map ABI -> OpenSSL Configure target
# ---------------------------------------------------------------------------
if(ANDROID_ABI STREQUAL "arm64-v8a")
set(OSSL_TARGET "android-arm64")
elseif(ANDROID_ABI STREQUAL "armeabi-v7a")
set(OSSL_TARGET "android-arm")
elseif(ANDROID_ABI STREQUAL "x86_64")
set(OSSL_TARGET "android-x86_64")
elseif(ANDROID_ABI STREQUAL "x86")
set(OSSL_TARGET "android-x86")
else()
message(FATAL_ERROR "Unsupported ANDROID_ABI: ${ANDROID_ABI}")
endif()
string(REGEX REPLACE "^android-" "" ANDROID_API_NUM "${ANDROID_PLATFORM}")
# ---------------------------------------------------------------------------
# Build environment
# ---------------------------------------------------------------------------
set(OSSL_ENV
"PATH=${NDK_TOOLCHAIN}/bin:$ENV{PATH}"
"ANDROID_NDK_ROOT=${ANDROID_NDK}"
"CC=${NDK_TOOLCHAIN}/bin/clang"
"CXX=${NDK_TOOLCHAIN}/bin/clang++"
"AR=${NDK_TOOLCHAIN}/bin/llvm-ar"
"RANLIB=${NDK_TOOLCHAIN}/bin/llvm-ranlib"
"NM=${NDK_TOOLCHAIN}/bin/llvm-nm"
"STRIP=${FIPS_NOOP_STRIP}"
)
# URL_HASH from shared config
fips_url_hash_args(_url_hash_arg)
# ---------------------------------------------------------------------------
# openssl_ep
# ---------------------------------------------------------------------------
ExternalProject_Add(openssl_ep
URL "${OPENSSL_SRC_URL}"
${_url_hash_arg}
PREFIX "${OPENSSL_STAGE}"
INSTALL_DIR "${OPENSSL_INSTALL}"
BUILD_IN_SOURCE 1
DOWNLOAD_EXTRACT_TIMESTAMP TRUE
CONFIGURE_COMMAND ${CMAKE_COMMAND} -E env ${OSSL_ENV}
./Configure ${OSSL_TARGET}
-D__ANDROID_API__=${ANDROID_API_NUM}
-Wl,-z,max-page-size=16384
--prefix=${OPENSSL_INSTALL}
--openssldir=${OPENSSL_INSTALL}/ssl
--libdir=lib
enable-fips
shared
no-tests
no-engine
BUILD_COMMAND ${CMAKE_COMMAND} -E env ${OSSL_ENV}
make -j${FIPS_PARALLEL_JOBS} build_sw
INSTALL_COMMAND ${CMAKE_COMMAND} -E env ${OSSL_ENV}
make install_sw install_fips
)
# ---------------------------------------------------------------------------
# Generate helper scripts at configure time
# ---------------------------------------------------------------------------
set(FIPS_SO_SRC "${OPENSSL_INSTALL}/lib/ossl-modules/fips.so")
set(FIPSMOD_CNF "${DIST_FIPS_DIR}/fipsmodule.cnf")
file(WRITE "${DIST_FIPS_DIR}/run_fipsinstall_on_device.sh" [=[
#!/system/bin/sh
set -e
DIR=$(cd "$(dirname "$0")" && pwd)
"$DIR/openssl" fipsinstall \
-module "$DIR/libfips.so" \
-out "$DIR/fipsmodule.cnf" \
-provider_name fips \
-section_name fips_sect
echo "fipsmodule.cnf written to $DIR/fipsmodule.cnf"
]=])
file(CHMOD "${DIST_FIPS_DIR}/run_fipsinstall_on_device.sh"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE
GROUP_READ GROUP_EXECUTE
WORLD_READ WORLD_EXECUTE)
file(WRITE "${DIST_FIPS_DIR}/openssl.cnf" [=[
# Minimal config for programmatic FIPS activation via fips_init_android().
# The FIPS provider is loaded explicitly at runtime — this config just sets
# OPENSSL_MODULES so the provider .so can be found by OSSL_PROVIDER_load().
openssl_conf = openssl_init
[openssl_init]
providers = provider_sect
[provider_sect]
base = base_sect
[base_sect]
activate = 1
]=])
# ---------------------------------------------------------------------------
# Stage OpenSSL artifacts into dist/<abi>
# ---------------------------------------------------------------------------
set(DIST_BIN_DIR "${DIST_ABI_DIR}/bin")
file(MAKE_DIRECTORY "${DIST_BIN_DIR}")
ExternalProject_Add_Step(openssl_ep stage_dist
DEPENDEES install
COMMAND ${CMAKE_COMMAND} -E copy_directory
${OPENSSL_INSTALL}/lib ${DIST_LIB_DIR}
COMMAND ${CMAKE_COMMAND} -E copy_directory
${OPENSSL_INSTALL}/include ${DIST_INCLUDE_DIR}
COMMAND ${CMAKE_COMMAND} -E copy
${FIPS_SO_SRC} ${DIST_FIPS_DIR}/libfips.so
COMMAND ${CMAKE_COMMAND} -E copy
${OPENSSL_INSTALL}/bin/openssl ${DIST_BIN_DIR}/openssl
COMMENT "Staging OpenSSL + FIPS provider into ${DIST_ABI_DIR}"
)
# ---------------------------------------------------------------------------
# Host-side fipsinstall attempt
# ---------------------------------------------------------------------------
set(GEN_FIPS_CNF_SH "${CMAKE_BINARY_DIR}/gen_fips_cnf.sh")
file(WRITE "${GEN_FIPS_CNF_SH}" [=[
#!/bin/sh
if [ -n "${OPENSSL_HOST_BIN}" ] && [ -x "${OPENSSL_HOST_BIN}" ]; then
if "${OPENSSL_HOST_BIN}" fipsinstall \
-module "${FIPS_SO}" \
-out "${OUT}" \
-provider_name fips \
-section_name fips_sect; then
echo 'fipsmodule.cnf generated via host openssl'
else
echo 'WARN: host fipsinstall failed (arch mismatch?). Use on-device helper.'
fi
else
echo 'NOTE: OPENSSL_HOST_BIN unset. Generate fipsmodule.cnf via run_fipsinstall_on_device.sh.'
fi
]=])
file(CHMOD "${GEN_FIPS_CNF_SH}"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE)
ExternalProject_Add_Step(openssl_ep gen_fips_cnf
DEPENDEES stage_dist
COMMAND ${CMAKE_COMMAND} -E env
"OPENSSL_HOST_BIN=$ENV{OPENSSL_HOST_BIN}"
"FIPS_SO=${DIST_FIPS_DIR}/libfips.so"
"OUT=${FIPSMOD_CNF}"
/bin/sh "${GEN_FIPS_CNF_SH}"
COMMENT "fipsinstall: generating fipsmodule.cnf (NIST HMAC manifest)"
)
preserve_fips_integrity("${DIST_FIPS_DIR}/libfips.so" openssl_ep)
cmake/BuildOpenSSL_iOS.cmake
+109
View File
@@ -0,0 +1,109 @@
# ---------------------------------------------------------------------------
# BuildOpenSSL_iOS.cmake
#
# Cross-compile OpenSSL 3.0.x with enable-fips for iOS (device + simulator).
# Produces STATIC libraries (App Store prohibits dlopen of arbitrary dylibs).
# FIPS integrity enforced via incore HMAC mechanism.
#
# Requires (set by parent CMakeLists.txt):
# OPENSSL_VERSION, IOS_ARCH, IOS_PLATFORM, IOS_DEPLOYMENT_TARGET,
# CMAKE_OSX_SYSROOT, DIST_ABI_DIR, DIST_LIB_DIR, DIST_INCLUDE_DIR,
# DIST_FIPS_DIR
#
# Uses from FIPSConfig.cmake:
# OPENSSL_SRC_URL, OPENSSL_URL_HASH, FIPS_PARALLEL_JOBS, fips_url_hash_args()
# ---------------------------------------------------------------------------
set(OPENSSL_STAGE "${CMAKE_BINARY_DIR}/openssl-${OPENSSL_VERSION}")
set(OPENSSL_INSTALL "${OPENSSL_STAGE}/install")
# ---------------------------------------------------------------------------
# Map IOS_ARCH + IOS_PLATFORM -> OpenSSL Configure target
# ---------------------------------------------------------------------------
if(IOS_PLATFORM STREQUAL "OS" AND IOS_ARCH STREQUAL "arm64")
set(OSSL_TARGET "ios64-xcrun")
set(OSSL_EXTRA_FLAGS "")
set(OSSL_MIN_VERSION_FLAG "-mios-version-min=${IOS_DEPLOYMENT_TARGET}")
elseif(IOS_PLATFORM STREQUAL "SIMULATOR" AND IOS_ARCH STREQUAL "arm64")
set(OSSL_TARGET "iossimulator-xcrun")
set(OSSL_EXTRA_FLAGS "-arch arm64")
set(OSSL_MIN_VERSION_FLAG "-mios-simulator-version-min=${IOS_DEPLOYMENT_TARGET}")
elseif(IOS_PLATFORM STREQUAL "SIMULATOR" AND IOS_ARCH STREQUAL "x86_64")
set(OSSL_TARGET "iossimulator-xcrun")
set(OSSL_EXTRA_FLAGS "-arch x86_64")
set(OSSL_MIN_VERSION_FLAG "-mios-simulator-version-min=${IOS_DEPLOYMENT_TARGET}")
else()
message(FATAL_ERROR "Unsupported IOS_PLATFORM/IOS_ARCH: ${IOS_PLATFORM}/${IOS_ARCH}")
endif()
# URL_HASH from shared config
fips_url_hash_args(_url_hash_arg)
# ---------------------------------------------------------------------------
# openssl_ios_ep
# ---------------------------------------------------------------------------
ExternalProject_Add(openssl_ios_ep
URL "${OPENSSL_SRC_URL}"
${_url_hash_arg}
PREFIX "${OPENSSL_STAGE}"
INSTALL_DIR "${OPENSSL_INSTALL}"
BUILD_IN_SOURCE 1
DOWNLOAD_EXTRACT_TIMESTAMP TRUE
CONFIGURE_COMMAND ./Configure ${OSSL_TARGET}
${OSSL_MIN_VERSION_FLAG}
--prefix=${OPENSSL_INSTALL}
--openssldir=${OPENSSL_INSTALL}/ssl
--libdir=lib
enable-fips
no-shared
no-tests
no-engine
no-async
${OSSL_EXTRA_FLAGS}
BUILD_COMMAND make -j${FIPS_PARALLEL_JOBS} build_sw
INSTALL_COMMAND make install_sw install_fips
)
# ---------------------------------------------------------------------------
# Stage into dist/<platform>-<arch>/
# ---------------------------------------------------------------------------
ExternalProject_Add_Step(openssl_ios_ep stage_dist
DEPENDEES install
COMMAND ${CMAKE_COMMAND} -E copy_directory
${OPENSSL_INSTALL}/lib ${DIST_LIB_DIR}
COMMAND ${CMAKE_COMMAND} -E copy_directory
${OPENSSL_INSTALL}/include ${DIST_INCLUDE_DIR}
COMMAND ${CMAKE_COMMAND} -E copy_if_different
${OPENSSL_INSTALL}/lib/ossl-modules/fips.dylib
${DIST_FIPS_DIR}/fips.dylib
COMMENT "Staging OpenSSL iOS (${IOS_ARCH}) into ${DIST_ABI_DIR}"
)
# Record baseline integrity hash
set(_lock_sh "${CMAKE_BINARY_DIR}/lock_fips_ios.sh")
file(WRITE "${_lock_sh}" [=[
#!/bin/sh
set -eu
MOD="$1"
OUT="$2"
if [ -f "$MOD" ]; then
if command -v sha256sum >/dev/null 2>&1; then
sha256sum "$MOD" > "$OUT"
else
shasum -a 256 "$MOD" > "$OUT"
fi
fi
]=])
file(CHMOD "${_lock_sh}"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE)
ExternalProject_Add_Step(openssl_ios_ep lock_fips
DEPENDEES stage_dist
COMMAND /bin/sh "${_lock_sh}"
"${DIST_FIPS_DIR}/fips.dylib"
"${DIST_FIPS_DIR}/fips.dylib.sha256"
COMMENT "Recording FIPS provider dylib baseline sha256"
)
cmake/BuildSQLCipher.cmake
+167
View File
@@ -0,0 +1,167 @@
# ---------------------------------------------------------------------------
# BuildSQLCipher.cmake
#
# Build SQLCipher from git, linking against the FIPS-enabled libcrypto built
# by BuildOpenSSL.cmake.
#
# Requires (set by BuildOpenSSL.cmake or parent):
# NDK_TOOLCHAIN, NDK_HOST_TAG, ANDROID_API_NUM, OPENSSL_INSTALL,
# ANDROID_ABI, DIST_LIB_DIR, DIST_INCLUDE_DIR, DIST_ABI_DIR
#
# Provides:
# sqlcipher_ep target
# ---------------------------------------------------------------------------
set(SQLCIPHER_REPO
"https://github.com/sqlcipher/sqlcipher.git"
CACHE STRING "SQLCipher git repository")
set(SQLCIPHER_STAGE "${CMAKE_BINARY_DIR}/sqlcipher-${SQLCIPHER_VERSION}")
set(SQLCIPHER_INSTALL "${SQLCIPHER_STAGE}/install")
# ---------------------------------------------------------------------------
# ABI -> clang wrapper + autoconf host triple
# ---------------------------------------------------------------------------
if(ANDROID_ABI STREQUAL "arm64-v8a")
set(SQLCIPHER_CC "${NDK_TOOLCHAIN}/bin/aarch64-linux-android${ANDROID_API_NUM}-clang")
set(SQLCIPHER_HOST "aarch64-linux-android")
elseif(ANDROID_ABI STREQUAL "armeabi-v7a")
set(SQLCIPHER_CC "${NDK_TOOLCHAIN}/bin/armv7a-linux-androideabi${ANDROID_API_NUM}-clang")
set(SQLCIPHER_HOST "armv7a-linux-androideabi")
elseif(ANDROID_ABI STREQUAL "x86_64")
set(SQLCIPHER_CC "${NDK_TOOLCHAIN}/bin/x86_64-linux-android${ANDROID_API_NUM}-clang")
set(SQLCIPHER_HOST "x86_64-linux-android")
elseif(ANDROID_ABI STREQUAL "x86")
set(SQLCIPHER_CC "${NDK_TOOLCHAIN}/bin/i686-linux-android${ANDROID_API_NUM}-clang")
set(SQLCIPHER_HOST "i686-linux-android")
else()
message(FATAL_ERROR "Unsupported ANDROID_ABI: ${ANDROID_ABI}")
endif()
# ---------------------------------------------------------------------------
# CFLAGS / LDFLAGS
# ---------------------------------------------------------------------------
set(_cflags_list
"-DSQLITE_HAS_CODEC"
"-DSQLITE_TEMP_STORE=2"
"-DSQLCIPHER_CRYPTO_OPENSSL"
"-DSQLITE_THREADSAFE=1"
"-DSQLITE_ENABLE_COLUMN_METADATA"
"-DSQLITE_ENABLE_FTS5"
"-DSQLITE_ENABLE_RTREE"
"-DSQLITE_ENABLE_LOAD_EXTENSION"
"-DHAVE_USLEEP=1"
"-DNDEBUG=1"
"-I${DIST_INCLUDE_DIR}"
"-fPIC"
"-O2"
"-fstack-protector-strong"
)
if(FIPS_DEVELOPER_MODE)
list(APPEND _cflags_list "-Wall" "-Wextra")
endif()
string(REPLACE ";" " " _cflags_str "${_cflags_list}")
set(_ldflags_list
"-L${DIST_LIB_DIR}"
"-lcrypto"
"-llog"
"-Wl,--no-undefined"
"-Wl,-rpath,\\$$ORIGIN"
"-Wl,-z,noexecstack"
"-Wl,-z,relro"
"-Wl,-z,now"
"-Wl,-z,max-page-size=16384"
)
string(REPLACE ";" " " _ldflags_str "${_ldflags_list}")
set(SQLCIPHER_ENV
"PATH=${NDK_TOOLCHAIN}/bin:$ENV{PATH}"
"CC=${SQLCIPHER_CC}"
"AR=${NDK_TOOLCHAIN}/bin/llvm-ar"
"RANLIB=${NDK_TOOLCHAIN}/bin/llvm-ranlib"
"NM=${NDK_TOOLCHAIN}/bin/llvm-nm"
"STRIP=${FIPS_NOOP_STRIP}"
"CFLAGS=${_cflags_str}"
"LDFLAGS=${_ldflags_str}"
)
# ---------------------------------------------------------------------------
# FIPS runtime probe (from shared FIPSConfig)
# ---------------------------------------------------------------------------
fips_generate_probe_source(FIPS_PROBE_C "${CMAKE_BINARY_DIR}/fips_runtime_probe.c")
set(FIPS_PROBE_OBJ "${CMAKE_BINARY_DIR}/fips_runtime_probe.o")
set(FIPS_PROBE_AR "${CMAKE_BINARY_DIR}/libfips_probe.a")
set(_probe_cflags "-fPIC" "-O2")
if(FIPS_DEVELOPER_MODE)
list(APPEND _probe_cflags "-Wall" "-Wextra" "-Werror")
endif()
add_custom_command(
OUTPUT "${FIPS_PROBE_AR}"
DEPENDS "${FIPS_PROBE_C}" openssl_ep
COMMAND "${SQLCIPHER_CC}"
-c "${FIPS_PROBE_C}"
-I "${DIST_INCLUDE_DIR}"
${_probe_cflags}
-o "${FIPS_PROBE_OBJ}"
COMMAND "${NDK_TOOLCHAIN}/bin/llvm-ar"
rcs "${FIPS_PROBE_AR}" "${FIPS_PROBE_OBJ}"
COMMENT "Compiling FIPS runtime probe -> libfips_probe.a"
)
add_custom_target(fips_probe DEPENDS "${FIPS_PROBE_AR}")
# Inject probe via --whole-archive
list(FILTER SQLCIPHER_ENV EXCLUDE REGEX "^LDFLAGS=")
list(APPEND SQLCIPHER_ENV
"LDFLAGS=${_ldflags_str} -Wl,--whole-archive,${FIPS_PROBE_AR},--no-whole-archive"
)
# ---------------------------------------------------------------------------
# sqlcipher_ep
# ---------------------------------------------------------------------------
ExternalProject_Add(sqlcipher_ep
DEPENDS openssl_ep fips_probe
GIT_REPOSITORY "${SQLCIPHER_REPO}"
GIT_TAG "${SQLCIPHER_VERSION}"
GIT_SHALLOW 1
PREFIX "${SQLCIPHER_STAGE}"
INSTALL_DIR "${SQLCIPHER_INSTALL}"
BUILD_IN_SOURCE 1
CONFIGURE_COMMAND ${CMAKE_COMMAND} -E env ${SQLCIPHER_ENV}
./configure
--host=${SQLCIPHER_HOST}
--prefix=${SQLCIPHER_INSTALL}
--enable-shared
--enable-static
--disable-tcl
--with-crypto-lib=openssl
BUILD_COMMAND ${CMAKE_COMMAND} -E env ${SQLCIPHER_ENV}
make -j${FIPS_PARALLEL_JOBS}
INSTALL_COMMAND ${CMAKE_COMMAND} -E env ${SQLCIPHER_ENV}
make install
)
# ---------------------------------------------------------------------------
# Stage SQLCipher artifacts
# ---------------------------------------------------------------------------
ExternalProject_Add_Step(sqlcipher_ep stage_dist
DEPENDEES install
COMMAND ${CMAKE_COMMAND} -E copy_if_different
${SQLCIPHER_INSTALL}/lib/libsqlcipher.so
${DIST_LIB_DIR}/libsqlcipher.so
COMMAND ${CMAKE_COMMAND} -E copy_if_different
${SQLCIPHER_INSTALL}/lib/libsqlcipher.a
${DIST_LIB_DIR}/libsqlcipher.a
COMMAND ${CMAKE_COMMAND} -E copy_directory
${SQLCIPHER_INSTALL}/include
${DIST_INCLUDE_DIR}
COMMENT "Staging SQLCipher artifacts into ${DIST_ABI_DIR}"
)
cmake/BuildSQLCipher_iOS.cmake
+170
View File
@@ -0,0 +1,170 @@
# ---------------------------------------------------------------------------
# BuildSQLCipher_iOS.cmake
#
# Build SQLCipher from git for iOS, linking statically against the FIPS-enabled
# libcrypto.a from BuildOpenSSL_iOS.cmake.
#
# Requires (from parent / BuildOpenSSL_iOS.cmake):
# SQLCIPHER_VERSION, IOS_ARCH, IOS_PLATFORM, IOS_DEPLOYMENT_TARGET,
# CMAKE_OSX_SYSROOT, DIST_LIB_DIR, DIST_INCLUDE_DIR, DIST_ABI_DIR,
# DIST_FIPS_DIR, OPENSSL_INSTALL
#
# Uses from FIPSConfig.cmake:
# FIPS_PARALLEL_JOBS, FIPS_NOOP_STRIP, fips_generate_probe_source()
# ---------------------------------------------------------------------------
set(SQLCIPHER_REPO
"https://github.com/sqlcipher/sqlcipher.git"
CACHE STRING "SQLCipher git repository")
set(SQLCIPHER_STAGE "${CMAKE_BINARY_DIR}/sqlcipher-${SQLCIPHER_VERSION}")
set(SQLCIPHER_INSTALL "${SQLCIPHER_STAGE}/install")
# ---------------------------------------------------------------------------
# Map IOS_ARCH -> host triple for autoconf
# ---------------------------------------------------------------------------
if(IOS_ARCH STREQUAL "arm64")
set(SQLCIPHER_HOST "aarch64-apple-darwin")
set(SQLCIPHER_CC_ARCH_FLAG "-arch arm64")
set(SQLCIPHER_CC_ARCH_LIST -arch arm64)
elseif(IOS_ARCH STREQUAL "x86_64")
set(SQLCIPHER_HOST "x86_64-apple-darwin")
set(SQLCIPHER_CC_ARCH_FLAG "-arch x86_64")
set(SQLCIPHER_CC_ARCH_LIST -arch x86_64)
else()
message(FATAL_ERROR "Unsupported IOS_ARCH: ${IOS_ARCH}")
endif()
if(IOS_PLATFORM STREQUAL "OS")
set(_sdk_name "iphoneos")
set(_min_ver_flag "${_min_ver_flag}")
else()
set(_sdk_name "iphonesimulator")
set(_min_ver_flag "-mios-simulator-version-min=${IOS_DEPLOYMENT_TARGET}")
endif()
# ---------------------------------------------------------------------------
# CFLAGS / LDFLAGS
# ---------------------------------------------------------------------------
set(_cflags_list
"-DSQLITE_HAS_CODEC"
"-DSQLITE_TEMP_STORE=2"
"-DSQLCIPHER_CRYPTO_OPENSSL"
"-DSQLITE_THREADSAFE=1"
"-DSQLITE_ENABLE_COLUMN_METADATA"
"-DSQLITE_ENABLE_FTS5"
"-DSQLITE_ENABLE_RTREE"
"-DHAVE_USLEEP=1"
"-DNDEBUG=1"
"-I${DIST_INCLUDE_DIR}"
"-isysroot ${CMAKE_OSX_SYSROOT}"
"${SQLCIPHER_CC_ARCH_FLAG}"
"${_min_ver_flag}"
"-fPIC"
"-O2"
"-fstack-protector-strong"
"-fvisibility=hidden"
)
if(FIPS_DEVELOPER_MODE)
list(APPEND _cflags_list "-Wall" "-Wextra")
endif()
string(REPLACE ";" " " _cflags_str "${_cflags_list}")
set(_ldflags_list
"-L${DIST_LIB_DIR}"
"-lcrypto"
"-isysroot ${CMAKE_OSX_SYSROOT}"
"${SQLCIPHER_CC_ARCH_FLAG}"
)
string(REPLACE ";" " " _ldflags_str "${_ldflags_list}")
set(SQLCIPHER_ENV
"CC=xcrun --sdk ${_sdk_name} clang"
"AR=xcrun --sdk ${_sdk_name} ar"
"RANLIB=xcrun --sdk ${_sdk_name} ranlib"
"STRIP=${FIPS_NOOP_STRIP}"
"CFLAGS=${_cflags_str}"
"LDFLAGS=${_ldflags_str}"
)
# ---------------------------------------------------------------------------
# FIPS runtime probe (from shared FIPSConfig)
# ---------------------------------------------------------------------------
fips_generate_probe_source(FIPS_PROBE_C "${CMAKE_BINARY_DIR}/fips_runtime_probe_ios.c")
set(FIPS_PROBE_OBJ "${CMAKE_BINARY_DIR}/fips_runtime_probe_ios.o")
set(FIPS_PROBE_AR "${CMAKE_BINARY_DIR}/libfips_probe_ios.a")
set(_probe_cflags ${SQLCIPHER_CC_ARCH_LIST} -isysroot ${CMAKE_OSX_SYSROOT}
${_min_ver_flag} -fPIC -O2)
if(FIPS_DEVELOPER_MODE)
list(APPEND _probe_cflags -Wall -Wextra -Werror)
endif()
add_custom_command(
OUTPUT "${FIPS_PROBE_AR}"
DEPENDS "${FIPS_PROBE_C}" openssl_ios_ep
COMMAND xcrun --sdk ${_sdk_name} clang
-c "${FIPS_PROBE_C}"
-I "${DIST_INCLUDE_DIR}"
${_probe_cflags}
-o "${FIPS_PROBE_OBJ}"
COMMAND xcrun --sdk ${_sdk_name} ar
rcs "${FIPS_PROBE_AR}" "${FIPS_PROBE_OBJ}"
COMMENT "Compiling iOS FIPS runtime probe -> libfips_probe_ios.a"
)
add_custom_target(fips_probe_ios DEPENDS "${FIPS_PROBE_AR}")
# Inject probe via -force_load (Apple ld equivalent of --whole-archive)
list(FILTER SQLCIPHER_ENV EXCLUDE REGEX "^LDFLAGS=")
list(APPEND SQLCIPHER_ENV
"LDFLAGS=${_ldflags_str} -Wl,-force_load,${FIPS_PROBE_AR}"
)
# ---------------------------------------------------------------------------
# sqlcipher_ios_ep
# ---------------------------------------------------------------------------
ExternalProject_Add(sqlcipher_ios_ep
DEPENDS openssl_ios_ep fips_probe_ios
GIT_REPOSITORY "${SQLCIPHER_REPO}"
GIT_TAG "${SQLCIPHER_VERSION}"
GIT_SHALLOW 1
PREFIX "${SQLCIPHER_STAGE}"
INSTALL_DIR "${SQLCIPHER_INSTALL}"
BUILD_IN_SOURCE 1
CONFIGURE_COMMAND ${CMAKE_COMMAND} -E env ${SQLCIPHER_ENV}
./configure
--host=${SQLCIPHER_HOST}
--prefix=${SQLCIPHER_INSTALL}
--enable-static
--disable-shared
--disable-tcl
--disable-readline
--with-crypto-lib=openssl
BUILD_COMMAND ${CMAKE_COMMAND} -E env ${SQLCIPHER_ENV}
make -j${FIPS_PARALLEL_JOBS} libsqlcipher.la
INSTALL_COMMAND ${CMAKE_COMMAND} -E make_directory ${SQLCIPHER_INSTALL}/lib ${SQLCIPHER_INSTALL}/include
COMMAND ${CMAKE_COMMAND} -E copy_if_different
<SOURCE_DIR>/.libs/libsqlcipher.a ${SQLCIPHER_INSTALL}/lib/libsqlcipher.a
COMMAND ${CMAKE_COMMAND} -E copy_if_different
<SOURCE_DIR>/sqlite3.h ${SQLCIPHER_INSTALL}/include/sqlite3.h
)
# ---------------------------------------------------------------------------
# Stage SQLCipher into dist/<platform>-<arch>/
# ---------------------------------------------------------------------------
ExternalProject_Add_Step(sqlcipher_ios_ep stage_dist
DEPENDEES install
COMMAND ${CMAKE_COMMAND} -E copy_if_different
${SQLCIPHER_INSTALL}/lib/libsqlcipher.a
${DIST_LIB_DIR}/libsqlcipher.a
COMMAND ${CMAKE_COMMAND} -E copy_directory
${SQLCIPHER_INSTALL}/include
${DIST_INCLUDE_DIR}
COMMENT "Staging SQLCipher iOS (${IOS_ARCH}) into ${DIST_ABI_DIR}"
)
cmake/FIPSConfig.cmake
+105
View File
@@ -0,0 +1,105 @@
# ---------------------------------------------------------------------------
# FIPSConfig.cmake
#
# Shared constants and utility functions used by both Android and iOS build
# modules. Included once from the top-level CMakeLists.txt before any
# platform-specific module.
#
# Eliminates duplication of: OpenSSL URL/hash, FIPS probe source, parallel
# job cap, and common validation logic.
# ---------------------------------------------------------------------------
# ---------------------------------------------------------------------------
# OpenSSL source pinning (single source of truth)
# ---------------------------------------------------------------------------
set(OPENSSL_SRC_URL
"https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz"
CACHE STRING "OpenSSL source tarball URL")
if(OPENSSL_VERSION STREQUAL "3.0.8")
set(_default_openssl_hash
"6c13d2bf38fdf31eac3ce2a347073673f5d63263398f1f69d0df4a41253e4b3e")
else()
set(_default_openssl_hash "")
endif()
set(OPENSSL_URL_HASH "${_default_openssl_hash}"
CACHE STRING "SHA256 of OpenSSL source tarball (update when bumping OPENSSL_VERSION)")
# ---------------------------------------------------------------------------
# Parallel job cap
#
# ExternalProject's make -j without a cap races the host. Use
# FIPS_PARALLEL_JOBS to bound it. Default: host CPU count.
# ---------------------------------------------------------------------------
if(NOT DEFINED FIPS_PARALLEL_JOBS)
cmake_host_system_information(RESULT _ncpu QUERY NUMBER_OF_LOGICAL_CORES)
set(FIPS_PARALLEL_JOBS "${_ncpu}" CACHE STRING "Max parallel jobs for external builds")
endif()
# ---------------------------------------------------------------------------
# No-op strip path (portable)
# ---------------------------------------------------------------------------
if(CMAKE_HOST_APPLE OR CMAKE_HOST_UNIX)
find_program(_TRUE_BIN NAMES true PATHS /usr/bin /bin NO_DEFAULT_PATH)
if(NOT _TRUE_BIN)
set(_TRUE_BIN "/usr/bin/true")
endif()
else()
set(_TRUE_BIN "true")
endif()
set(FIPS_NOOP_STRIP "${_TRUE_BIN}" CACHE INTERNAL "No-op binary used as STRIP override")
# ---------------------------------------------------------------------------
# fips_generate_probe_source(<output_var> <output_path>)
#
# Writes the FIPS runtime probe C source to <output_path> and sets
# <output_var> to that path. Probe is identical for Android and iOS.
# ---------------------------------------------------------------------------
function(fips_generate_probe_source OUT_VAR OUT_PATH)
file(WRITE "${OUT_PATH}" [=[
#include <openssl/provider.h>
#include <openssl/crypto.h>
#include <stdio.h>
#include <stdlib.h>
#ifdef __ANDROID__
#include <android/log.h>
#endif
__attribute__((constructor(101)))
static void sqlcipher_fips_runtime_probe(void) {
if (OSSL_PROVIDER_available(NULL, "fips") != 1) {
#ifdef __ANDROID__
// On Android, library loading order is controlled by the application.
// The FIPS provider is activated programmatically via fips_init_android()
// AFTER all libraries are loaded. Warn here; the hard gate is
// fips_init_android() returning FIPS_INIT_OK before any crypto ops.
__android_log_print(ANDROID_LOG_WARN, "sqlcipher",
"FIPS provider not yet active at library load. "
"Call fips_init_android() before performing crypto operations.");
#else
fprintf(stderr,
"[sqlcipher] FATAL: OpenSSL FIPS provider not active. "
"Ensure the FIPS provider is loaded before libsqlcipher.\n");
abort();
#endif
}
}
]=])
set(${OUT_VAR} "${OUT_PATH}" PARENT_SCOPE)
endfunction()
# ---------------------------------------------------------------------------
# Conditional URL_HASH helper
#
# Usage:
# fips_url_hash_args(OUT_VAR)
# ExternalProject_Add(... ${${OUT_VAR}} ...)
# ---------------------------------------------------------------------------
function(fips_url_hash_args OUT_VAR)
if(OPENSSL_URL_HASH)
set(${OUT_VAR} "URL_HASH;SHA256=${OPENSSL_URL_HASH}" PARENT_SCOPE)
else()
set(${OUT_VAR} "" PARENT_SCOPE)
endif()
endfunction()
cmake/FIPSSQLCipherConfig.cmake.in
+44
View File
@@ -0,0 +1,44 @@
@PACKAGE_INIT@
# FIPSSQLCipherConfig.cmake
# Provides imported targets for downstream find_package(FIPSSQLCipher) usage.
include(CMakeFindDependencyMacro)
set(FIPSSQLCipher_INCLUDE_DIR "${PACKAGE_PREFIX_DIR}/include")
set(FIPSSQLCipher_LIB_DIR "${PACKAGE_PREFIX_DIR}/lib")
set(FIPSSQLCipher_FIPS_DIR "${PACKAGE_PREFIX_DIR}/share/fips-sqlcipher/fips")
if(NOT TARGET FIPSSQLCipher::crypto)
add_library(FIPSSQLCipher::crypto UNKNOWN IMPORTED)
if(EXISTS "${FIPSSQLCipher_LIB_DIR}/libcrypto.so")
set_target_properties(FIPSSQLCipher::crypto PROPERTIES
IMPORTED_LOCATION "${FIPSSQLCipher_LIB_DIR}/libcrypto.so"
INTERFACE_INCLUDE_DIRECTORIES "${FIPSSQLCipher_INCLUDE_DIR}"
)
elseif(EXISTS "${FIPSSQLCipher_LIB_DIR}/libcrypto.a")
set_target_properties(FIPSSQLCipher::crypto PROPERTIES
IMPORTED_LOCATION "${FIPSSQLCipher_LIB_DIR}/libcrypto.a"
INTERFACE_INCLUDE_DIRECTORIES "${FIPSSQLCipher_INCLUDE_DIR}"
)
endif()
endif()
if(NOT TARGET FIPSSQLCipher::sqlcipher)
add_library(FIPSSQLCipher::sqlcipher UNKNOWN IMPORTED)
if(EXISTS "${FIPSSQLCipher_LIB_DIR}/libsqlcipher.so")
set_target_properties(FIPSSQLCipher::sqlcipher PROPERTIES
IMPORTED_LOCATION "${FIPSSQLCipher_LIB_DIR}/libsqlcipher.so"
INTERFACE_INCLUDE_DIRECTORIES "${FIPSSQLCipher_INCLUDE_DIR}"
INTERFACE_LINK_LIBRARIES FIPSSQLCipher::crypto
)
elseif(EXISTS "${FIPSSQLCipher_LIB_DIR}/libsqlcipher.a")
set_target_properties(FIPSSQLCipher::sqlcipher PROPERTIES
IMPORTED_LOCATION "${FIPSSQLCipher_LIB_DIR}/libsqlcipher.a"
INTERFACE_INCLUDE_DIRECTORIES "${FIPSSQLCipher_INCLUDE_DIR}"
INTERFACE_LINK_LIBRARIES FIPSSQLCipher::crypto
)
endif()
endif()
check_required_components(FIPSSQLCipher)
cmake/PreserveFipsIntegrity.cmake
+121
View File
@@ -0,0 +1,121 @@
# ---------------------------------------------------------------------------
# PreserveFipsIntegrity.cmake
#
# Guard the FIPS provider module against post-build mutation that would
# invalidate its NIST-required HMAC-SHA256 integrity manifest.
#
# Uses from FIPSConfig.cmake:
# FIPS_NOOP_STRIP
# ---------------------------------------------------------------------------
# Global install-strip kill switch
set(CMAKE_INSTALL_DO_STRIP OFF CACHE BOOL "Never strip in this build" FORCE)
set(CMAKE_STRIP "${FIPS_NOOP_STRIP}" CACHE FILEPATH "No-op strip for FIPS safety" FORCE)
# ---------------------------------------------------------------------------
# preserve_fips_integrity(<fips_module_path> [dependent_target])
# ---------------------------------------------------------------------------
function(preserve_fips_integrity FIPS_MODULE_PATH)
set(_dep_target "")
if(ARGC GREATER 1)
set(_dep_target "${ARGV1}")
endif()
get_filename_component(FIPS_DIR "${FIPS_MODULE_PATH}" DIRECTORY)
get_filename_component(FIPS_NAME "${FIPS_MODULE_PATH}" NAME)
# Gradle packaging guard (AGP 8+)
file(WRITE "${FIPS_DIR}/fips_integrity.gradle" [=[
// apply from: '<repo>/dist/<abi>/fips/fips_integrity.gradle'
android {
packagingOptions {
jniLibs {
keepDebugSymbols += ['**/libfips.so']
useLegacyPackaging = false
}
}
}
]=])
# Xcode/iOS integrity guard
file(WRITE "${FIPS_DIR}/fips_integrity.xcconfig" [=[
STRIP_INSTALLED_PRODUCT = NO
COPY_PHASE_STRIP = NO
STRIP_STYLE = non-global
DEPLOYMENT_POSTPROCESSING = NO
ENABLE_BITCODE = NO
DEAD_CODE_STRIPPING = NO
]=])
# CI integrity audit script
file(WRITE "${FIPS_DIR}/verify_integrity.sh" [=[
#!/usr/bin/env bash
set -eu
MOD="${1:-$(dirname "$0")/libfips.so}"
if [ ! -f "$MOD" ]; then
echo "ERROR: $MOD not found" >&2
exit 1
fi
if command -v llvm-readelf >/dev/null 2>&1; then
READELF=llvm-readelf
elif command -v readelf >/dev/null 2>&1; then
READELF=readelf
else
echo "ERROR: neither llvm-readelf nor readelf in PATH" >&2
exit 1
fi
SECTIONS="$("$READELF" -S "$MOD" 2>/dev/null)"
case "$SECTIONS" in
*.symtab*) ;;
*) echo "FAIL: .symtab missing in $MOD (stripped?)" >&2; exit 2 ;;
esac
case "$SECTIONS" in
*.rodata*) ;;
*) echo "FAIL: .rodata missing in $MOD" >&2; exit 3 ;;
esac
if command -v sha256sum >/dev/null 2>&1; then
sha256sum "$MOD"
else
shasum -a 256 "$MOD"
fi
echo "PASS: $MOD retains FIPS integrity markers"
]=])
file(CHMOD "${FIPS_DIR}/verify_integrity.sh"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE
GROUP_READ GROUP_EXECUTE
WORLD_READ WORLD_EXECUTE)
# Post-stage lock step
if(_dep_target)
set(_lock_sh "${CMAKE_BINARY_DIR}/lock_fips_module.sh")
file(WRITE "${_lock_sh}" [=[
#!/bin/sh
set -eu
MOD="$1"
OUT="$2"
chmod 0444 "$MOD" || true
if command -v sha256sum >/dev/null 2>&1; then
sha256sum "$MOD" > "$OUT"
else
shasum -a 256 "$MOD" > "$OUT"
fi
]=])
file(CHMOD "${_lock_sh}"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE)
ExternalProject_Add_Step(${_dep_target} lock_fips_module
DEPENDEES gen_fips_cnf
COMMAND /bin/sh "${_lock_sh}"
"${FIPS_MODULE_PATH}"
"${FIPS_DIR}/libfips.so.sha256"
COMMENT "Locking ${FIPS_NAME} (0444) + recording baseline sha256"
)
endif()
endfunction()
include/fips_init.h
+71
View File
@@ -0,0 +1,71 @@
// SPDX-License-Identifier: Apache-2.0
// FIPS module initialization and HMAC integrity validation for on-device use.
//
// Call fips_init() once at app startup BEFORE any OpenSSL or SQLCipher
// operation. It configures the OpenSSL library context to load the FIPS
// provider from the bundled module path and triggers the mandatory Power-On
// Self-Test (POST), which includes HMAC-SHA256 integrity verification of the
// provider's .text and .rodata sections.
//
// Thread safety: call exactly once from the main thread before spawning
// workers that use crypto.
#ifndef FIPS_INIT_H
#define FIPS_INIT_H
#ifdef __cplusplus
extern "C" {
#endif
typedef enum {
FIPS_INIT_OK = 0,
FIPS_INIT_ERR_CONF_MISSING,
FIPS_INIT_ERR_MODULE_MISSING,
FIPS_INIT_ERR_PROVIDER_LOAD,
FIPS_INIT_ERR_SELF_TEST,
FIPS_INIT_ERR_PROPERTY_SET,
} fips_init_status_t;
// Human-readable description of a status code.
const char *fips_init_status_str(fips_init_status_t status);
// Initialize OpenSSL with FIPS provider from the given paths.
//
// module_dir: directory containing libfips.so (Android) or fips.dylib (iOS)
// conf_path: path to openssl.cnf that .includes fipsmodule.cnf
// (NULL = use OPENSSL_CONF env var, or generate minimal config)
//
// On Android, call this AFTER extracting assets/fips/* to the app's filesDir.
// On iOS, pass the path within the app bundle where fips.dylib is embedded.
//
// Returns FIPS_INIT_OK on success. On failure, the FIPS provider is NOT active
// and all crypto operations will fail (which is the correct behavior — you MUST
// NOT proceed with plaintext fallback under FIPS requirements).
fips_init_status_t fips_init(const char *module_dir, const char *conf_path);
// Re-run the FIPS self-test on demand (e.g., after app resume from background).
// The provider must already be loaded via fips_init().
// Returns 1 on success, 0 on failure.
int fips_self_test_rerun(void);
// Query whether the FIPS provider is currently active in the default context.
int fips_provider_is_active(void);
#ifdef __ANDROID__
// Android convenience: takes Context.getFilesDir() and
// ApplicationInfo.nativeLibraryDir paths. Handles OPENSSL_MODULES and
// FIPSMODULE_CNF env setup before calling fips_init().
fips_init_status_t fips_init_android(const char *files_dir,
const char *native_lib_dir);
#endif
#if defined(__APPLE__) && !defined(__ANDROID__)
// iOS convenience: takes the path to the fips/ directory inside the app bundle
// (e.g., [[NSBundle mainBundle] resourcePath] + "/fips").
fips_init_status_t fips_init_ios(const char *bundle_fips_dir);
#endif
#ifdef __cplusplus
}
#endif
#endif // FIPS_INIT_H
include/fips_sqlcipher.h
+31
View File
@@ -0,0 +1,31 @@
// SPDX-License-Identifier: Apache-2.0
// C/C++ interop header for FIPS-SQLCipher builds.
// Wraps OpenSSL and SQLCipher headers in extern "C" to prevent C++ name
// mangling and avoids pulling libc++ symbols into the FIPS module boundary.
#ifndef FIPS_SQLCIPHER_H
#define FIPS_SQLCIPHER_H
#ifdef __cplusplus
extern "C" {
#endif
#include <openssl/provider.h>
#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <sqlite3.h>
#ifdef __cplusplus
}
#endif
// When compiling C++ translation units that link against the FIPS provider:
// - Do NOT pass -fno-rtti or -fno-exceptions to the OpenSSL/SQLCipher
// object files themselves (they are pure C).
// - Your C++ code CAN use any RTTI/exception settings freely because the
// FIPS "incore" HMAC covers only the provider's .text/.rodata, not yours.
// - Avoid ODR violations: do not statically link libc++ into a shared lib
// that also dlopen()s libfips.so on Android. Use the NDK's shared libc++
// (the default) or link everything statically.
#endif // FIPS_SQLCIPHER_H
include/fips_verify.hpp
+82
View File
@@ -0,0 +1,82 @@
// SPDX-License-Identifier: Apache-2.0
// C++ verification class for FIPS-SQLCipher runtime compliance.
// Safe to compile with -frtti -fexceptions; does not affect FIPS HMAC.
#ifndef FIPS_VERIFY_HPP
#define FIPS_VERIFY_HPP
#include "fips_sqlcipher.h"
#include <string>
#include <stdexcept>
namespace fips {
struct VerifyResult {
bool provider_active;
bool self_test_passed;
bool cipher_fips_status;
std::string openssl_version;
};
class Verifier {
public:
static VerifyResult check_all(sqlite3 *db) {
VerifyResult r{};
r.provider_active = check_provider();
r.self_test_passed = check_self_test();
r.openssl_version = get_openssl_version();
r.cipher_fips_status = check_cipher_fips_status(db);
return r;
}
static bool check_provider() {
return OSSL_PROVIDER_available(nullptr, "fips") == 1;
}
static bool check_self_test() {
OSSL_PROVIDER *fips = OSSL_PROVIDER_load(nullptr, "fips");
if (!fips) return false;
int rc = OSSL_PROVIDER_self_test(fips);
OSSL_PROVIDER_unload(fips);
return rc == 1;
}
static std::string get_openssl_version() {
return OpenSSL_version(OPENSSL_VERSION);
}
// Executes PRAGMA cipher_fips_status on an open, keyed database.
// Returns true if the pragma returns 1 (FIPS mode active in SQLCipher).
static bool check_cipher_fips_status(sqlite3 *db) {
if (!db) return false;
sqlite3_stmt *stmt = nullptr;
int rc = sqlite3_prepare_v2(db, "PRAGMA cipher_fips_status;", -1, &stmt, nullptr);
if (rc != SQLITE_OK || !stmt) return false;
bool result = false;
if (sqlite3_step(stmt) == SQLITE_ROW) {
result = sqlite3_column_int(stmt, 0) == 1;
}
sqlite3_finalize(stmt);
return result;
}
// Convenience: open a database, key it, verify FIPS, close it.
static VerifyResult verify_with_key(const std::string &path, const std::string &key) {
sqlite3 *db = nullptr;
int rc = sqlite3_open(path.c_str(), &db);
if (rc != SQLITE_OK) {
throw std::runtime_error("sqlite3_open failed: " + std::string(sqlite3_errmsg(db)));
}
rc = sqlite3_key(db, key.c_str(), static_cast<int>(key.size()));
if (rc != SQLITE_OK) {
sqlite3_close(db);
throw std::runtime_error("sqlite3_key failed");
}
VerifyResult result = check_all(db);
sqlite3_close(db);
return result;
}
};
} // namespace fips
#endif // FIPS_VERIFY_HPP
install.md
+293
View File
@@ -0,0 +1,293 @@
# FIPS SQLCipher — Integration Guide
Pre-built FIPS 140-3 compliant SQLCipher with OpenSSL 3.0.8 FIPS provider.
## Contents
```
out/
├── android/
│ └── fips-sqlcipher.aar # Android Archive (arm64-v8a + x86_64)
├── ios/
│ └── FIPSSQLCipher.xcframework # iOS (device arm64 + simulator arm64/x86_64)
├── include/
│ ├── fips_init.h # FIPS initialization API (C)
│ ├── fips_sqlcipher.h # Combined OpenSSL + SQLCipher header
│ └── fips_verify.hpp # C++ verification class
└── src/
├── fips_init.c # Core initialization (both platforms)
├── fips_init_android.c # Android-specific init helper
└── fips_init_ios.c # iOS-specific init helper
```
---
## Android
### 1. Add the AAR
Copy `android/fips-sqlcipher.aar` into your project (e.g., `app/libs/`):
```kotlin
// app/build.gradle.kts
dependencies {
implementation(files("libs/fips-sqlcipher.aar"))
}
```
### 2. Packaging options (critical for FIPS)
```kotlin
// app/build.gradle.kts
android {
packaging {
jniLibs {
// Preserve debug symbols in the FIPS module — stripping invalidates
// the incore HMAC and will cause FIPS self-test failure.
keepDebugSymbols += setOf("**/libfips.so")
useLegacyPackaging = false
}
}
}
```
### 3. Library loading order (critical)
OpenSSL environment variables must be set BEFORE `libcrypto.so` loads. Use a
tiny "appenv" shim with no OpenSSL dependencies, loaded first:
```c
// appenv.c — compile into libappenv.so (no crypto link deps)
#include <jni.h>
#include <stdlib.h>
JNIEXPORT jint JNICALL
Java_com_yourapp_AppEnv_setenv(JNIEnv *env, jclass cls,
jstring jname, jstring jvalue) {
const char *n = (*env)->GetStringUTFChars(env, jname, NULL);
const char *v = (*env)->GetStringUTFChars(env, jvalue, NULL);
int rc = setenv(n, v, 1);
(*env)->ReleaseStringUTFChars(env, jname, n);
(*env)->ReleaseStringUTFChars(env, jvalue, v);
return rc;
}
```
Loading sequence in Kotlin:
```kotlin
// 1. Load appenv (no crypto deps)
System.loadLibrary("appenv")
// 2. Extract openssl.cnf from assets
val fipsDir = File(filesDir, "fips").apply { mkdirs() }
assets.open("fips/openssl.cnf").use { input ->
File(fipsDir, "openssl.cnf").outputStream().use { input.copyTo(it) }
}
// 3. Set env BEFORE loading libcrypto
AppEnv.setenv("OPENSSL_CONF", File(fipsDir, "openssl.cnf").absolutePath)
AppEnv.setenv("OPENSSL_MODULES", applicationInfo.nativeLibraryDir)
// 4. Load crypto stack
System.loadLibrary("crypto")
System.loadLibrary("sqlcipher")
// 5. Load your JNI bridge
System.loadLibrary("your_jni")
```
### 4. Initialize FIPS at startup (native)
Add `src/fips_init.c` and `src/fips_init_android.c` to your native CMakeLists:
```cmake
add_library(your_jni SHARED your_jni.c fips_init.c fips_init_android.c)
target_include_directories(your_jni PRIVATE path/to/include)
target_compile_definitions(your_jni PRIVATE SQLITE_HAS_CODEC)
target_link_libraries(your_jni PRIVATE crypto sqlcipher log)
```
Note: `SQLITE_HAS_CODEC` is required to declare `sqlite3_key()` and `sqlite3_rekey()`.
Call from JNI before any SQLCipher operation:
```c
#include "fips_init.h"
JNIEXPORT void JNICALL Java_com_yourapp_Native_initFips(
JNIEnv *env, jclass cls, jstring jfilesDir, jstring jnativeDir) {
const char *files = (*env)->GetStringUTFChars(env, jfilesDir, NULL);
const char *natv = (*env)->GetStringUTFChars(env, jnativeDir, NULL);
fips_init_status_t rc = fips_init_android(files, natv);
if (rc != FIPS_INIT_OK) {
// FIPS integrity compromised — abort or refuse to operate
__android_log_print(ANDROID_LOG_ERROR, "FIPS",
"FATAL: %s", fips_init_status_str(rc));
}
(*env)->ReleaseStringUTFChars(env, jfilesDir, files);
(*env)->ReleaseStringUTFChars(env, jnativeDir, natv);
}
```
### 5. fipsmodule.cnf (NOT required)
The shipped `openssl.cnf` is minimal — it does NOT auto-activate the FIPS
provider via config. Instead, `fips_init_android()` loads it programmatically
via `OSSL_PROVIDER_load()`. No `fipsmodule.cnf` is needed.
### 6. ProGuard / R8
The AAR ships `proguard.txt` with:
```
-keep class com.fips.sqlcipher.** { *; }
```
---
## iOS
### 1. Add the XCFramework
Drag `ios/FIPSSQLCipher.xcframework` into your Xcode project. Ensure:
- **Embed & Sign** is selected for the framework
- The `fips.dylib` in `Resources/fips/` is included in your **Copy Bundle Resources** phase
### 2. Link required system frameworks
In Build Phases → Link Binary With Libraries:
- `Security.framework`
- `libz.tbd`
### 3. Xcode build settings (critical for FIPS)
Apply these settings to prevent Xcode from stripping the FIPS module:
```
STRIP_INSTALLED_PRODUCT = NO
COPY_PHASE_STRIP = NO
STRIP_STYLE = non-global
DEPLOYMENT_POSTPROCESSING = NO
DEAD_CODE_STRIPPING = NO
```
Or apply the shipped xcconfig:
```
// In your .xcconfig or via Project > Build Settings
#include "path/to/fips_integrity.xcconfig"
```
### 4. Initialize FIPS at app launch
Add `src/fips_init.c` and `src/fips_init_ios.c` to your Xcode target.
**Swift (via bridging header):**
```c
// BridgingHeader.h
#define SQLITE_HAS_CODEC 1 // Required for sqlite3_key/sqlite3_rekey
#import "fips_init.h"
#import <openssl/crypto.h>
#import <openssl/provider.h>
#import <sqlite3.h>
// AppDelegate.swift
func application(_ application: UIApplication,
didFinishLaunchingWithOptions opts: ...) -> Bool {
let fipsDir = Bundle.main.resourcePath! + "/fips"
let rc = fips_init_ios(fipsDir)
guard rc == FIPS_INIT_OK else {
fatalError("FIPS init failed: \(String(cString: fips_init_status_str(rc)))")
}
return true
}
```
**Objective-C:**
```objc
#import "fips_init.h"
- (BOOL)application:(UIApplication *)app
didFinishLaunchingWithOptions:(NSDictionary *)opts {
NSString *fipsDir = [[NSBundle mainBundle].resourcePath
stringByAppendingPathComponent:@"fips"];
fips_init_status_t rc = fips_init_ios(fipsDir.UTF8String);
NSAssert(rc == FIPS_INIT_OK, @"FIPS: %s", fips_init_status_str(rc));
return YES;
}
```
### 5. Swift module import
The XCFramework includes a `module.modulemap`:
```swift
import FIPSSQLCipher
// sqlite3.h and openssl headers are available
```
### 6. Copy fips.dylib to app bundle
Add a **Run Script** build phase (or use Copy Files):
```bash
FIPS_SRC="${BUILT_PRODUCTS_DIR}/FIPSSQLCipher.xcframework/ios-arm64/Resources/fips"
FIPS_DST="${BUILT_PRODUCTS_DIR}/${CONTENTS_FOLDER_PATH}/fips"
mkdir -p "$FIPS_DST"
cp "$FIPS_SRC/fips.dylib" "$FIPS_DST/"
```
---
## Runtime FIPS Verification
After initialization, verify FIPS compliance on demand:
```c
#include "fips_init.h"
// Check provider is loaded
assert(fips_provider_is_active());
// Re-run self-test (e.g., after app resume)
assert(fips_self_test_rerun());
```
**C++ (optional):**
```cpp
#include "fips_verify.hpp"
auto result = fips::Verifier::verify_with_key("/path/to/db.sqlite", "my-key");
assert(result.provider_active);
assert(result.self_test_passed);
```
---
## What can break FIPS integrity
| Action | Effect | Mitigation |
|--------|--------|------------|
| `strip` on libfips.so / fips.dylib | Removes .symtab, invalidates HMAC | keepDebugSymbols (Android), STRIP_INSTALLED_PRODUCT=NO (iOS) |
| Bitcode recompilation (iOS) | Produces different binary | ENABLE_BITCODE=NO |
| AGP minification of native libs | May modify .so contents | useLegacyPackaging=false |
| Code signing without preserving structure | Can modify load commands | Normal codesign is safe |
| UPX/binary compression | Mutates all sections | Never compress FIPS modules |
---
## Minimum deployment targets
- **Android**: API 24 (Android 7.0)
- **iOS**: 17.0 (one major version behind current)
## Versions
- OpenSSL: 3.0.8 (FIPS 140-3 validated)
- SQLCipher: v4.6.1
mise.toml
+28
View File
@@ -0,0 +1,28 @@
# mise-managed host build tooling for fips-sqlcipher.
#
# Bootstrap:
# mise trust && mise install
#
# Notes:
# * cmake >= 3.22 is required by CMakeLists.txt. Pinned to 3.29 (below 4.0)
# to avoid breakage in ExternalProject recipes not yet updated for cmake's
# removed compatibility with cmake_minimum_required < 3.5.
# * perl is required by OpenSSL's Configure script. macOS system perl (5.30+)
# works but we pin a known-good version for reproducibility.
# * ninja is used as the cmake generator for iOS builds (faster than Make,
# required for Xcode-less CI).
# * NDK is NOT managed here. Install via Android Studio SDK Manager or
# sdkmanager and export ANDROID_NDK_ROOT.
[tools]
cmake = "3.29"
ninja = "1.12.1"
perl = "5.40.2"
# AGP 8.x requires JDK 17+. Pinned for AAR packaging and test app.
java = "temurin-17"
# Gradle for AAR packaging and tests/android-fips test app.
gradle = "8.10.2"
[env]
# Minimum NDK version validated by build-all.sh doctor check.
FIPS_NDK_MIN_VERSION = "26"
out/include/fips_init.h
+71
View File
@@ -0,0 +1,71 @@
// SPDX-License-Identifier: Apache-2.0
// FIPS module initialization and HMAC integrity validation for on-device use.
//
// Call fips_init() once at app startup BEFORE any OpenSSL or SQLCipher
// operation. It configures the OpenSSL library context to load the FIPS
// provider from the bundled module path and triggers the mandatory Power-On
// Self-Test (POST), which includes HMAC-SHA256 integrity verification of the
// provider's .text and .rodata sections.
//
// Thread safety: call exactly once from the main thread before spawning
// workers that use crypto.
#ifndef FIPS_INIT_H
#define FIPS_INIT_H
#ifdef __cplusplus
extern "C" {
#endif
typedef enum {
FIPS_INIT_OK = 0,
FIPS_INIT_ERR_CONF_MISSING,
FIPS_INIT_ERR_MODULE_MISSING,
FIPS_INIT_ERR_PROVIDER_LOAD,
FIPS_INIT_ERR_SELF_TEST,
FIPS_INIT_ERR_PROPERTY_SET,
} fips_init_status_t;
// Human-readable description of a status code.
const char *fips_init_status_str(fips_init_status_t status);
// Initialize OpenSSL with FIPS provider from the given paths.
//
// module_dir: directory containing libfips.so (Android) or fips.dylib (iOS)
// conf_path: path to openssl.cnf that .includes fipsmodule.cnf
// (NULL = use OPENSSL_CONF env var, or generate minimal config)
//
// On Android, call this AFTER extracting assets/fips/* to the app's filesDir.
// On iOS, pass the path within the app bundle where fips.dylib is embedded.
//
// Returns FIPS_INIT_OK on success. On failure, the FIPS provider is NOT active
// and all crypto operations will fail (which is the correct behavior — you MUST
// NOT proceed with plaintext fallback under FIPS requirements).
fips_init_status_t fips_init(const char *module_dir, const char *conf_path);
// Re-run the FIPS self-test on demand (e.g., after app resume from background).
// The provider must already be loaded via fips_init().
// Returns 1 on success, 0 on failure.
int fips_self_test_rerun(void);
// Query whether the FIPS provider is currently active in the default context.
int fips_provider_is_active(void);
#ifdef __ANDROID__
// Android convenience: takes Context.getFilesDir() and
// ApplicationInfo.nativeLibraryDir paths. Handles OPENSSL_MODULES and
// FIPSMODULE_CNF env setup before calling fips_init().
fips_init_status_t fips_init_android(const char *files_dir,
const char *native_lib_dir);
#endif
#if defined(__APPLE__) && !defined(__ANDROID__)
// iOS convenience: takes the path to the fips/ directory inside the app bundle
// (e.g., [[NSBundle mainBundle] resourcePath] + "/fips").
fips_init_status_t fips_init_ios(const char *bundle_fips_dir);
#endif
#ifdef __cplusplus
}
#endif
#endif // FIPS_INIT_H
out/include/fips_sqlcipher.h
+31
View File
@@ -0,0 +1,31 @@
// SPDX-License-Identifier: Apache-2.0
// C/C++ interop header for FIPS-SQLCipher builds.
// Wraps OpenSSL and SQLCipher headers in extern "C" to prevent C++ name
// mangling and avoids pulling libc++ symbols into the FIPS module boundary.
#ifndef FIPS_SQLCIPHER_H
#define FIPS_SQLCIPHER_H
#ifdef __cplusplus
extern "C" {
#endif
#include <openssl/provider.h>
#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <sqlite3.h>
#ifdef __cplusplus
}
#endif
// When compiling C++ translation units that link against the FIPS provider:
// - Do NOT pass -fno-rtti or -fno-exceptions to the OpenSSL/SQLCipher
// object files themselves (they are pure C).
// - Your C++ code CAN use any RTTI/exception settings freely because the
// FIPS "incore" HMAC covers only the provider's .text/.rodata, not yours.
// - Avoid ODR violations: do not statically link libc++ into a shared lib
// that also dlopen()s libfips.so on Android. Use the NDK's shared libc++
// (the default) or link everything statically.
#endif // FIPS_SQLCIPHER_H
out/include/fips_verify.hpp
+82
View File
@@ -0,0 +1,82 @@
// SPDX-License-Identifier: Apache-2.0
// C++ verification class for FIPS-SQLCipher runtime compliance.
// Safe to compile with -frtti -fexceptions; does not affect FIPS HMAC.
#ifndef FIPS_VERIFY_HPP
#define FIPS_VERIFY_HPP
#include "fips_sqlcipher.h"
#include <string>
#include <stdexcept>
namespace fips {
struct VerifyResult {
bool provider_active;
bool self_test_passed;
bool cipher_fips_status;
std::string openssl_version;
};
class Verifier {
public:
static VerifyResult check_all(sqlite3 *db) {
VerifyResult r{};
r.provider_active = check_provider();
r.self_test_passed = check_self_test();
r.openssl_version = get_openssl_version();
r.cipher_fips_status = check_cipher_fips_status(db);
return r;
}
static bool check_provider() {
return OSSL_PROVIDER_available(nullptr, "fips") == 1;
}
static bool check_self_test() {
OSSL_PROVIDER *fips = OSSL_PROVIDER_load(nullptr, "fips");
if (!fips) return false;
int rc = OSSL_PROVIDER_self_test(fips);
OSSL_PROVIDER_unload(fips);
return rc == 1;
}
static std::string get_openssl_version() {
return OpenSSL_version(OPENSSL_VERSION);
}
// Executes PRAGMA cipher_fips_status on an open, keyed database.
// Returns true if the pragma returns 1 (FIPS mode active in SQLCipher).
static bool check_cipher_fips_status(sqlite3 *db) {
if (!db) return false;
sqlite3_stmt *stmt = nullptr;
int rc = sqlite3_prepare_v2(db, "PRAGMA cipher_fips_status;", -1, &stmt, nullptr);
if (rc != SQLITE_OK || !stmt) return false;
bool result = false;
if (sqlite3_step(stmt) == SQLITE_ROW) {
result = sqlite3_column_int(stmt, 0) == 1;
}
sqlite3_finalize(stmt);
return result;
}
// Convenience: open a database, key it, verify FIPS, close it.
static VerifyResult verify_with_key(const std::string &path, const std::string &key) {
sqlite3 *db = nullptr;
int rc = sqlite3_open(path.c_str(), &db);
if (rc != SQLITE_OK) {
throw std::runtime_error("sqlite3_open failed: " + std::string(sqlite3_errmsg(db)));
}
rc = sqlite3_key(db, key.c_str(), static_cast<int>(key.size()));
if (rc != SQLITE_OK) {
sqlite3_close(db);
throw std::runtime_error("sqlite3_key failed");
}
VerifyResult result = check_all(db);
sqlite3_close(db);
return result;
}
};
} // namespace fips
#endif // FIPS_VERIFY_HPP
out/install.md
+293
View File
@@ -0,0 +1,293 @@
# FIPS SQLCipher — Integration Guide
Pre-built FIPS 140-3 compliant SQLCipher with OpenSSL 3.0.8 FIPS provider.
## Contents
```
out/
├── android/
│ └── fips-sqlcipher.aar # Android Archive (arm64-v8a + x86_64)
├── ios/
│ └── FIPSSQLCipher.xcframework # iOS (device arm64 + simulator arm64/x86_64)
├── include/
│ ├── fips_init.h # FIPS initialization API (C)
│ ├── fips_sqlcipher.h # Combined OpenSSL + SQLCipher header
│ └── fips_verify.hpp # C++ verification class
└── src/
├── fips_init.c # Core initialization (both platforms)
├── fips_init_android.c # Android-specific init helper
└── fips_init_ios.c # iOS-specific init helper
```
---
## Android
### 1. Add the AAR
Copy `android/fips-sqlcipher.aar` into your project (e.g., `app/libs/`):
```kotlin
// app/build.gradle.kts
dependencies {
implementation(files("libs/fips-sqlcipher.aar"))
}
```
### 2. Packaging options (critical for FIPS)
```kotlin
// app/build.gradle.kts
android {
packaging {
jniLibs {
// Preserve debug symbols in the FIPS module — stripping invalidates
// the incore HMAC and will cause FIPS self-test failure.
keepDebugSymbols += setOf("**/libfips.so")
useLegacyPackaging = false
}
}
}
```
### 3. Library loading order (critical)
OpenSSL environment variables must be set BEFORE `libcrypto.so` loads. Use a
tiny "appenv" shim with no OpenSSL dependencies, loaded first:
```c
// appenv.c — compile into libappenv.so (no crypto link deps)
#include <jni.h>
#include <stdlib.h>
JNIEXPORT jint JNICALL
Java_com_yourapp_AppEnv_setenv(JNIEnv *env, jclass cls,
jstring jname, jstring jvalue) {
const char *n = (*env)->GetStringUTFChars(env, jname, NULL);
const char *v = (*env)->GetStringUTFChars(env, jvalue, NULL);
int rc = setenv(n, v, 1);
(*env)->ReleaseStringUTFChars(env, jname, n);
(*env)->ReleaseStringUTFChars(env, jvalue, v);
return rc;
}
```
Loading sequence in Kotlin:
```kotlin
// 1. Load appenv (no crypto deps)
System.loadLibrary("appenv")
// 2. Extract openssl.cnf from assets
val fipsDir = File(filesDir, "fips").apply { mkdirs() }
assets.open("fips/openssl.cnf").use { input ->
File(fipsDir, "openssl.cnf").outputStream().use { input.copyTo(it) }
}
// 3. Set env BEFORE loading libcrypto
AppEnv.setenv("OPENSSL_CONF", File(fipsDir, "openssl.cnf").absolutePath)
AppEnv.setenv("OPENSSL_MODULES", applicationInfo.nativeLibraryDir)
// 4. Load crypto stack
System.loadLibrary("crypto")
System.loadLibrary("sqlcipher")
// 5. Load your JNI bridge
System.loadLibrary("your_jni")
```
### 4. Initialize FIPS at startup (native)
Add `src/fips_init.c` and `src/fips_init_android.c` to your native CMakeLists:
```cmake
add_library(your_jni SHARED your_jni.c fips_init.c fips_init_android.c)
target_include_directories(your_jni PRIVATE path/to/include)
target_compile_definitions(your_jni PRIVATE SQLITE_HAS_CODEC)
target_link_libraries(your_jni PRIVATE crypto sqlcipher log)
```
Note: `SQLITE_HAS_CODEC` is required to declare `sqlite3_key()` and `sqlite3_rekey()`.
Call from JNI before any SQLCipher operation:
```c
#include "fips_init.h"
JNIEXPORT void JNICALL Java_com_yourapp_Native_initFips(
JNIEnv *env, jclass cls, jstring jfilesDir, jstring jnativeDir) {
const char *files = (*env)->GetStringUTFChars(env, jfilesDir, NULL);
const char *natv = (*env)->GetStringUTFChars(env, jnativeDir, NULL);
fips_init_status_t rc = fips_init_android(files, natv);
if (rc != FIPS_INIT_OK) {
// FIPS integrity compromised — abort or refuse to operate
__android_log_print(ANDROID_LOG_ERROR, "FIPS",
"FATAL: %s", fips_init_status_str(rc));
}
(*env)->ReleaseStringUTFChars(env, jfilesDir, files);
(*env)->ReleaseStringUTFChars(env, jnativeDir, natv);
}
```
### 5. fipsmodule.cnf (NOT required)
The shipped `openssl.cnf` is minimal — it does NOT auto-activate the FIPS
provider via config. Instead, `fips_init_android()` loads it programmatically
via `OSSL_PROVIDER_load()`. No `fipsmodule.cnf` is needed.
### 6. ProGuard / R8
The AAR ships `proguard.txt` with:
```
-keep class com.fips.sqlcipher.** { *; }
```
---
## iOS
### 1. Add the XCFramework
Drag `ios/FIPSSQLCipher.xcframework` into your Xcode project. Ensure:
- **Embed & Sign** is selected for the framework
- The `fips.dylib` in `Resources/fips/` is included in your **Copy Bundle Resources** phase
### 2. Link required system frameworks
In Build Phases → Link Binary With Libraries:
- `Security.framework`
- `libz.tbd`
### 3. Xcode build settings (critical for FIPS)
Apply these settings to prevent Xcode from stripping the FIPS module:
```
STRIP_INSTALLED_PRODUCT = NO
COPY_PHASE_STRIP = NO
STRIP_STYLE = non-global
DEPLOYMENT_POSTPROCESSING = NO
DEAD_CODE_STRIPPING = NO
```
Or apply the shipped xcconfig:
```
// In your .xcconfig or via Project > Build Settings
#include "path/to/fips_integrity.xcconfig"
```
### 4. Initialize FIPS at app launch
Add `src/fips_init.c` and `src/fips_init_ios.c` to your Xcode target.
**Swift (via bridging header):**
```c
// BridgingHeader.h
#define SQLITE_HAS_CODEC 1 // Required for sqlite3_key/sqlite3_rekey
#import "fips_init.h"
#import <openssl/crypto.h>
#import <openssl/provider.h>
#import <sqlite3.h>
// AppDelegate.swift
func application(_ application: UIApplication,
didFinishLaunchingWithOptions opts: ...) -> Bool {
let fipsDir = Bundle.main.resourcePath! + "/fips"
let rc = fips_init_ios(fipsDir)
guard rc == FIPS_INIT_OK else {
fatalError("FIPS init failed: \(String(cString: fips_init_status_str(rc)))")
}
return true
}
```
**Objective-C:**
```objc
#import "fips_init.h"
- (BOOL)application:(UIApplication *)app
didFinishLaunchingWithOptions:(NSDictionary *)opts {
NSString *fipsDir = [[NSBundle mainBundle].resourcePath
stringByAppendingPathComponent:@"fips"];
fips_init_status_t rc = fips_init_ios(fipsDir.UTF8String);
NSAssert(rc == FIPS_INIT_OK, @"FIPS: %s", fips_init_status_str(rc));
return YES;
}
```
### 5. Swift module import
The XCFramework includes a `module.modulemap`:
```swift
import FIPSSQLCipher
// sqlite3.h and openssl headers are available
```
### 6. Copy fips.dylib to app bundle
Add a **Run Script** build phase (or use Copy Files):
```bash
FIPS_SRC="${BUILT_PRODUCTS_DIR}/FIPSSQLCipher.xcframework/ios-arm64/Resources/fips"
FIPS_DST="${BUILT_PRODUCTS_DIR}/${CONTENTS_FOLDER_PATH}/fips"
mkdir -p "$FIPS_DST"
cp "$FIPS_SRC/fips.dylib" "$FIPS_DST/"
```
---
## Runtime FIPS Verification
After initialization, verify FIPS compliance on demand:
```c
#include "fips_init.h"
// Check provider is loaded
assert(fips_provider_is_active());
// Re-run self-test (e.g., after app resume)
assert(fips_self_test_rerun());
```
**C++ (optional):**
```cpp
#include "fips_verify.hpp"
auto result = fips::Verifier::verify_with_key("/path/to/db.sqlite", "my-key");
assert(result.provider_active);
assert(result.self_test_passed);
```
---
## What can break FIPS integrity
| Action | Effect | Mitigation |
|--------|--------|------------|
| `strip` on libfips.so / fips.dylib | Removes .symtab, invalidates HMAC | keepDebugSymbols (Android), STRIP_INSTALLED_PRODUCT=NO (iOS) |
| Bitcode recompilation (iOS) | Produces different binary | ENABLE_BITCODE=NO |
| AGP minification of native libs | May modify .so contents | useLegacyPackaging=false |
| Code signing without preserving structure | Can modify load commands | Normal codesign is safe |
| UPX/binary compression | Mutates all sections | Never compress FIPS modules |
---
## Minimum deployment targets
- **Android**: API 24 (Android 7.0)
- **iOS**: 17.0 (one major version behind current)
## Versions
- OpenSSL: 3.0.8 (FIPS 140-3 validated)
- SQLCipher: v4.6.1
out/src/fips_init.c
+121
View File
@@ -0,0 +1,121 @@
// SPDX-License-Identifier: Apache-2.0
#include "fips_init.h"
#include <openssl/provider.h>
#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
#ifdef __ANDROID__
#include <android/log.h>
#define LOG_TAG "fips_init"
#define LOGE(...) __android_log_print(ANDROID_LOG_ERROR, LOG_TAG, __VA_ARGS__)
#define LOGI(...) __android_log_print(ANDROID_LOG_INFO, LOG_TAG, __VA_ARGS__)
#else
#define LOGE(...) fprintf(stderr, "fips_init: " __VA_ARGS__)
#define LOGI(...) ((void)0)
#endif
#ifdef _WIN32
#include <io.h>
#define ACCESS _access
#define F_OK 0
#else
#include <unistd.h>
#define ACCESS access
#endif
static OSSL_PROVIDER *g_fips_provider = NULL;
static OSSL_PROVIDER *g_base_provider = NULL;
const char *fips_init_status_str(fips_init_status_t status) {
switch (status) {
case FIPS_INIT_OK: return "FIPS initialization succeeded";
case FIPS_INIT_ERR_CONF_MISSING: return "openssl.cnf not found at specified path";
case FIPS_INIT_ERR_MODULE_MISSING:return "FIPS provider module not found in module_dir";
case FIPS_INIT_ERR_PROVIDER_LOAD: return "OSSL_PROVIDER_load(\"fips\") failed (HMAC integrity check may have failed)";
case FIPS_INIT_ERR_SELF_TEST: return "FIPS self-test (POST/KAT) failed";
case FIPS_INIT_ERR_PROPERTY_SET: return "Failed to set default FIPS property query";
}
return "unknown status";
}
fips_init_status_t fips_init(const char *module_dir, const char *conf_path) {
if (g_fips_provider) {
return FIPS_INIT_OK;
}
// Point OPENSSL_MODULES to the directory containing the FIPS provider binary
if (module_dir && module_dir[0]) {
#ifdef __ANDROID__
// Android: libfips.so
char probe[4096];
snprintf(probe, sizeof(probe), "%s/libfips.so", module_dir);
if (ACCESS(probe, F_OK) != 0) {
LOGE("FIPS module not found: %s\n", probe);
return FIPS_INIT_ERR_MODULE_MISSING;
}
#else
// iOS: fips.dylib
char probe[4096];
snprintf(probe, sizeof(probe), "%s/fips.dylib", module_dir);
if (ACCESS(probe, F_OK) != 0) {
LOGE("FIPS module not found: %s\n", probe);
return FIPS_INIT_ERR_MODULE_MISSING;
}
#endif
setenv("OPENSSL_MODULES", module_dir, 1);
}
// Set OPENSSL_CONF if a config path was provided
if (conf_path && conf_path[0]) {
if (ACCESS(conf_path, F_OK) != 0) {
LOGE("Config not found: %s\n", conf_path);
return FIPS_INIT_ERR_CONF_MISSING;
}
setenv("OPENSSL_CONF", conf_path, 1);
}
// Load the FIPS provider. This triggers the incore HMAC-SHA256 integrity
// check followed by the Known Answer Tests (KATs). If the module was
// modified post-build (stripped, compressed, re-signed incorrectly), this
// call will fail.
g_fips_provider = OSSL_PROVIDER_load(NULL, "fips");
if (!g_fips_provider) {
unsigned long err = ERR_peek_last_error();
LOGE("FIPS provider load failed: %s\n", ERR_reason_error_string(err));
return FIPS_INIT_ERR_PROVIDER_LOAD;
}
// Load the base provider (needed for encoders/decoders that aren't in FIPS)
g_base_provider = OSSL_PROVIDER_load(NULL, "base");
// Run the self-test explicitly to confirm POST passes
if (OSSL_PROVIDER_self_test(g_fips_provider) != 1) {
LOGE("FIPS self-test failed after provider load\n");
OSSL_PROVIDER_unload(g_fips_provider);
g_fips_provider = NULL;
return FIPS_INIT_ERR_SELF_TEST;
}
// Set the default property query to "fips=yes" so all algorithm fetches
// are restricted to FIPS-approved implementations only.
if (EVP_set_default_properties(NULL, "fips=yes") != 1) {
LOGE("Failed to set fips=yes default properties\n");
return FIPS_INIT_ERR_PROPERTY_SET;
}
LOGI("FIPS provider loaded and self-test passed\n");
return FIPS_INIT_OK;
}
int fips_self_test_rerun(void) {
if (!g_fips_provider) return 0;
return OSSL_PROVIDER_self_test(g_fips_provider) == 1 ? 1 : 0;
}
int fips_provider_is_active(void) {
return OSSL_PROVIDER_available(NULL, "fips") == 1 ? 1 : 0;
}
out/src/fips_init_android.c
+61
View File
@@ -0,0 +1,61 @@
// SPDX-License-Identifier: Apache-2.0
// Android-specific FIPS initialization helper.
//
// On Android, the FIPS provider (libfips.so) is shipped inside the APK's
// jniLibs/<abi>/ and loaded via System.loadLibrary. The openssl.cnf is
// shipped in assets/fips/ and must be extracted to the app's internal storage
// before OpenSSL reads it.
//
// This file provides fips_init_android() which takes the app's files directory
// (Context.getFilesDir()) and handles:
// 1. Pointing OPENSSL_MODULES to the nativeLibraryDir (where Android unpacks .so)
// 2. Generating fipsmodule.cnf via the incore HMAC (on first run)
// 3. Calling fips_init() with the resolved paths
//
// The fipsmodule.cnf generation is equivalent to running:
// openssl fipsinstall -module libfips.so -out fipsmodule.cnf
// but done programmatically since we can't run the openssl CLI on device.
#ifdef __ANDROID__
#include "fips_init.h"
#include <openssl/provider.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/params.h>
#include <openssl/core_names.h>
#include <android/log.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/stat.h>
#define LOG_TAG "fips_init_android"
#define LOGE(...) __android_log_print(ANDROID_LOG_ERROR, LOG_TAG, __VA_ARGS__)
#define LOGI(...) __android_log_print(ANDROID_LOG_INFO, LOG_TAG, __VA_ARGS__)
fips_init_status_t fips_init_android(const char *files_dir,
const char *native_lib_dir) {
if (!files_dir || !native_lib_dir) {
return FIPS_INIT_ERR_MODULE_MISSING;
}
char conf_dir[4096];
char conf_path[4096];
char module_cnf_path[4096];
snprintf(conf_dir, sizeof(conf_dir), "%s/fips", files_dir);
snprintf(conf_path, sizeof(conf_path), "%s/fips/openssl.cnf", files_dir);
snprintf(module_cnf_path, sizeof(module_cnf_path), "%s/fips/fipsmodule.cnf", files_dir);
// FIPSMODULE_CNF is no longer required by the minimal openssl.cnf shipped
// in the AAR. The FIPS provider is loaded programmatically below.
// Set it anyway for compatibility with custom configs that may .include it.
setenv("FIPSMODULE_CNF", module_cnf_path, 1);
// The native_lib_dir is where Android extracts jniLibs .so files at install.
// This is typically /data/app/<pkg>/lib/<abi>/ and contains libfips.so.
return fips_init(native_lib_dir, conf_path);
}
#endif // __ANDROID__
out/src/fips_init_ios.c
+40
View File
@@ -0,0 +1,40 @@
// SPDX-License-Identifier: Apache-2.0
// iOS-specific FIPS initialization helper.
//
// On iOS, the FIPS provider (fips.dylib) is embedded in the app bundle as a
// resource (not a framework). The app must:
// 1. Locate fips.dylib within [[NSBundle mainBundle] resourcePath]/fips/
// 2. Call fips_init_ios() with that path
//
// Unlike Android, iOS does NOT allow dlopen of arbitrary dylibs from disk
// (code signing). The fips.dylib is loaded via OSSL_PROVIDER_load which uses
// dlopen internally — this works because the dylib is code-signed as part of
// the app bundle and resides in a path covered by the app's entitlements.
//
// IMPORTANT: Xcode must NOT strip this dylib. The XCFramework ships
// fips_integrity.xcconfig which disables strip for exactly this reason.
#if defined(__APPLE__) && !defined(__ANDROID__)
#include "fips_init.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
fips_init_status_t fips_init_ios(const char *bundle_fips_dir) {
if (!bundle_fips_dir) {
return FIPS_INIT_ERR_MODULE_MISSING;
}
// On iOS we don't use openssl.cnf / fipsmodule.cnf file-based config.
// Instead we load the provider programmatically and set properties in code.
// This avoids the need to generate fipsmodule.cnf on device (which requires
// running fipsinstall, unavailable on iOS).
//
// The FIPS provider's embedded HMAC is computed at build time by OpenSSL's
// install_fips target. As long as the dylib is not modified post-build,
// the provider load will succeed and POST will pass.
return fips_init(bundle_fips_dir, NULL);
}
#endif // __APPLE__ && !__ANDROID__
packaging/package_aar.sh
Executable
+128
View File
@@ -0,0 +1,128 @@
#!/usr/bin/env bash
# ---------------------------------------------------------------------------
# package_aar.sh -- Assemble a self-contained AAR from dist/<abi> artifacts.
#
# Produces: dist/fips-sqlcipher.aar
#
# Contents:
# jni/arm64-v8a/{libcrypto.so, libssl.so, libsqlcipher.so, libfips.so}
# jni/x86_64/{libcrypto.so, libssl.so, libsqlcipher.so, libfips.so}
# assets/fips/{openssl.cnf, fipsmodule.cnf}
# AndroidManifest.xml
# R.txt (empty, required by AGP)
# proguard.txt (keep rules for JNI)
#
# Usage:
# ./packaging/package_aar.sh [--abis "arm64-v8a x86_64"]
# ---------------------------------------------------------------------------
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
REPO_ROOT="$(cd "${SCRIPT_DIR}/.." && pwd)"
DIST_ROOT="${REPO_ROOT}/dist"
ABIS="${ABIS:-arm64-v8a x86_64}"
AAR_NAME="fips-sqlcipher.aar"
# Parse args
while [[ $# -gt 0 ]]; do
case "$1" in
--abis) ABIS="$2"; shift 2 ;;
*) echo "Unknown arg: $1" >&2; exit 1 ;;
esac
done
STAGING="${DIST_ROOT}/_aar_staging"
rm -rf "${STAGING}"
mkdir -p "${STAGING}"
# ---------------------------------------------------------------------------
# Stage JNI libs
# ---------------------------------------------------------------------------
for abi in ${ABIS}; do
abi_dir="${DIST_ROOT}/${abi}"
if [ ! -d "${abi_dir}/lib" ]; then
echo "ERROR: ${abi_dir}/lib not found. Build ${abi} first." >&2
exit 1
fi
jni_dst="${STAGING}/jni/${abi}"
mkdir -p "${jni_dst}"
for lib in libcrypto.so libssl.so libsqlcipher.so; do
if [ -f "${abi_dir}/lib/${lib}" ]; then
cp "${abi_dir}/lib/${lib}" "${jni_dst}/"
fi
done
if [ -f "${abi_dir}/fips/libfips.so" ]; then
cp "${abi_dir}/fips/libfips.so" "${jni_dst}/"
fi
done
# ---------------------------------------------------------------------------
# Stage FIPS config assets (use first ABI's configs as canonical)
# ---------------------------------------------------------------------------
first_abi="${ABIS%% *}"
fips_src="${DIST_ROOT}/${first_abi}/fips"
mkdir -p "${STAGING}/assets/fips"
if [ -f "${fips_src}/openssl.cnf" ]; then
cp "${fips_src}/openssl.cnf" "${STAGING}/assets/fips/"
fi
if [ -f "${fips_src}/fipsmodule.cnf" ]; then
cp "${fips_src}/fipsmodule.cnf" "${STAGING}/assets/fips/"
fi
# ---------------------------------------------------------------------------
# AndroidManifest.xml
# ---------------------------------------------------------------------------
cat > "${STAGING}/AndroidManifest.xml" <<'EOF'
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.fips.sqlcipher">
<application android:extractNativeLibs="true" />
</manifest>
EOF
# ---------------------------------------------------------------------------
# R.txt (empty, required by AAR format)
# ---------------------------------------------------------------------------
touch "${STAGING}/R.txt"
# ---------------------------------------------------------------------------
# proguard.txt -- keep JNI entry points
# ---------------------------------------------------------------------------
cat > "${STAGING}/proguard.txt" <<'EOF'
-keep class com.fips.sqlcipher.** { *; }
EOF
# ---------------------------------------------------------------------------
# classes.jar (empty, no Java code in this AAR)
# ---------------------------------------------------------------------------
mkdir -p "${STAGING}/_classes"
(cd "${STAGING}/_classes" && jar cf "${STAGING}/classes.jar" .)
rm -rf "${STAGING}/_classes"
# ---------------------------------------------------------------------------
# Zip into AAR
# ---------------------------------------------------------------------------
AAR_OUT="${DIST_ROOT}/${AAR_NAME}"
rm -f "${AAR_OUT}"
(cd "${STAGING}" && zip -r "${AAR_OUT}" . -x '*.DS_Store')
rm -rf "${STAGING}"
echo ""
echo "AAR packaged: ${AAR_OUT}"
echo " ABIs: ${ABIS}"
unzip -l "${AAR_OUT}" | grep -E '(\.so|\.cnf|Manifest|proguard|classes)' || true
echo ""
echo "Integration (app/build.gradle.kts):"
echo " dependencies {"
echo " implementation(files(\"path/to/fips-sqlcipher.aar\"))"
echo " }"
echo " android.packaging.jniLibs {"
echo " useLegacyPackaging = false"
echo " keepDebugSymbols += setOf(\"**/libfips.so\")"
echo " }"
packaging/package_xcframework.sh
Executable
+151
View File
@@ -0,0 +1,151 @@
#!/usr/bin/env bash
# ---------------------------------------------------------------------------
# package_xcframework.sh -- Build a universal XCFramework from iOS dist slices.
#
# Produces: dist/FIPSSQLCipher.xcframework
#
# Expects:
# dist/ios-arm64/lib/{libcrypto.a, libssl.a, libsqlcipher.a}
# dist/ios-arm64/fips/fips.a
# dist/ios-arm64/include/
# dist/ios-simulator-arm64/...
# dist/ios-simulator-x86_64/...
#
# The simulator slices are lipo'd into a fat binary before xcodebuild packages
# the xcframework with two library identifiers:
# - ios-arm64 (device)
# - ios-arm64_x86_64-simulator
#
# Usage:
# ./packaging/package_xcframework.sh
# ---------------------------------------------------------------------------
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
REPO_ROOT="$(cd "${SCRIPT_DIR}/.." && pwd)"
DIST_ROOT="${REPO_ROOT}/dist"
DEVICE_DIR="${DIST_ROOT}/ios-arm64"
SIM_ARM64_DIR="${DIST_ROOT}/ios-simulator-arm64"
SIM_X86_DIR="${DIST_ROOT}/ios-simulator-x86_64"
STAGING="${DIST_ROOT}/_xcframework_staging"
OUTPUT="${DIST_ROOT}/FIPSSQLCipher.xcframework"
rm -rf "${STAGING}" "${OUTPUT}"
mkdir -p "${STAGING}/device" "${STAGING}/simulator"
# ---------------------------------------------------------------------------
# Validate slices exist
# ---------------------------------------------------------------------------
for dir in "${DEVICE_DIR}" "${SIM_ARM64_DIR}" "${SIM_X86_DIR}"; do
if [ ! -d "${dir}/lib" ]; then
echo "ERROR: ${dir}/lib not found. Build this slice first." >&2
exit 1
fi
done
# ---------------------------------------------------------------------------
# Create combined static libs per slice (libtool merges .a archives)
# ---------------------------------------------------------------------------
echo "[+] Creating combined device static lib"
xcrun libtool -static -o "${STAGING}/device/libFIPSSQLCipher.a" \
"${DEVICE_DIR}/lib/libcrypto.a" \
"${DEVICE_DIR}/lib/libsqlcipher.a" 2>/dev/null
echo "[+] Creating fat simulator static lib (arm64 + x86_64)"
xcrun libtool -static -o "${STAGING}/simulator/libFIPSSQLCipher_arm64.a" \
"${SIM_ARM64_DIR}/lib/libcrypto.a" \
"${SIM_ARM64_DIR}/lib/libsqlcipher.a" 2>/dev/null
xcrun libtool -static -o "${STAGING}/simulator/libFIPSSQLCipher_x86_64.a" \
"${SIM_X86_DIR}/lib/libcrypto.a" \
"${SIM_X86_DIR}/lib/libsqlcipher.a" 2>/dev/null
# Lipo into universal simulator binary
xcrun lipo -create \
"${STAGING}/simulator/libFIPSSQLCipher_arm64.a" \
"${STAGING}/simulator/libFIPSSQLCipher_x86_64.a" \
-output "${STAGING}/simulator/libFIPSSQLCipher.a"
# ---------------------------------------------------------------------------
# Copy headers (use device slice as canonical)
# ---------------------------------------------------------------------------
cp -R "${DEVICE_DIR}/include" "${STAGING}/device/include"
cp -R "${DEVICE_DIR}/include" "${STAGING}/simulator/include"
# Add the project's C++ interop headers
if [ -d "${REPO_ROOT}/include" ]; then
cp "${REPO_ROOT}/include/"*.h "${STAGING}/device/include/" 2>/dev/null || true
cp "${REPO_ROOT}/include/"*.hpp "${STAGING}/device/include/" 2>/dev/null || true
cp "${REPO_ROOT}/include/"*.h "${STAGING}/simulator/include/" 2>/dev/null || true
cp "${REPO_ROOT}/include/"*.hpp "${STAGING}/simulator/include/" 2>/dev/null || true
fi
# ---------------------------------------------------------------------------
# Module map for Swift / Objective-C++ import
# ---------------------------------------------------------------------------
for slice in device simulator; do
mkdir -p "${STAGING}/${slice}/include/module"
cat > "${STAGING}/${slice}/include/module/module.modulemap" <<'EOF'
module FIPSSQLCipher {
header "../sqlite3.h"
header "../openssl/provider.h"
header "../openssl/crypto.h"
header "../openssl/evp.h"
header "../fips_sqlcipher.h"
export *
}
EOF
done
# ---------------------------------------------------------------------------
# Stage FIPS provider dylib as a resource (cannot be merged into static .a)
# ---------------------------------------------------------------------------
for slice_dir in "${STAGING}/device" "${STAGING}/simulator"; do
mkdir -p "${slice_dir}/fips"
done
cp "${DEVICE_DIR}/fips/fips.dylib" "${STAGING}/device/fips/"
# Fat simulator fips.dylib
xcrun lipo -create \
"${SIM_ARM64_DIR}/fips/fips.dylib" \
"${SIM_X86_DIR}/fips/fips.dylib" \
-output "${STAGING}/simulator/fips/fips.dylib"
# ---------------------------------------------------------------------------
# Build XCFramework
# ---------------------------------------------------------------------------
echo "[+] Assembling XCFramework"
xcodebuild -create-xcframework \
-library "${STAGING}/device/libFIPSSQLCipher.a" \
-headers "${STAGING}/device/include" \
-library "${STAGING}/simulator/libFIPSSQLCipher.a" \
-headers "${STAGING}/simulator/include" \
-output "${OUTPUT}"
# Copy FIPS provider dylib into the framework bundle as a resource
for slice_id in ios-arm64 ios-arm64_x86_64-simulator; do
if [ -d "${OUTPUT}/${slice_id}" ]; then
mkdir -p "${OUTPUT}/${slice_id}/Resources/fips"
if [ "${slice_id}" = "ios-arm64" ]; then
cp "${STAGING}/device/fips/fips.dylib" "${OUTPUT}/${slice_id}/Resources/fips/"
else
cp "${STAGING}/simulator/fips/fips.dylib" "${OUTPUT}/${slice_id}/Resources/fips/"
fi
fi
done
rm -rf "${STAGING}"
echo ""
echo "XCFramework packaged: ${OUTPUT}"
find "${OUTPUT}" -type f | head -20
echo ""
echo "Integration:"
echo " 1. Drag FIPSSQLCipher.xcframework into your Xcode project"
echo " 2. Link against: Security.framework, libz.tbd"
echo " 3. Copy Resources/fips/ into your app bundle"
echo " 4. Set OPENSSL_CONF env before any SQLCipher call"
echo ""
echo "Swift usage:"
echo " import FIPSSQLCipher"
samples/README.md
+56
View File
@@ -0,0 +1,56 @@
# Sample Apps
Demonstrates FIPS 140-3 compliant SQLCipher integration using the pre-built
artifacts from `out/`. Both apps run an identical compliance suite:
1. FIPS provider loaded
2. Self-test (POST/KAT) passes
3. HMAC integrity verified
4. OpenSSL version is 3.0.x (FIPS validated)
5. Encrypted DB write/read round-trip
6. Passphrase rotation (rekey)
7. Wrong-key rejection
## Android (Jetpack Compose)
```bash
# From repo root — build artifacts first
./build.sh all
./build.sh package
# Bootstrap and build the sample
cd samples/android
./bootstrap.sh
./gradlew assembleDebug
./gradlew installDebug
```
Requires: Android SDK, NDK (for native build), JDK 17.
## iOS (SwiftUI)
```bash
# From repo root — build artifacts first
./build.sh ios-all
./build.sh package-xcframework
# Bootstrap and open
cd samples/ios
./bootstrap.sh
open FIPSDemo/FIPSDemo.xcodeproj
```
Build and run on a simulator or device from Xcode. Requires Xcode 15+.
## What they verify
Both apps call the FIPS initialization helpers from `out/src/` at launch,
then exercise the OpenSSL FIPS provider and SQLCipher through native code.
The UI displays pass/fail for each check with detail strings.
The compliance suite validates that:
- The FIPS module's HMAC survived packaging (no strip/compress/re-sign)
- KAT (Known Answer Tests) pass at runtime
- SQLCipher uses FIPS-approved algorithms for encryption
- Key rotation works correctly
- Incorrect keys are rejected (no plaintext fallback)
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/.cmake/api/v1/query/client-agp/cache-v2
View File
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/.cmake/api/v1/query/client-agp/cmakeFiles-v1
View File
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/.cmake/api/v1/query/client-agp/codemodel-v2
View File
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/.cmake/api/v1/reply/cache-v2-fa6fb92d811827973222.json
+1303
View File
File diff suppressed because it is too large Load Diff
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/.cmake/api/v1/reply/cmakeFiles-v1-8f352036a81bef83a074.json
+204
View File
@@ -0,0 +1,204 @@
{
"inputs" :
[
{
"path" : "CMakeLists.txt"
},
{
"isGenerated" : true,
"path" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/CMakeFiles/4.1.2-gc33710e/CMakeSystem.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android.toolchain.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android-legacy.toolchain.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/abis.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/platforms.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeSystemSpecificInitialize.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Initialize.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android-Initialize.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linux-Initialize.cmake"
},
{
"isGenerated" : true,
"path" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/CMakeFiles/4.1.2-gc33710e/CMakeCCompiler.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeSystemSpecificInformation.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeGenericSystem.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeInitializeConfigs.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linux.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/UnixPaths.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeCInformation.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeLanguageInformation.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/Clang-C.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/Clang.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/CMakeCommonCompilerMacros.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/GNU.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/CMakeCommonCompilerMacros.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Clang-C.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Clang.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android-Clang.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/flags.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeCommonLanguageInclude.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Internal/CMakeCLinkerInformation.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Internal/CMakeCommonLinkerInformation.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/LLD-C.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/LLD.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/GNU.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Android-LLD-C.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-LLD-C.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-LLD.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-GNU.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/GNU.cmake"
}
],
"kind" : "cmakeFiles",
"paths" :
{
"build" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"source" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp"
},
"version" :
{
"major" : 1,
"minor" : 1
}
}
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/.cmake/api/v1/reply/codemodel-v2-c1637edc89ec3346c58b.json
+69
View File
@@ -0,0 +1,69 @@
{
"configurations" :
[
{
"directories" :
[
{
"build" : ".",
"jsonFile" : "directory-.-Debug-f5ebdc15457944623624.json",
"minimumCMakeVersion" :
{
"string" : "3.6.0"
},
"projectIndex" : 0,
"source" : ".",
"targetIndexes" :
[
0,
1
]
}
],
"name" : "Debug",
"projects" :
[
{
"directoryIndexes" :
[
0
],
"name" : "fipsdemo",
"targetIndexes" :
[
0,
1
]
}
],
"targets" :
[
{
"directoryIndex" : 0,
"id" : "appenv::@6890427a1f51a3e7e1df",
"jsonFile" : "target-appenv-Debug-df6f4edea38e362bfbe6.json",
"name" : "appenv",
"projectIndex" : 0
},
{
"directoryIndex" : 0,
"id" : "fipsdemo::@6890427a1f51a3e7e1df",
"jsonFile" : "target-fipsdemo-Debug-d2385bb430860135af79.json",
"name" : "fipsdemo",
"projectIndex" : 0
}
]
}
],
"kind" : "codemodel",
"paths" :
{
"build" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"source" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp"
},
"version" :
{
"major" : 2,
"minor" : 8
}
}
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/.cmake/api/v1/reply/directory-.-Debug-f5ebdc15457944623624.json
+14
View File
@@ -0,0 +1,14 @@
{
"backtraceGraph" :
{
"commands" : [],
"files" : [],
"nodes" : []
},
"installers" : [],
"paths" :
{
"build" : ".",
"source" : "."
}
}
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/.cmake/api/v1/reply/index-2026-05-05T02-08-11-0494.json
+92
View File
@@ -0,0 +1,92 @@
{
"cmake" :
{
"generator" :
{
"multiConfig" : false,
"name" : "Ninja"
},
"paths" :
{
"cmake" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/cmake",
"cpack" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/cpack",
"ctest" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ctest",
"root" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1"
},
"version" :
{
"isDirty" : false,
"major" : 4,
"minor" : 1,
"patch" : 2,
"string" : "4.1.2-gc33710e",
"suffix" : "gc33710e"
}
},
"objects" :
[
{
"jsonFile" : "codemodel-v2-c1637edc89ec3346c58b.json",
"kind" : "codemodel",
"version" :
{
"major" : 2,
"minor" : 8
}
},
{
"jsonFile" : "cache-v2-fa6fb92d811827973222.json",
"kind" : "cache",
"version" :
{
"major" : 2,
"minor" : 0
}
},
{
"jsonFile" : "cmakeFiles-v1-8f352036a81bef83a074.json",
"kind" : "cmakeFiles",
"version" :
{
"major" : 1,
"minor" : 1
}
}
],
"reply" :
{
"client-agp" :
{
"cache-v2" :
{
"jsonFile" : "cache-v2-fa6fb92d811827973222.json",
"kind" : "cache",
"version" :
{
"major" : 2,
"minor" : 0
}
},
"cmakeFiles-v1" :
{
"jsonFile" : "cmakeFiles-v1-8f352036a81bef83a074.json",
"kind" : "cmakeFiles",
"version" :
{
"major" : 1,
"minor" : 1
}
},
"codemodel-v2" :
{
"jsonFile" : "codemodel-v2-c1637edc89ec3346c58b.json",
"kind" : "codemodel",
"version" :
{
"major" : 2,
"minor" : 8
}
}
}
}
}
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/.cmake/api/v1/reply/target-appenv-Debug-df6f4edea38e362bfbe6.json
+121
View File
@@ -0,0 +1,121 @@
{
"artifacts" :
[
{
"path" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libappenv.so"
}
],
"backtrace" : 1,
"backtraceGraph" :
{
"commands" :
[
"add_library",
"target_link_libraries"
],
"files" :
[
"CMakeLists.txt"
],
"nodes" :
[
{
"file" : 0
},
{
"command" : 0,
"file" : 0,
"line" : 23,
"parent" : 0
},
{
"command" : 1,
"file" : 0,
"line" : 24,
"parent" : 0
}
]
},
"compileGroups" :
[
{
"compileCommandFragments" :
[
{
"fragment" : "-g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC"
}
],
"defines" :
[
{
"define" : "appenv_EXPORTS"
}
],
"language" : "C",
"sourceIndexes" :
[
0
],
"sysroot" :
{
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot"
}
}
],
"id" : "appenv::@6890427a1f51a3e7e1df",
"link" :
{
"commandFragments" :
[
{
"fragment" : "-shared",
"role" : "flags"
},
{
"fragment" : "-static-libstdc++ -Wl,--build-id=sha1 -Wl,--no-rosegment -Wl,--no-undefined-version -Wl,--fatal-warnings -Wl,--no-undefined -Qunused-arguments -Wl,-z,max-page-size=16384",
"role" : "flags"
},
{
"backtrace" : 2,
"fragment" : "-llog",
"role" : "libraries"
},
{
"fragment" : "-latomic -lm",
"role" : "libraries"
}
],
"language" : "C",
"sysroot" :
{
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot"
}
},
"name" : "appenv",
"nameOnDisk" : "libappenv.so",
"paths" :
{
"build" : ".",
"source" : "."
},
"sourceGroups" :
[
{
"name" : "Source Files",
"sourceIndexes" :
[
0
]
}
],
"sources" :
[
{
"backtrace" : 1,
"compileGroupIndex" : 0,
"path" : "appenv.c",
"sourceGroupIndex" : 0
}
],
"type" : "SHARED_LIBRARY"
}
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/.cmake/api/v1/reply/target-fipsdemo-Debug-d2385bb430860135af79.json
+176
View File
@@ -0,0 +1,176 @@
{
"artifacts" :
[
{
"path" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libfipsdemo.so"
}
],
"backtrace" : 1,
"backtraceGraph" :
{
"commands" :
[
"add_library",
"target_link_libraries",
"target_compile_definitions",
"target_include_directories"
],
"files" :
[
"CMakeLists.txt"
],
"nodes" :
[
{
"file" : 0
},
{
"command" : 0,
"file" : 0,
"line" : 27,
"parent" : 0
},
{
"command" : 1,
"file" : 0,
"line" : 34,
"parent" : 0
},
{
"command" : 2,
"file" : 0,
"line" : 33,
"parent" : 0
},
{
"command" : 3,
"file" : 0,
"line" : 32,
"parent" : 0
}
]
},
"compileGroups" :
[
{
"compileCommandFragments" :
[
{
"fragment" : "-g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC"
}
],
"defines" :
[
{
"backtrace" : 3,
"define" : "SQLITE_HAS_CODEC"
},
{
"define" : "fipsdemo_EXPORTS"
}
],
"includes" :
[
{
"backtrace" : 4,
"path" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp"
},
{
"backtrace" : 4,
"path" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include"
}
],
"language" : "C",
"sourceIndexes" :
[
0,
1,
2
],
"sysroot" :
{
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot"
}
}
],
"id" : "fipsdemo::@6890427a1f51a3e7e1df",
"link" :
{
"commandFragments" :
[
{
"fragment" : "-shared",
"role" : "flags"
},
{
"fragment" : "-static-libstdc++ -Wl,--build-id=sha1 -Wl,--no-rosegment -Wl,--no-undefined-version -Wl,--fatal-warnings -Wl,--no-undefined -Qunused-arguments -Wl,-z,max-page-size=16384",
"role" : "flags"
},
{
"backtrace" : 2,
"fragment" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/../jniLibs/arm64-v8a/libcrypto.so",
"role" : "libraries"
},
{
"backtrace" : 2,
"fragment" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/../jniLibs/arm64-v8a/libsqlcipher.so",
"role" : "libraries"
},
{
"backtrace" : 2,
"fragment" : "-llog",
"role" : "libraries"
},
{
"fragment" : "-latomic -lm",
"role" : "libraries"
}
],
"language" : "C",
"sysroot" :
{
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot"
}
},
"name" : "fipsdemo",
"nameOnDisk" : "libfipsdemo.so",
"paths" :
{
"build" : ".",
"source" : "."
},
"sourceGroups" :
[
{
"name" : "Source Files",
"sourceIndexes" :
[
0,
1,
2
]
}
],
"sources" :
[
{
"backtrace" : 1,
"compileGroupIndex" : 0,
"path" : "jni_bridge.c",
"sourceGroupIndex" : 0
},
{
"backtrace" : 1,
"compileGroupIndex" : 0,
"path" : "fips_init.c",
"sourceGroupIndex" : 0
},
{
"backtrace" : 1,
"compileGroupIndex" : 0,
"path" : "fips_init_android.c",
"sourceGroupIndex" : 0
}
],
"type" : "SHARED_LIBRARY"
}
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/.ninja_deps
BIN
View File
Binary file not shown.
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/.ninja_log
+17
View File
@@ -0,0 +1,17 @@
# ninja log v6
1 6 1777946890903125168 clean 3b83d6961583bd29
1 42 1777946183590056622 CMakeFiles/fipsdemo.dir/fips_init.c.o 64692f237aba610f
1 130 1777946482488463471 /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libfipsdemo.so ddf162a9ce76e145
1 53 1777946891488215528 /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/cmake_install.cmake 9a87b613dab48711
1 42 1777946183590203247 CMakeFiles/fipsdemo.dir/fips_init_android.c.o 5107220344378aa9
1 53 1777946891488856571 build.ninja 9a87b613dab48711
1 48 1777946183589795038 CMakeFiles/fipsdemo.dir/jni_bridge.c.o b7b23b7c3a7ce3d6
1 114 1777946891534143458 CMakeFiles/appenv.dir/appenv.c.o da2f3ef7ed37ac07
1 131 1777946891534680376 CMakeFiles/fipsdemo.dir/fips_init_android.c.o 5107220344378aa9
1 132 1777946891534552125 CMakeFiles/fipsdemo.dir/fips_init.c.o 64692f237aba610f
1 135 1777946891534407709 CMakeFiles/fipsdemo.dir/jni_bridge.c.o b7b23b7c3a7ce3d6
114 227 1777946891647750364 /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libappenv.so db6257dd24e78867
135 227 1777946891668090574 /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libfipsdemo.so eb2e4cb267239b9b
1 149 1777947620378054349 CMakeFiles/fipsdemo.dir/fips_init_android.c.o 5107220344378aa9
149 235 1777947620526172331 /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libfipsdemo.so eb2e4cb267239b9b
2 129 1777947928595473269 /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libfipsdemo.so eb2e4cb267239b9b
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/additional_project_files.txt
View File
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/android_gradle_build.json
+48
View File
@@ -0,0 +1,48 @@
{
"buildFiles": [
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/CMakeLists.txt"
],
"cleanCommandsComponents": [
[
"/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ninja",
"-C",
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"clean"
]
],
"buildTargetsCommandComponents": [
"/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ninja",
"-C",
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"{LIST_OF_TARGETS_TO_BUILD}"
],
"libraries": {
"appenv::@6890427a1f51a3e7e1df": {
"toolchain": "toolchain",
"abi": "arm64-v8a",
"artifactName": "appenv",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libappenv.so",
"runtimeFiles": []
},
"fipsdemo::@6890427a1f51a3e7e1df": {
"toolchain": "toolchain",
"abi": "arm64-v8a",
"artifactName": "fipsdemo",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libfipsdemo.so",
"runtimeFiles": [
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/jniLibs/arm64-v8a/libcrypto.so",
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/jniLibs/arm64-v8a/libsqlcipher.so"
]
}
},
"toolchains": {
"toolchain": {
"cCompilerExecutable": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang.lld",
"cppCompilerExecutable": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang++.lld"
}
},
"cFileExtensions": [
"c"
],
"cppFileExtensions": []
}
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/android_gradle_build_mini.json
+36
View File
@@ -0,0 +1,36 @@
{
"buildFiles": [
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/CMakeLists.txt"
],
"cleanCommandsComponents": [
[
"/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ninja",
"-C",
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"clean"
]
],
"buildTargetsCommandComponents": [
"/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ninja",
"-C",
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"{LIST_OF_TARGETS_TO_BUILD}"
],
"libraries": {
"fipsdemo::@6890427a1f51a3e7e1df": {
"artifactName": "fipsdemo",
"abi": "arm64-v8a",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libfipsdemo.so",
"runtimeFiles": [
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/jniLibs/arm64-v8a/libcrypto.so",
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/jniLibs/arm64-v8a/libsqlcipher.so"
]
},
"appenv::@6890427a1f51a3e7e1df": {
"artifactName": "appenv",
"abi": "arm64-v8a",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libappenv.so",
"runtimeFiles": []
}
}
}
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/build.ninja
+217
View File
@@ -0,0 +1,217 @@
# CMAKE generated file: DO NOT EDIT!
# Generated by "Ninja" Generator, CMake Version 4.1
# This file contains all the build statements describing the
# compilation DAG.
# =============================================================================
# Write statements declared in CMakeLists.txt:
#
# Which is the root file.
# =============================================================================
# =============================================================================
# Project: fipsdemo
# Configurations: Debug
# =============================================================================
#############################################
# Minimal version of Ninja required by this file
ninja_required_version = 1.5
#############################################
# Set configuration variable for custom commands.
CONFIGURATION = Debug
# =============================================================================
# Include auxiliary files.
#############################################
# Include rules file.
include CMakeFiles/rules.ninja
# =============================================================================
#############################################
# Logical path to working directory; prefix for absolute paths.
cmake_ninja_workdir = /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/
# =============================================================================
# Object build statements for SHARED_LIBRARY target appenv
#############################################
# Order-only phony target for appenv
build cmake_object_order_depends_target_appenv: phony || .
build CMakeFiles/appenv.dir/appenv.c.o: C_COMPILER__appenv_unscanned_Debug /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/appenv.c || cmake_object_order_depends_target_appenv
CONFIG = Debug
DEFINES = -Dappenv_EXPORTS
DEP_FILE = CMakeFiles/appenv.dir/appenv.c.o.d
FLAGS = -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC
OBJECT_DIR = CMakeFiles/appenv.dir
OBJECT_FILE_DIR = CMakeFiles/appenv.dir
# =============================================================================
# Link build statements for SHARED_LIBRARY target appenv
#############################################
# Link the shared library /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libappenv.so
build /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libappenv.so: C_SHARED_LIBRARY_LINKER__appenv_Debug CMakeFiles/appenv.dir/appenv.c.o
CONFIG = Debug
DEP_FILE = CMakeFiles/appenv.dir/link.d
LANGUAGE_COMPILE_FLAGS = -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info
LINK_FLAGS = -shared -static-libstdc++ -Wl,--build-id=sha1 -Wl,--no-rosegment -Wl,--no-undefined-version -Wl,--fatal-warnings -Wl,--no-undefined -Qunused-arguments -Wl,-z,max-page-size=16384 -Xlinker --dependency-file=CMakeFiles/appenv.dir/link.d
LINK_LIBRARIES = -llog -latomic -lm
OBJECT_DIR = CMakeFiles/appenv.dir
POST_BUILD = :
PRE_LINK = :
SONAME = libappenv.so
SONAME_FLAG = -Wl,-soname,
TARGET_FILE = /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libappenv.so
TARGET_PDB = appenv.so.dbg
# =============================================================================
# Object build statements for SHARED_LIBRARY target fipsdemo
#############################################
# Order-only phony target for fipsdemo
build cmake_object_order_depends_target_fipsdemo: phony || .
build CMakeFiles/fipsdemo.dir/jni_bridge.c.o: C_COMPILER__fipsdemo_unscanned_Debug /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/jni_bridge.c || cmake_object_order_depends_target_fipsdemo
CONFIG = Debug
DEFINES = -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS
DEP_FILE = CMakeFiles/fipsdemo.dir/jni_bridge.c.o.d
FLAGS = -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC
INCLUDES = -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include
OBJECT_DIR = CMakeFiles/fipsdemo.dir
OBJECT_FILE_DIR = CMakeFiles/fipsdemo.dir
build CMakeFiles/fipsdemo.dir/fips_init.c.o: C_COMPILER__fipsdemo_unscanned_Debug /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init.c || cmake_object_order_depends_target_fipsdemo
CONFIG = Debug
DEFINES = -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS
DEP_FILE = CMakeFiles/fipsdemo.dir/fips_init.c.o.d
FLAGS = -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC
INCLUDES = -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include
OBJECT_DIR = CMakeFiles/fipsdemo.dir
OBJECT_FILE_DIR = CMakeFiles/fipsdemo.dir
build CMakeFiles/fipsdemo.dir/fips_init_android.c.o: C_COMPILER__fipsdemo_unscanned_Debug /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init_android.c || cmake_object_order_depends_target_fipsdemo
CONFIG = Debug
DEFINES = -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS
DEP_FILE = CMakeFiles/fipsdemo.dir/fips_init_android.c.o.d
FLAGS = -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC
INCLUDES = -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include
OBJECT_DIR = CMakeFiles/fipsdemo.dir
OBJECT_FILE_DIR = CMakeFiles/fipsdemo.dir
# =============================================================================
# Link build statements for SHARED_LIBRARY target fipsdemo
#############################################
# Link the shared library /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libfipsdemo.so
build /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libfipsdemo.so: C_SHARED_LIBRARY_LINKER__fipsdemo_Debug CMakeFiles/fipsdemo.dir/jni_bridge.c.o CMakeFiles/fipsdemo.dir/fips_init.c.o CMakeFiles/fipsdemo.dir/fips_init_android.c.o | /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/../jniLibs/arm64-v8a/libcrypto.so /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/../jniLibs/arm64-v8a/libsqlcipher.so
CONFIG = Debug
DEP_FILE = CMakeFiles/fipsdemo.dir/link.d
LANGUAGE_COMPILE_FLAGS = -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info
LINK_FLAGS = -shared -static-libstdc++ -Wl,--build-id=sha1 -Wl,--no-rosegment -Wl,--no-undefined-version -Wl,--fatal-warnings -Wl,--no-undefined -Qunused-arguments -Wl,-z,max-page-size=16384 -Xlinker --dependency-file=CMakeFiles/fipsdemo.dir/link.d
LINK_LIBRARIES = /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/../jniLibs/arm64-v8a/libcrypto.so /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/../jniLibs/arm64-v8a/libsqlcipher.so -llog -latomic -lm
OBJECT_DIR = CMakeFiles/fipsdemo.dir
POST_BUILD = :
PRE_LINK = :
SONAME = libfipsdemo.so
SONAME_FLAG = -Wl,-soname,
TARGET_FILE = /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libfipsdemo.so
TARGET_PDB = fipsdemo.so.dbg
#############################################
# Utility command for edit_cache
build CMakeFiles/edit_cache.util: CUSTOM_COMMAND
COMMAND = cd /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a && /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ccmake -S/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -B/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a
DESC = Running CMake cache editor...
pool = console
restat = 1
build edit_cache: phony CMakeFiles/edit_cache.util
#############################################
# Utility command for rebuild_cache
build CMakeFiles/rebuild_cache.util: CUSTOM_COMMAND
COMMAND = cd /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a && /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/cmake --regenerate-during-build -S/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -B/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a
DESC = Running CMake to regenerate build system...
pool = console
restat = 1
build rebuild_cache: phony CMakeFiles/rebuild_cache.util
# =============================================================================
# Target aliases.
build appenv: phony /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libappenv.so
build fipsdemo: phony /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libfipsdemo.so
build libappenv.so: phony /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libappenv.so
build libfipsdemo.so: phony /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libfipsdemo.so
# =============================================================================
# Folder targets.
# =============================================================================
#############################################
# Folder: /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a
build all: phony /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libappenv.so /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a/libfipsdemo.so
# =============================================================================
# Built-in targets
#############################################
# Re-run CMake if any of its inputs changed.
build build.ninja /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/cmake_install.cmake: RERUN_CMAKE | /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/CMakeLists.txt /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeCInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeCommonLanguageInclude.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeGenericSystem.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeInitializeConfigs.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeLanguageInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeSystemSpecificInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeSystemSpecificInitialize.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/CMakeCommonCompilerMacros.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/Clang-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/Clang.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Internal/CMakeCLinkerInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Internal/CMakeCommonLinkerInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/LLD-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/LLD.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Clang-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Clang.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Initialize.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Android-LLD-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-LLD-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-LLD.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linux-Initialize.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linux.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/UnixPaths.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/abis.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android-legacy.toolchain.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android.toolchain.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/flags.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android-Clang.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android-Initialize.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/platforms.cmake CMakeCache.txt CMakeFiles/4.1.2-gc33710e/CMakeCCompiler.cmake CMakeFiles/4.1.2-gc33710e/CMakeSystem.cmake
pool = console
#############################################
# A missing CMake input file is not an error.
build /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/CMakeLists.txt /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeCInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeCommonLanguageInclude.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeGenericSystem.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeInitializeConfigs.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeLanguageInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeSystemSpecificInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeSystemSpecificInitialize.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/CMakeCommonCompilerMacros.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/Clang-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/Clang.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Internal/CMakeCLinkerInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Internal/CMakeCommonLinkerInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/LLD-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/LLD.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Clang-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Clang.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Initialize.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Android-LLD-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-LLD-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-LLD.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linux-Initialize.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linux.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/UnixPaths.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/abis.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android-legacy.toolchain.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android.toolchain.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/flags.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android-Clang.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android-Initialize.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/platforms.cmake CMakeCache.txt CMakeFiles/4.1.2-gc33710e/CMakeCCompiler.cmake CMakeFiles/4.1.2-gc33710e/CMakeSystem.cmake: phony
#############################################
# Clean all the built files.
build clean: CLEAN
#############################################
# Print all primary targets available.
build help: HELP
#############################################
# Make the all target the default.
default all
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/build_file_index.txt
+1
View File
@@ -0,0 +1 @@
/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/CMakeLists.txt
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/compile_commands.json
+26
View File
@@ -0,0 +1,26 @@
[
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=aarch64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -Dappenv_EXPORTS -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/appenv.dir/appenv.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/appenv.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/appenv.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/CMakeFiles/appenv.dir/appenv.c.o"
},
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=aarch64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/fipsdemo.dir/jni_bridge.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/jni_bridge.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/jni_bridge.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/CMakeFiles/fipsdemo.dir/jni_bridge.c.o"
},
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=aarch64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/fipsdemo.dir/fips_init.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/CMakeFiles/fipsdemo.dir/fips_init.c.o"
},
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=aarch64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/fipsdemo.dir/fips_init_android.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init_android.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init_android.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/CMakeFiles/fipsdemo.dir/fips_init_android.c.o"
}
]
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/compile_commands.json.bin
BIN
View File
Binary file not shown.
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/configure_fingerprint.bin
+29
View File
@@ -0,0 +1,29 @@
C/C++ Structured LogŒ

/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/additional_project_files.txtC
A
?com.android.build.gradle.internal.cxx.io.EncodedFileFingerPrint  µµÖ¯ß3  é©’¯ß3‰

ƒ/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/android_gradle_build.json  µµÖ¯ß3È é©’¯ß3Ž

ˆ/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/android_gradle_build_mini.json  µµÖ¯ß3ú ì©’¯ß3y
w
u/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/build.ninja  µµÖ¯ß3Ž› à©’¯ß3}
{
y/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/build.ninja.txt  µµÖ¯ß3ƒ

~/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/build_file_index.txt  µµÖ¯ß3
g ©Çß®ß3„

/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/compile_commands.json  µµÖ¯ß3´% à©’¯ß3‰

ƒ/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/compile_commands.json.bin  µµÖ¯ß3 é
à©’¯ß3
Œ
/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/metadata_generation_command.txt  µµÖ¯ß3
¡ ©Çß®ß3€
~
|/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/prefab_config.json  ¶µÖ¯ß3
 ( ©Çß®ß3‡

/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/symbol_folder_index.txt  ¶µÖ¯ß3  ©Çß®ß3k
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/metadata_generation_command.txt
+18
View File
@@ -0,0 +1,18 @@
-H/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp
-DCMAKE_SYSTEM_NAME=Android
-DCMAKE_EXPORT_COMPILE_COMMANDS=ON
-DCMAKE_SYSTEM_VERSION=24
-DANDROID_PLATFORM=android-24
-DANDROID_ABI=arm64-v8a
-DCMAKE_ANDROID_ARCH_ABI=arm64-v8a
-DANDROID_NDK=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973
-DCMAKE_ANDROID_NDK=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973
-DCMAKE_TOOLCHAIN_FILE=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android.toolchain.cmake
-DCMAKE_MAKE_PROGRAM=/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ninja
-DCMAKE_LIBRARY_OUTPUT_DIRECTORY=/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a
-DCMAKE_RUNTIME_OUTPUT_DIRECTORY=/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a
-DCMAKE_BUILD_TYPE=Debug
-B/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a
-GNinja
Build command args: []
Version: 2
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/prefab_config.json
+4
View File
@@ -0,0 +1,4 @@
{
"enabled": false,
"packages": []
}
samples/android/app/.cxx/Debug/6m305623/arm64-v8a/symbol_folder_index.txt
+1
View File
@@ -0,0 +1 @@
/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/arm64-v8a
samples/android/app/.cxx/Debug/6m305623/hash_key.txt
+25
View File
@@ -0,0 +1,25 @@
# Values used to calculate the hash in this folder name.
# Should not depend on the absolute path of the project itself.
# - AGP: 8.7.3.
# - $NDK is the path to NDK 27.0.12077973.
# - $PROJECT is the path to the parent folder of the root Gradle build file.
# - $ABI is the ABI to be built with. The specific value doesn't contribute to the value of the hash.
# - $HASH is the hash value computed from this text.
# - $CMAKE is the path to CMake 3.22.1.
# - $NINJA is the path to Ninja.
-H$PROJECT/app/src/main/cpp
-DCMAKE_SYSTEM_NAME=Android
-DCMAKE_EXPORT_COMPILE_COMMANDS=ON
-DCMAKE_SYSTEM_VERSION=24
-DANDROID_PLATFORM=android-24
-DANDROID_ABI=$ABI
-DCMAKE_ANDROID_ARCH_ABI=$ABI
-DANDROID_NDK=$NDK
-DCMAKE_ANDROID_NDK=$NDK
-DCMAKE_TOOLCHAIN_FILE=$NDK/build/cmake/android.toolchain.cmake
-DCMAKE_MAKE_PROGRAM=$NINJA
-DCMAKE_LIBRARY_OUTPUT_DIRECTORY=$PROJECT/app/build/intermediates/cxx/Debug/$HASH/obj/$ABI
-DCMAKE_RUNTIME_OUTPUT_DIRECTORY=$PROJECT/app/build/intermediates/cxx/Debug/$HASH/obj/$ABI
-DCMAKE_BUILD_TYPE=Debug
-B$PROJECT/app/.cxx/Debug/$HASH/$ABI
-GNinja
samples/android/app/.cxx/Debug/6m305623/x86_64/.cmake/api/v1/query/client-agp/cache-v2
View File
samples/android/app/.cxx/Debug/6m305623/x86_64/.cmake/api/v1/query/client-agp/cmakeFiles-v1
View File
samples/android/app/.cxx/Debug/6m305623/x86_64/.cmake/api/v1/query/client-agp/codemodel-v2
View File
samples/android/app/.cxx/Debug/6m305623/x86_64/.cmake/api/v1/reply/cache-v2-f82861127e620f23338d.json
+1303
View File
File diff suppressed because it is too large Load Diff
samples/android/app/.cxx/Debug/6m305623/x86_64/.cmake/api/v1/reply/cmakeFiles-v1-0c86442e65a7719dc5d9.json
+204
View File
@@ -0,0 +1,204 @@
{
"inputs" :
[
{
"path" : "CMakeLists.txt"
},
{
"isGenerated" : true,
"path" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/CMakeFiles/4.1.2-gc33710e/CMakeSystem.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android.toolchain.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android-legacy.toolchain.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/abis.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/platforms.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeSystemSpecificInitialize.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Initialize.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android-Initialize.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linux-Initialize.cmake"
},
{
"isGenerated" : true,
"path" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/CMakeFiles/4.1.2-gc33710e/CMakeCCompiler.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeSystemSpecificInformation.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeGenericSystem.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeInitializeConfigs.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linux.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/UnixPaths.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeCInformation.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeLanguageInformation.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/Clang-C.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/Clang.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/CMakeCommonCompilerMacros.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/GNU.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/CMakeCommonCompilerMacros.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Clang-C.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Clang.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android-Clang.cmake"
},
{
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/flags.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeCommonLanguageInclude.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Internal/CMakeCLinkerInformation.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Internal/CMakeCommonLinkerInformation.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/LLD-C.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/LLD.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/GNU.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Android-LLD-C.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-LLD-C.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-LLD.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-GNU.cmake"
},
{
"isCMake" : true,
"isExternal" : true,
"path" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/GNU.cmake"
}
],
"kind" : "cmakeFiles",
"paths" :
{
"build" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"source" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp"
},
"version" :
{
"major" : 1,
"minor" : 1
}
}
samples/android/app/.cxx/Debug/6m305623/x86_64/.cmake/api/v1/reply/codemodel-v2-22d093a70cf429e275b9.json
+69
View File
@@ -0,0 +1,69 @@
{
"configurations" :
[
{
"directories" :
[
{
"build" : ".",
"jsonFile" : "directory-.-Debug-f5ebdc15457944623624.json",
"minimumCMakeVersion" :
{
"string" : "3.6.0"
},
"projectIndex" : 0,
"source" : ".",
"targetIndexes" :
[
0,
1
]
}
],
"name" : "Debug",
"projects" :
[
{
"directoryIndexes" :
[
0
],
"name" : "fipsdemo",
"targetIndexes" :
[
0,
1
]
}
],
"targets" :
[
{
"directoryIndex" : 0,
"id" : "appenv::@6890427a1f51a3e7e1df",
"jsonFile" : "target-appenv-Debug-1f0aaba287c03aa183e1.json",
"name" : "appenv",
"projectIndex" : 0
},
{
"directoryIndex" : 0,
"id" : "fipsdemo::@6890427a1f51a3e7e1df",
"jsonFile" : "target-fipsdemo-Debug-33953bc7fcd36cb62fc9.json",
"name" : "fipsdemo",
"projectIndex" : 0
}
]
}
],
"kind" : "codemodel",
"paths" :
{
"build" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"source" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp"
},
"version" :
{
"major" : 2,
"minor" : 8
}
}
samples/android/app/.cxx/Debug/6m305623/x86_64/.cmake/api/v1/reply/directory-.-Debug-f5ebdc15457944623624.json
+14
View File
@@ -0,0 +1,14 @@
{
"backtraceGraph" :
{
"commands" : [],
"files" : [],
"nodes" : []
},
"installers" : [],
"paths" :
{
"build" : ".",
"source" : "."
}
}
samples/android/app/.cxx/Debug/6m305623/x86_64/.cmake/api/v1/reply/index-2026-05-05T02-08-11-0828.json
+92
View File
@@ -0,0 +1,92 @@
{
"cmake" :
{
"generator" :
{
"multiConfig" : false,
"name" : "Ninja"
},
"paths" :
{
"cmake" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/cmake",
"cpack" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/cpack",
"ctest" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ctest",
"root" : "/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1"
},
"version" :
{
"isDirty" : false,
"major" : 4,
"minor" : 1,
"patch" : 2,
"string" : "4.1.2-gc33710e",
"suffix" : "gc33710e"
}
},
"objects" :
[
{
"jsonFile" : "codemodel-v2-22d093a70cf429e275b9.json",
"kind" : "codemodel",
"version" :
{
"major" : 2,
"minor" : 8
}
},
{
"jsonFile" : "cache-v2-f82861127e620f23338d.json",
"kind" : "cache",
"version" :
{
"major" : 2,
"minor" : 0
}
},
{
"jsonFile" : "cmakeFiles-v1-0c86442e65a7719dc5d9.json",
"kind" : "cmakeFiles",
"version" :
{
"major" : 1,
"minor" : 1
}
}
],
"reply" :
{
"client-agp" :
{
"cache-v2" :
{
"jsonFile" : "cache-v2-f82861127e620f23338d.json",
"kind" : "cache",
"version" :
{
"major" : 2,
"minor" : 0
}
},
"cmakeFiles-v1" :
{
"jsonFile" : "cmakeFiles-v1-0c86442e65a7719dc5d9.json",
"kind" : "cmakeFiles",
"version" :
{
"major" : 1,
"minor" : 1
}
},
"codemodel-v2" :
{
"jsonFile" : "codemodel-v2-22d093a70cf429e275b9.json",
"kind" : "codemodel",
"version" :
{
"major" : 2,
"minor" : 8
}
}
}
}
}
samples/android/app/.cxx/Debug/6m305623/x86_64/.cmake/api/v1/reply/target-appenv-Debug-1f0aaba287c03aa183e1.json
+121
View File
@@ -0,0 +1,121 @@
{
"artifacts" :
[
{
"path" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libappenv.so"
}
],
"backtrace" : 1,
"backtraceGraph" :
{
"commands" :
[
"add_library",
"target_link_libraries"
],
"files" :
[
"CMakeLists.txt"
],
"nodes" :
[
{
"file" : 0
},
{
"command" : 0,
"file" : 0,
"line" : 23,
"parent" : 0
},
{
"command" : 1,
"file" : 0,
"line" : 24,
"parent" : 0
}
]
},
"compileGroups" :
[
{
"compileCommandFragments" :
[
{
"fragment" : "-g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC"
}
],
"defines" :
[
{
"define" : "appenv_EXPORTS"
}
],
"language" : "C",
"sourceIndexes" :
[
0
],
"sysroot" :
{
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot"
}
}
],
"id" : "appenv::@6890427a1f51a3e7e1df",
"link" :
{
"commandFragments" :
[
{
"fragment" : "-shared",
"role" : "flags"
},
{
"fragment" : "-static-libstdc++ -Wl,--build-id=sha1 -Wl,--no-rosegment -Wl,--no-undefined-version -Wl,--fatal-warnings -Wl,--no-undefined -Qunused-arguments -Wl,-z,max-page-size=16384",
"role" : "flags"
},
{
"backtrace" : 2,
"fragment" : "-llog",
"role" : "libraries"
},
{
"fragment" : "-latomic -lm",
"role" : "libraries"
}
],
"language" : "C",
"sysroot" :
{
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot"
}
},
"name" : "appenv",
"nameOnDisk" : "libappenv.so",
"paths" :
{
"build" : ".",
"source" : "."
},
"sourceGroups" :
[
{
"name" : "Source Files",
"sourceIndexes" :
[
0
]
}
],
"sources" :
[
{
"backtrace" : 1,
"compileGroupIndex" : 0,
"path" : "appenv.c",
"sourceGroupIndex" : 0
}
],
"type" : "SHARED_LIBRARY"
}
samples/android/app/.cxx/Debug/6m305623/x86_64/.cmake/api/v1/reply/target-fipsdemo-Debug-33953bc7fcd36cb62fc9.json
+176
View File
@@ -0,0 +1,176 @@
{
"artifacts" :
[
{
"path" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libfipsdemo.so"
}
],
"backtrace" : 1,
"backtraceGraph" :
{
"commands" :
[
"add_library",
"target_link_libraries",
"target_compile_definitions",
"target_include_directories"
],
"files" :
[
"CMakeLists.txt"
],
"nodes" :
[
{
"file" : 0
},
{
"command" : 0,
"file" : 0,
"line" : 27,
"parent" : 0
},
{
"command" : 1,
"file" : 0,
"line" : 34,
"parent" : 0
},
{
"command" : 2,
"file" : 0,
"line" : 33,
"parent" : 0
},
{
"command" : 3,
"file" : 0,
"line" : 32,
"parent" : 0
}
]
},
"compileGroups" :
[
{
"compileCommandFragments" :
[
{
"fragment" : "-g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC"
}
],
"defines" :
[
{
"backtrace" : 3,
"define" : "SQLITE_HAS_CODEC"
},
{
"define" : "fipsdemo_EXPORTS"
}
],
"includes" :
[
{
"backtrace" : 4,
"path" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp"
},
{
"backtrace" : 4,
"path" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include"
}
],
"language" : "C",
"sourceIndexes" :
[
0,
1,
2
],
"sysroot" :
{
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot"
}
}
],
"id" : "fipsdemo::@6890427a1f51a3e7e1df",
"link" :
{
"commandFragments" :
[
{
"fragment" : "-shared",
"role" : "flags"
},
{
"fragment" : "-static-libstdc++ -Wl,--build-id=sha1 -Wl,--no-rosegment -Wl,--no-undefined-version -Wl,--fatal-warnings -Wl,--no-undefined -Qunused-arguments -Wl,-z,max-page-size=16384",
"role" : "flags"
},
{
"backtrace" : 2,
"fragment" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/../jniLibs/x86_64/libcrypto.so",
"role" : "libraries"
},
{
"backtrace" : 2,
"fragment" : "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/../jniLibs/x86_64/libsqlcipher.so",
"role" : "libraries"
},
{
"backtrace" : 2,
"fragment" : "-llog",
"role" : "libraries"
},
{
"fragment" : "-latomic -lm",
"role" : "libraries"
}
],
"language" : "C",
"sysroot" :
{
"path" : "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot"
}
},
"name" : "fipsdemo",
"nameOnDisk" : "libfipsdemo.so",
"paths" :
{
"build" : ".",
"source" : "."
},
"sourceGroups" :
[
{
"name" : "Source Files",
"sourceIndexes" :
[
0,
1,
2
]
}
],
"sources" :
[
{
"backtrace" : 1,
"compileGroupIndex" : 0,
"path" : "jni_bridge.c",
"sourceGroupIndex" : 0
},
{
"backtrace" : 1,
"compileGroupIndex" : 0,
"path" : "fips_init.c",
"sourceGroupIndex" : 0
},
{
"backtrace" : 1,
"compileGroupIndex" : 0,
"path" : "fips_init_android.c",
"sourceGroupIndex" : 0
}
],
"type" : "SHARED_LIBRARY"
}
samples/android/app/.cxx/Debug/6m305623/x86_64/.ninja_deps
BIN
View File
Binary file not shown.
samples/android/app/.cxx/Debug/6m305623/x86_64/.ninja_log
+17
View File
@@ -0,0 +1,17 @@
# ninja log v6
0 5 1777946890944521922 clean 3b83d6961583bd29
1 31 1777946891821804315 /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/cmake_install.cmake 135ef083018effa7
1 51 1777946482890885029 CMakeFiles/fipsdemo.dir/fips_init_android.c.o e9970e96672474a8
1 31 1777946891822925776 build.ninja 135ef083018effa7
52 85 1777946482941587552 /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libfipsdemo.so 655bd13094b57587
1 51 1777946482890761028 CMakeFiles/fipsdemo.dir/fips_init.c.o 192c9d8849ad486a
1 52 1777946482890510611 CMakeFiles/fipsdemo.dir/jni_bridge.c.o a8c617de24b34ea4
0 43 1777946891843875903 CMakeFiles/appenv.dir/appenv.c.o 2a62f378f1d53f89
2 53 1777946891845036406 CMakeFiles/fipsdemo.dir/fips_init_android.c.o e9970e96672474a8
1 58 1777946891844684697 CMakeFiles/fipsdemo.dir/fips_init.c.o 192c9d8849ad486a
1 60 1777946891844238904 CMakeFiles/fipsdemo.dir/jni_bridge.c.o a8c617de24b34ea4
43 92 1777946891886607368 /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libappenv.so 8642936758dbb2a2
60 104 1777946891903293404 /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libfipsdemo.so 9f0a710e4ee6d015
1 45 1777947620655169683 CMakeFiles/fipsdemo.dir/fips_init_android.c.o e9970e96672474a8
45 82 1777947620699102888 /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libfipsdemo.so 9f0a710e4ee6d015
1 35 1777947928743530876 /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libfipsdemo.so 9f0a710e4ee6d015
samples/android/app/.cxx/Debug/6m305623/x86_64/additional_project_files.txt
View File
samples/android/app/.cxx/Debug/6m305623/x86_64/android_gradle_build.json
+48
View File
@@ -0,0 +1,48 @@
{
"buildFiles": [
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/CMakeLists.txt"
],
"cleanCommandsComponents": [
[
"/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ninja",
"-C",
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"clean"
]
],
"buildTargetsCommandComponents": [
"/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ninja",
"-C",
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"{LIST_OF_TARGETS_TO_BUILD}"
],
"libraries": {
"appenv::@6890427a1f51a3e7e1df": {
"toolchain": "toolchain",
"abi": "x86_64",
"artifactName": "appenv",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libappenv.so",
"runtimeFiles": []
},
"fipsdemo::@6890427a1f51a3e7e1df": {
"toolchain": "toolchain",
"abi": "x86_64",
"artifactName": "fipsdemo",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libfipsdemo.so",
"runtimeFiles": [
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/jniLibs/x86_64/libcrypto.so",
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/jniLibs/x86_64/libsqlcipher.so"
]
}
},
"toolchains": {
"toolchain": {
"cCompilerExecutable": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang.lld",
"cppCompilerExecutable": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang++.lld"
}
},
"cFileExtensions": [
"c"
],
"cppFileExtensions": []
}
samples/android/app/.cxx/Debug/6m305623/x86_64/android_gradle_build_mini.json
+36
View File
@@ -0,0 +1,36 @@
{
"buildFiles": [
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/CMakeLists.txt"
],
"cleanCommandsComponents": [
[
"/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ninja",
"-C",
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"clean"
]
],
"buildTargetsCommandComponents": [
"/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ninja",
"-C",
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"{LIST_OF_TARGETS_TO_BUILD}"
],
"libraries": {
"fipsdemo::@6890427a1f51a3e7e1df": {
"artifactName": "fipsdemo",
"abi": "x86_64",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libfipsdemo.so",
"runtimeFiles": [
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/jniLibs/x86_64/libcrypto.so",
"/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/jniLibs/x86_64/libsqlcipher.so"
]
},
"appenv::@6890427a1f51a3e7e1df": {
"artifactName": "appenv",
"abi": "x86_64",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libappenv.so",
"runtimeFiles": []
}
}
}
samples/android/app/.cxx/Debug/6m305623/x86_64/build.ninja
+217
View File
@@ -0,0 +1,217 @@
# CMAKE generated file: DO NOT EDIT!
# Generated by "Ninja" Generator, CMake Version 4.1
# This file contains all the build statements describing the
# compilation DAG.
# =============================================================================
# Write statements declared in CMakeLists.txt:
#
# Which is the root file.
# =============================================================================
# =============================================================================
# Project: fipsdemo
# Configurations: Debug
# =============================================================================
#############################################
# Minimal version of Ninja required by this file
ninja_required_version = 1.5
#############################################
# Set configuration variable for custom commands.
CONFIGURATION = Debug
# =============================================================================
# Include auxiliary files.
#############################################
# Include rules file.
include CMakeFiles/rules.ninja
# =============================================================================
#############################################
# Logical path to working directory; prefix for absolute paths.
cmake_ninja_workdir = /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/
# =============================================================================
# Object build statements for SHARED_LIBRARY target appenv
#############################################
# Order-only phony target for appenv
build cmake_object_order_depends_target_appenv: phony || .
build CMakeFiles/appenv.dir/appenv.c.o: C_COMPILER__appenv_unscanned_Debug /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/appenv.c || cmake_object_order_depends_target_appenv
CONFIG = Debug
DEFINES = -Dappenv_EXPORTS
DEP_FILE = CMakeFiles/appenv.dir/appenv.c.o.d
FLAGS = -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC
OBJECT_DIR = CMakeFiles/appenv.dir
OBJECT_FILE_DIR = CMakeFiles/appenv.dir
# =============================================================================
# Link build statements for SHARED_LIBRARY target appenv
#############################################
# Link the shared library /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libappenv.so
build /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libappenv.so: C_SHARED_LIBRARY_LINKER__appenv_Debug CMakeFiles/appenv.dir/appenv.c.o
CONFIG = Debug
DEP_FILE = CMakeFiles/appenv.dir/link.d
LANGUAGE_COMPILE_FLAGS = -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info
LINK_FLAGS = -shared -static-libstdc++ -Wl,--build-id=sha1 -Wl,--no-rosegment -Wl,--no-undefined-version -Wl,--fatal-warnings -Wl,--no-undefined -Qunused-arguments -Wl,-z,max-page-size=16384 -Xlinker --dependency-file=CMakeFiles/appenv.dir/link.d
LINK_LIBRARIES = -llog -latomic -lm
OBJECT_DIR = CMakeFiles/appenv.dir
POST_BUILD = :
PRE_LINK = :
SONAME = libappenv.so
SONAME_FLAG = -Wl,-soname,
TARGET_FILE = /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libappenv.so
TARGET_PDB = appenv.so.dbg
# =============================================================================
# Object build statements for SHARED_LIBRARY target fipsdemo
#############################################
# Order-only phony target for fipsdemo
build cmake_object_order_depends_target_fipsdemo: phony || .
build CMakeFiles/fipsdemo.dir/jni_bridge.c.o: C_COMPILER__fipsdemo_unscanned_Debug /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/jni_bridge.c || cmake_object_order_depends_target_fipsdemo
CONFIG = Debug
DEFINES = -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS
DEP_FILE = CMakeFiles/fipsdemo.dir/jni_bridge.c.o.d
FLAGS = -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC
INCLUDES = -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include
OBJECT_DIR = CMakeFiles/fipsdemo.dir
OBJECT_FILE_DIR = CMakeFiles/fipsdemo.dir
build CMakeFiles/fipsdemo.dir/fips_init.c.o: C_COMPILER__fipsdemo_unscanned_Debug /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init.c || cmake_object_order_depends_target_fipsdemo
CONFIG = Debug
DEFINES = -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS
DEP_FILE = CMakeFiles/fipsdemo.dir/fips_init.c.o.d
FLAGS = -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC
INCLUDES = -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include
OBJECT_DIR = CMakeFiles/fipsdemo.dir
OBJECT_FILE_DIR = CMakeFiles/fipsdemo.dir
build CMakeFiles/fipsdemo.dir/fips_init_android.c.o: C_COMPILER__fipsdemo_unscanned_Debug /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init_android.c || cmake_object_order_depends_target_fipsdemo
CONFIG = Debug
DEFINES = -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS
DEP_FILE = CMakeFiles/fipsdemo.dir/fips_init_android.c.o.d
FLAGS = -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC
INCLUDES = -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include
OBJECT_DIR = CMakeFiles/fipsdemo.dir
OBJECT_FILE_DIR = CMakeFiles/fipsdemo.dir
# =============================================================================
# Link build statements for SHARED_LIBRARY target fipsdemo
#############################################
# Link the shared library /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libfipsdemo.so
build /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libfipsdemo.so: C_SHARED_LIBRARY_LINKER__fipsdemo_Debug CMakeFiles/fipsdemo.dir/jni_bridge.c.o CMakeFiles/fipsdemo.dir/fips_init.c.o CMakeFiles/fipsdemo.dir/fips_init_android.c.o | /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/../jniLibs/x86_64/libcrypto.so /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/../jniLibs/x86_64/libsqlcipher.so
CONFIG = Debug
DEP_FILE = CMakeFiles/fipsdemo.dir/link.d
LANGUAGE_COMPILE_FLAGS = -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info
LINK_FLAGS = -shared -static-libstdc++ -Wl,--build-id=sha1 -Wl,--no-rosegment -Wl,--no-undefined-version -Wl,--fatal-warnings -Wl,--no-undefined -Qunused-arguments -Wl,-z,max-page-size=16384 -Xlinker --dependency-file=CMakeFiles/fipsdemo.dir/link.d
LINK_LIBRARIES = /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/../jniLibs/x86_64/libcrypto.so /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/../jniLibs/x86_64/libsqlcipher.so -llog -latomic -lm
OBJECT_DIR = CMakeFiles/fipsdemo.dir
POST_BUILD = :
PRE_LINK = :
SONAME = libfipsdemo.so
SONAME_FLAG = -Wl,-soname,
TARGET_FILE = /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libfipsdemo.so
TARGET_PDB = fipsdemo.so.dbg
#############################################
# Utility command for edit_cache
build CMakeFiles/edit_cache.util: CUSTOM_COMMAND
COMMAND = cd /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64 && /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ccmake -S/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -B/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64
DESC = Running CMake cache editor...
pool = console
restat = 1
build edit_cache: phony CMakeFiles/edit_cache.util
#############################################
# Utility command for rebuild_cache
build CMakeFiles/rebuild_cache.util: CUSTOM_COMMAND
COMMAND = cd /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64 && /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/cmake --regenerate-during-build -S/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -B/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64
DESC = Running CMake to regenerate build system...
pool = console
restat = 1
build rebuild_cache: phony CMakeFiles/rebuild_cache.util
# =============================================================================
# Target aliases.
build appenv: phony /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libappenv.so
build fipsdemo: phony /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libfipsdemo.so
build libappenv.so: phony /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libappenv.so
build libfipsdemo.so: phony /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libfipsdemo.so
# =============================================================================
# Folder targets.
# =============================================================================
#############################################
# Folder: /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64
build all: phony /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libappenv.so /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64/libfipsdemo.so
# =============================================================================
# Built-in targets
#############################################
# Re-run CMake if any of its inputs changed.
build build.ninja /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/cmake_install.cmake: RERUN_CMAKE | /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/CMakeLists.txt /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeCInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeCommonLanguageInclude.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeGenericSystem.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeInitializeConfigs.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeLanguageInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeSystemSpecificInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeSystemSpecificInitialize.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/CMakeCommonCompilerMacros.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/Clang-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/Clang.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Internal/CMakeCLinkerInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Internal/CMakeCommonLinkerInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/LLD-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/LLD.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Clang-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Clang.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Initialize.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Android-LLD-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-LLD-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-LLD.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linux-Initialize.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linux.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/UnixPaths.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/abis.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android-legacy.toolchain.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android.toolchain.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/flags.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android-Clang.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android-Initialize.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/platforms.cmake CMakeCache.txt CMakeFiles/4.1.2-gc33710e/CMakeCCompiler.cmake CMakeFiles/4.1.2-gc33710e/CMakeSystem.cmake
pool = console
#############################################
# A missing CMake input file is not an error.
build /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/CMakeLists.txt /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeCInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeCommonLanguageInclude.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeGenericSystem.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeInitializeConfigs.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeLanguageInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeSystemSpecificInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/CMakeSystemSpecificInitialize.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/CMakeCommonCompilerMacros.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/Clang-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/Clang.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Compiler/GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Internal/CMakeCLinkerInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Internal/CMakeCommonLinkerInformation.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/LLD-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Linker/LLD.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Clang-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Clang.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android-Initialize.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Android.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Android-LLD-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-GNU.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-LLD-C.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linker/Linux-LLD.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linux-Initialize.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/Linux.cmake /Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/share/cmake-4.1/Modules/Platform/UnixPaths.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/abis.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android-legacy.toolchain.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android.toolchain.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/flags.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android-Clang.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android-Initialize.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/hooks/pre/Android.cmake /Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/platforms.cmake CMakeCache.txt CMakeFiles/4.1.2-gc33710e/CMakeCCompiler.cmake CMakeFiles/4.1.2-gc33710e/CMakeSystem.cmake: phony
#############################################
# Clean all the built files.
build clean: CLEAN
#############################################
# Print all primary targets available.
build help: HELP
#############################################
# Make the all target the default.
default all
samples/android/app/.cxx/Debug/6m305623/x86_64/build_file_index.txt
+1
View File
@@ -0,0 +1 @@
/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/CMakeLists.txt
samples/android/app/.cxx/Debug/6m305623/x86_64/compile_commands.json
+26
View File
@@ -0,0 +1,26 @@
[
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=x86_64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -Dappenv_EXPORTS -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/appenv.dir/appenv.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/appenv.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/appenv.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/CMakeFiles/appenv.dir/appenv.c.o"
},
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=x86_64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/fipsdemo.dir/jni_bridge.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/jni_bridge.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/jni_bridge.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/CMakeFiles/fipsdemo.dir/jni_bridge.c.o"
},
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=x86_64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/fipsdemo.dir/fips_init.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/CMakeFiles/fipsdemo.dir/fips_init.c.o"
},
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=x86_64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/fipsdemo.dir/fips_init_android.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init_android.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init_android.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/CMakeFiles/fipsdemo.dir/fips_init_android.c.o"
}
]
samples/android/app/.cxx/Debug/6m305623/x86_64/compile_commands.json.bin
BIN
View File
Binary file not shown.
samples/android/app/.cxx/Debug/6m305623/x86_64/configure_fingerprint.bin
+29
View File
@@ -0,0 +1,29 @@
C/C++ Structured Log

ƒ/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/additional_project_files.txtC
A
?com.android.build.gradle.internal.cxx.io.EncodedFileFingerPrint   Ñѯß3  ¶¬’¯ß3†
ƒ
/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/android_gradle_build.json   Ñѯß3° ·¬’¯ß3‹
ˆ
/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/android_gradle_build_mini.json   Ñѯß3â ¹¬’¯ß3v
t
r/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/build.ninja   Ñѯß3Éš ®¬’¯ß3z
x
v/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/build.ninja.txt   Ñѯß3
}
{/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/build_file_index.txt   Ñѯß3
g Á±ù®ß3€
~
|/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/compile_commands.json   Ñѯß3˜% ®¬’¯ß3†
ƒ
/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/compile_commands.json.bin   Ñѯß3 å
®¬’¯ß3Œ

/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/metadata_generation_command.txt   Ñѯß3
 À±ù®ß3}
{
y/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/prefab_config.json   Ñѯß3
 ( À±ù®ß3ƒ

~/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/symbol_folder_index.txt   Ñѯß3
samples/android/app/.cxx/Debug/6m305623/x86_64/metadata_generation_command.txt
+18
View File
@@ -0,0 +1,18 @@
-H/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp
-DCMAKE_SYSTEM_NAME=Android
-DCMAKE_EXPORT_COMPILE_COMMANDS=ON
-DCMAKE_SYSTEM_VERSION=24
-DANDROID_PLATFORM=android-24
-DANDROID_ABI=x86_64
-DCMAKE_ANDROID_ARCH_ABI=x86_64
-DANDROID_NDK=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973
-DCMAKE_ANDROID_NDK=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973
-DCMAKE_TOOLCHAIN_FILE=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/build/cmake/android.toolchain.cmake
-DCMAKE_MAKE_PROGRAM=/Users/chrisfahlin/Library/Android/sdk/cmake/4.1.2/bin/ninja
-DCMAKE_LIBRARY_OUTPUT_DIRECTORY=/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64
-DCMAKE_RUNTIME_OUTPUT_DIRECTORY=/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64
-DCMAKE_BUILD_TYPE=Debug
-B/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64
-GNinja
Build command args: []
Version: 2
samples/android/app/.cxx/Debug/6m305623/x86_64/prefab_config.json
+4
View File
@@ -0,0 +1,4 @@
{
"enabled": false,
"packages": []
}
samples/android/app/.cxx/Debug/6m305623/x86_64/symbol_folder_index.txt
+1
View File
@@ -0,0 +1 @@
/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/build/intermediates/cxx/Debug/6m305623/obj/x86_64
samples/android/app/.cxx/tools/debug/arm64-v8a/compile_commands.json
+26
View File
@@ -0,0 +1,26 @@
[
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=aarch64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -Dappenv_EXPORTS -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/appenv.dir/appenv.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/appenv.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/appenv.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/CMakeFiles/appenv.dir/appenv.c.o"
},
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=aarch64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/fipsdemo.dir/jni_bridge.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/jni_bridge.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/jni_bridge.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/CMakeFiles/fipsdemo.dir/jni_bridge.c.o"
},
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=aarch64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/fipsdemo.dir/fips_init.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/CMakeFiles/fipsdemo.dir/fips_init.c.o"
},
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=aarch64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/fipsdemo.dir/fips_init_android.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init_android.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init_android.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/arm64-v8a/CMakeFiles/fipsdemo.dir/fips_init_android.c.o"
}
]
samples/android/app/.cxx/tools/debug/x86_64/compile_commands.json
+26
View File
@@ -0,0 +1,26 @@
[
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=x86_64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -Dappenv_EXPORTS -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/appenv.dir/appenv.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/appenv.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/appenv.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/CMakeFiles/appenv.dir/appenv.c.o"
},
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=x86_64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/fipsdemo.dir/jni_bridge.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/jni_bridge.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/jni_bridge.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/CMakeFiles/fipsdemo.dir/jni_bridge.c.o"
},
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=x86_64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/fipsdemo.dir/fips_init.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/CMakeFiles/fipsdemo.dir/fips_init.c.o"
},
{
"directory": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64",
"command": "/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=x86_64-none-linux-android24 --sysroot=/Users/chrisfahlin/Library/Android/sdk/ndk/27.0.12077973/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -DSQLITE_HAS_CODEC -Dfipsdemo_EXPORTS -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp -I/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/include -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fno-limit-debug-info -fPIC -o CMakeFiles/fipsdemo.dir/fips_init_android.c.o -c /Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init_android.c",
"file": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/src/main/cpp/fips_init_android.c",
"output": "/Users/chrisfahlin/Documents/Experiments/fips-sqlcipher/samples/android/app/.cxx/Debug/6m305623/x86_64/CMakeFiles/fipsdemo.dir/fips_init_android.c.o"
}
]
samples/android/app/build.gradle.kts
+75
View File
@@ -0,0 +1,75 @@
plugins {
id("com.android.application")
id("org.jetbrains.kotlin.android")
id("org.jetbrains.kotlin.plugin.compose")
}
android {
namespace = "com.example.fipsdemo"
compileSdk = 35
defaultConfig {
applicationId = "com.example.fipsdemo"
minSdk = 24
targetSdk = 35
versionCode = 1
versionName = "1.0"
ndk {
abiFilters += setOf("arm64-v8a", "x86_64")
}
externalNativeBuild {
cmake {
cppFlags += ""
}
}
}
buildTypes {
release {
isMinifyEnabled = false
}
}
compileOptions {
sourceCompatibility = JavaVersion.VERSION_17
targetCompatibility = JavaVersion.VERSION_17
}
kotlinOptions {
jvmTarget = "17"
}
buildFeatures {
compose = true
}
externalNativeBuild {
cmake {
path = file("src/main/cpp/CMakeLists.txt")
version = "3.22.1+"
}
}
// Critical for FIPS: do not strip libfips.so (per install.md step 2)
packaging {
jniLibs {
keepDebugSymbols += setOf("**/libfips.so")
useLegacyPackaging = false
}
}
}
dependencies {
// AAR from out/ directory (per install.md step 1)
implementation(files("libs/fips-sqlcipher.aar"))
implementation("androidx.core:core-ktx:1.15.0")
implementation("androidx.lifecycle:lifecycle-runtime-ktx:2.8.7")
implementation("androidx.activity:activity-compose:1.9.3")
implementation(platform("androidx.compose:compose-bom:2024.12.01"))
implementation("androidx.compose.ui:ui")
implementation("androidx.compose.ui:ui-graphics")
implementation("androidx.compose.material3:material3")
}
samples/android/app/src/main/AndroidManifest.xml
+16
View File
@@ -0,0 +1,16 @@
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android">
<application
android:allowBackup="false"
android:label="FIPS Demo"
android:theme="@style/Theme.FIPSDemo">
<activity
android:name=".MainActivity"
android:exported="true">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
</application>
</manifest>
samples/android/app/src/main/cpp/CMakeLists.txt
+34
View File
@@ -0,0 +1,34 @@
cmake_minimum_required(VERSION 3.22)
project(fipsdemo C)
# 16 KB page alignment (required for Google Play targeting Android 15+)
set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -Wl,-z,max-page-size=16384")
# Pre-built libs staged by bootstrap.sh (extracts from the AAR)
set(JNILIBS "${CMAKE_SOURCE_DIR}/../jniLibs/${ANDROID_ABI}")
# Import shared libraries from the AAR
add_library(crypto SHARED IMPORTED)
set_target_properties(crypto PROPERTIES IMPORTED_LOCATION "${JNILIBS}/libcrypto.so")
add_library(sqlcipher SHARED IMPORTED)
set_target_properties(sqlcipher PROPERTIES IMPORTED_LOCATION "${JNILIBS}/libsqlcipher.so")
# Headers: OpenSSL + sqlite3 staged from the dist, plus our fips_init.h
set(STAGED_INCLUDE "${CMAKE_SOURCE_DIR}/include")
# 1. appenv: setenv-only shim. No OpenSSL deps so it can be loaded BEFORE
# libcrypto/libfips, letting us set OPENSSL_CONF before the FIPS provider
# constructor runs.
add_library(appenv SHARED appenv.c)
target_link_libraries(appenv PRIVATE log)
# 2. Main JNI bridge: FIPS checks + SQLCipher operations.
add_library(fipsdemo SHARED
jni_bridge.c
fips_init.c
fips_init_android.c
)
target_include_directories(fipsdemo PRIVATE "${CMAKE_SOURCE_DIR}" "${STAGED_INCLUDE}")
target_compile_definitions(fipsdemo PRIVATE SQLITE_HAS_CODEC)
target_link_libraries(fipsdemo PRIVATE crypto sqlcipher log)
samples/android/app/src/main/cpp/appenv.c
+17
View File
@@ -0,0 +1,17 @@
// appenv.c -- minimal setenv shim, deliberately free of OpenSSL deps.
// Loaded BEFORE libcrypto so that OPENSSL_CONF, FIPSMODULE_CNF, and
// OPENSSL_MODULES are in the process environment before OpenSSL initializes.
#include <jni.h>
#include <stdlib.h>
JNIEXPORT jint JNICALL
Java_com_example_fipsdemo_FipsNative_setenv(JNIEnv *env, jclass cls,
jstring jname, jstring jvalue) {
(void)cls;
const char *n = (*env)->GetStringUTFChars(env, jname, NULL);
const char *v = (*env)->GetStringUTFChars(env, jvalue, NULL);
int rc = setenv(n, v, 1);
(*env)->ReleaseStringUTFChars(env, jname, n);
(*env)->ReleaseStringUTFChars(env, jvalue, v);
return rc;
}
samples/android/app/src/main/cpp/fips_init.c
+121
View File
@@ -0,0 +1,121 @@
// SPDX-License-Identifier: Apache-2.0
#include "fips_init.h"
#include <openssl/provider.h>
#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
#ifdef __ANDROID__
#include <android/log.h>
#define LOG_TAG "fips_init"
#define LOGE(...) __android_log_print(ANDROID_LOG_ERROR, LOG_TAG, __VA_ARGS__)
#define LOGI(...) __android_log_print(ANDROID_LOG_INFO, LOG_TAG, __VA_ARGS__)
#else
#define LOGE(...) fprintf(stderr, "fips_init: " __VA_ARGS__)
#define LOGI(...) ((void)0)
#endif
#ifdef _WIN32
#include <io.h>
#define ACCESS _access
#define F_OK 0
#else
#include <unistd.h>
#define ACCESS access
#endif
static OSSL_PROVIDER *g_fips_provider = NULL;
static OSSL_PROVIDER *g_base_provider = NULL;
const char *fips_init_status_str(fips_init_status_t status) {
switch (status) {
case FIPS_INIT_OK: return "FIPS initialization succeeded";
case FIPS_INIT_ERR_CONF_MISSING: return "openssl.cnf not found at specified path";
case FIPS_INIT_ERR_MODULE_MISSING:return "FIPS provider module not found in module_dir";
case FIPS_INIT_ERR_PROVIDER_LOAD: return "OSSL_PROVIDER_load(\"fips\") failed (HMAC integrity check may have failed)";
case FIPS_INIT_ERR_SELF_TEST: return "FIPS self-test (POST/KAT) failed";
case FIPS_INIT_ERR_PROPERTY_SET: return "Failed to set default FIPS property query";
}
return "unknown status";
}
fips_init_status_t fips_init(const char *module_dir, const char *conf_path) {
if (g_fips_provider) {
return FIPS_INIT_OK;
}
// Point OPENSSL_MODULES to the directory containing the FIPS provider binary
if (module_dir && module_dir[0]) {
#ifdef __ANDROID__
// Android: libfips.so
char probe[4096];
snprintf(probe, sizeof(probe), "%s/libfips.so", module_dir);
if (ACCESS(probe, F_OK) != 0) {
LOGE("FIPS module not found: %s\n", probe);
return FIPS_INIT_ERR_MODULE_MISSING;
}
#else
// iOS: fips.dylib
char probe[4096];
snprintf(probe, sizeof(probe), "%s/fips.dylib", module_dir);
if (ACCESS(probe, F_OK) != 0) {
LOGE("FIPS module not found: %s\n", probe);
return FIPS_INIT_ERR_MODULE_MISSING;
}
#endif
setenv("OPENSSL_MODULES", module_dir, 1);
}
// Set OPENSSL_CONF if a config path was provided
if (conf_path && conf_path[0]) {
if (ACCESS(conf_path, F_OK) != 0) {
LOGE("Config not found: %s\n", conf_path);
return FIPS_INIT_ERR_CONF_MISSING;
}
setenv("OPENSSL_CONF", conf_path, 1);
}
// Load the FIPS provider. This triggers the incore HMAC-SHA256 integrity
// check followed by the Known Answer Tests (KATs). If the module was
// modified post-build (stripped, compressed, re-signed incorrectly), this
// call will fail.
g_fips_provider = OSSL_PROVIDER_load(NULL, "fips");
if (!g_fips_provider) {
unsigned long err = ERR_peek_last_error();
LOGE("FIPS provider load failed: %s\n", ERR_reason_error_string(err));
return FIPS_INIT_ERR_PROVIDER_LOAD;
}
// Load the base provider (needed for encoders/decoders that aren't in FIPS)
g_base_provider = OSSL_PROVIDER_load(NULL, "base");
// Run the self-test explicitly to confirm POST passes
if (OSSL_PROVIDER_self_test(g_fips_provider) != 1) {
LOGE("FIPS self-test failed after provider load\n");
OSSL_PROVIDER_unload(g_fips_provider);
g_fips_provider = NULL;
return FIPS_INIT_ERR_SELF_TEST;
}
// Set the default property query to "fips=yes" so all algorithm fetches
// are restricted to FIPS-approved implementations only.
if (EVP_set_default_properties(NULL, "fips=yes") != 1) {
LOGE("Failed to set fips=yes default properties\n");
return FIPS_INIT_ERR_PROPERTY_SET;
}
LOGI("FIPS provider loaded and self-test passed\n");
return FIPS_INIT_OK;
}
int fips_self_test_rerun(void) {
if (!g_fips_provider) return 0;
return OSSL_PROVIDER_self_test(g_fips_provider) == 1 ? 1 : 0;
}
int fips_provider_is_active(void) {
return OSSL_PROVIDER_available(NULL, "fips") == 1 ? 1 : 0;
}
samples/android/app/src/main/cpp/fips_init.h
+71
View File
@@ -0,0 +1,71 @@
// SPDX-License-Identifier: Apache-2.0
// FIPS module initialization and HMAC integrity validation for on-device use.
//
// Call fips_init() once at app startup BEFORE any OpenSSL or SQLCipher
// operation. It configures the OpenSSL library context to load the FIPS
// provider from the bundled module path and triggers the mandatory Power-On
// Self-Test (POST), which includes HMAC-SHA256 integrity verification of the
// provider's .text and .rodata sections.
//
// Thread safety: call exactly once from the main thread before spawning
// workers that use crypto.
#ifndef FIPS_INIT_H
#define FIPS_INIT_H
#ifdef __cplusplus
extern "C" {
#endif
typedef enum {
FIPS_INIT_OK = 0,
FIPS_INIT_ERR_CONF_MISSING,
FIPS_INIT_ERR_MODULE_MISSING,
FIPS_INIT_ERR_PROVIDER_LOAD,
FIPS_INIT_ERR_SELF_TEST,
FIPS_INIT_ERR_PROPERTY_SET,
} fips_init_status_t;
// Human-readable description of a status code.
const char *fips_init_status_str(fips_init_status_t status);
// Initialize OpenSSL with FIPS provider from the given paths.
//
// module_dir: directory containing libfips.so (Android) or fips.dylib (iOS)
// conf_path: path to openssl.cnf that .includes fipsmodule.cnf
// (NULL = use OPENSSL_CONF env var, or generate minimal config)
//
// On Android, call this AFTER extracting assets/fips/* to the app's filesDir.
// On iOS, pass the path within the app bundle where fips.dylib is embedded.
//
// Returns FIPS_INIT_OK on success. On failure, the FIPS provider is NOT active
// and all crypto operations will fail (which is the correct behavior — you MUST
// NOT proceed with plaintext fallback under FIPS requirements).
fips_init_status_t fips_init(const char *module_dir, const char *conf_path);
// Re-run the FIPS self-test on demand (e.g., after app resume from background).
// The provider must already be loaded via fips_init().
// Returns 1 on success, 0 on failure.
int fips_self_test_rerun(void);
// Query whether the FIPS provider is currently active in the default context.
int fips_provider_is_active(void);
#ifdef __ANDROID__
// Android convenience: takes Context.getFilesDir() and
// ApplicationInfo.nativeLibraryDir paths. Handles OPENSSL_MODULES and
// FIPSMODULE_CNF env setup before calling fips_init().
fips_init_status_t fips_init_android(const char *files_dir,
const char *native_lib_dir);
#endif
#if defined(__APPLE__) && !defined(__ANDROID__)
// iOS convenience: takes the path to the fips/ directory inside the app bundle
// (e.g., [[NSBundle mainBundle] resourcePath] + "/fips").
fips_init_status_t fips_init_ios(const char *bundle_fips_dir);
#endif
#ifdef __cplusplus
}
#endif
#endif // FIPS_INIT_H
samples/android/app/src/main/cpp/fips_init_android.c
+61
View File
@@ -0,0 +1,61 @@
// SPDX-License-Identifier: Apache-2.0
// Android-specific FIPS initialization helper.
//
// On Android, the FIPS provider (libfips.so) is shipped inside the APK's
// jniLibs/<abi>/ and loaded via System.loadLibrary. The openssl.cnf is
// shipped in assets/fips/ and must be extracted to the app's internal storage
// before OpenSSL reads it.
//
// This file provides fips_init_android() which takes the app's files directory
// (Context.getFilesDir()) and handles:
// 1. Pointing OPENSSL_MODULES to the nativeLibraryDir (where Android unpacks .so)
// 2. Generating fipsmodule.cnf via the incore HMAC (on first run)
// 3. Calling fips_init() with the resolved paths
//
// The fipsmodule.cnf generation is equivalent to running:
// openssl fipsinstall -module libfips.so -out fipsmodule.cnf
// but done programmatically since we can't run the openssl CLI on device.
#ifdef __ANDROID__
#include "fips_init.h"
#include <openssl/provider.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/params.h>
#include <openssl/core_names.h>
#include <android/log.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/stat.h>
#define LOG_TAG "fips_init_android"
#define LOGE(...) __android_log_print(ANDROID_LOG_ERROR, LOG_TAG, __VA_ARGS__)
#define LOGI(...) __android_log_print(ANDROID_LOG_INFO, LOG_TAG, __VA_ARGS__)
fips_init_status_t fips_init_android(const char *files_dir,
const char *native_lib_dir) {
if (!files_dir || !native_lib_dir) {
return FIPS_INIT_ERR_MODULE_MISSING;
}
char conf_dir[4096];
char conf_path[4096];
char module_cnf_path[4096];
snprintf(conf_dir, sizeof(conf_dir), "%s/fips", files_dir);
snprintf(conf_path, sizeof(conf_path), "%s/fips/openssl.cnf", files_dir);
snprintf(module_cnf_path, sizeof(module_cnf_path), "%s/fips/fipsmodule.cnf", files_dir);
// FIPSMODULE_CNF is no longer required by the minimal openssl.cnf shipped
// in the AAR. The FIPS provider is loaded programmatically below.
// Set it anyway for compatibility with custom configs that may .include it.
setenv("FIPSMODULE_CNF", module_cnf_path, 1);
// The native_lib_dir is where Android extracts jniLibs .so files at install.
// This is typically /data/app/<pkg>/lib/<abi>/ and contains libfips.so.
return fips_init(native_lib_dir, conf_path);
}
#endif // __ANDROID__
samples/android/app/src/main/cpp/fips_sqlcipher.h
+31
View File
@@ -0,0 +1,31 @@
// SPDX-License-Identifier: Apache-2.0
// C/C++ interop header for FIPS-SQLCipher builds.
// Wraps OpenSSL and SQLCipher headers in extern "C" to prevent C++ name
// mangling and avoids pulling libc++ symbols into the FIPS module boundary.
#ifndef FIPS_SQLCIPHER_H
#define FIPS_SQLCIPHER_H
#ifdef __cplusplus
extern "C" {
#endif
#include <openssl/provider.h>
#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <sqlite3.h>
#ifdef __cplusplus
}
#endif
// When compiling C++ translation units that link against the FIPS provider:
// - Do NOT pass -fno-rtti or -fno-exceptions to the OpenSSL/SQLCipher
// object files themselves (they are pure C).
// - Your C++ code CAN use any RTTI/exception settings freely because the
// FIPS "incore" HMAC covers only the provider's .text/.rodata, not yours.
// - Avoid ODR violations: do not statically link libc++ into a shared lib
// that also dlopen()s libfips.so on Android. Use the NDK's shared libc++
// (the default) or link everything statically.
#endif // FIPS_SQLCIPHER_H
samples/android/app/src/main/cpp/fips_verify.hpp
+82
View File
@@ -0,0 +1,82 @@
// SPDX-License-Identifier: Apache-2.0
// C++ verification class for FIPS-SQLCipher runtime compliance.
// Safe to compile with -frtti -fexceptions; does not affect FIPS HMAC.
#ifndef FIPS_VERIFY_HPP
#define FIPS_VERIFY_HPP
#include "fips_sqlcipher.h"
#include <string>
#include <stdexcept>
namespace fips {
struct VerifyResult {
bool provider_active;
bool self_test_passed;
bool cipher_fips_status;
std::string openssl_version;
};
class Verifier {
public:
static VerifyResult check_all(sqlite3 *db) {
VerifyResult r{};
r.provider_active = check_provider();
r.self_test_passed = check_self_test();
r.openssl_version = get_openssl_version();
r.cipher_fips_status = check_cipher_fips_status(db);
return r;
}
static bool check_provider() {
return OSSL_PROVIDER_available(nullptr, "fips") == 1;
}
static bool check_self_test() {
OSSL_PROVIDER *fips = OSSL_PROVIDER_load(nullptr, "fips");
if (!fips) return false;
int rc = OSSL_PROVIDER_self_test(fips);
OSSL_PROVIDER_unload(fips);
return rc == 1;
}
static std::string get_openssl_version() {
return OpenSSL_version(OPENSSL_VERSION);
}
// Executes PRAGMA cipher_fips_status on an open, keyed database.
// Returns true if the pragma returns 1 (FIPS mode active in SQLCipher).
static bool check_cipher_fips_status(sqlite3 *db) {
if (!db) return false;
sqlite3_stmt *stmt = nullptr;
int rc = sqlite3_prepare_v2(db, "PRAGMA cipher_fips_status;", -1, &stmt, nullptr);
if (rc != SQLITE_OK || !stmt) return false;
bool result = false;
if (sqlite3_step(stmt) == SQLITE_ROW) {
result = sqlite3_column_int(stmt, 0) == 1;
}
sqlite3_finalize(stmt);
return result;
}
// Convenience: open a database, key it, verify FIPS, close it.
static VerifyResult verify_with_key(const std::string &path, const std::string &key) {
sqlite3 *db = nullptr;
int rc = sqlite3_open(path.c_str(), &db);
if (rc != SQLITE_OK) {
throw std::runtime_error("sqlite3_open failed: " + std::string(sqlite3_errmsg(db)));
}
rc = sqlite3_key(db, key.c_str(), static_cast<int>(key.size()));
if (rc != SQLITE_OK) {
sqlite3_close(db);
throw std::runtime_error("sqlite3_key failed");
}
VerifyResult result = check_all(db);
sqlite3_close(db);
return result;
}
};
} // namespace fips
#endif // FIPS_VERIFY_HPP
samples/android/app/src/main/cpp/include/openssl/aes.h
+111
View File
@@ -0,0 +1,111 @@
/*
* Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_AES_H
# define OPENSSL_AES_H
# pragma once
# include <openssl/macros.h>
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define HEADER_AES_H
# endif
# include <openssl/opensslconf.h>
# include <stddef.h>
# ifdef __cplusplus
extern "C" {
# endif
# define AES_BLOCK_SIZE 16
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define AES_ENCRYPT 1
# define AES_DECRYPT 0
# define AES_MAXNR 14
/* This should be a hidden type, but EVP requires that the size be known */
struct aes_key_st {
# ifdef AES_LONG
unsigned long rd_key[4 * (AES_MAXNR + 1)];
# else
unsigned int rd_key[4 * (AES_MAXNR + 1)];
# endif
int rounds;
};
typedef struct aes_key_st AES_KEY;
# endif
# ifndef OPENSSL_NO_DEPRECATED_3_0
OSSL_DEPRECATEDIN_3_0 const char *AES_options(void);
OSSL_DEPRECATEDIN_3_0
int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
OSSL_DEPRECATEDIN_3_0
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
OSSL_DEPRECATEDIN_3_0
void AES_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
OSSL_DEPRECATEDIN_3_0
void AES_decrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
OSSL_DEPRECATEDIN_3_0
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key, const int enc);
OSSL_DEPRECATEDIN_3_0
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char *ivec, const int enc);
OSSL_DEPRECATEDIN_3_0
void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc);
OSSL_DEPRECATEDIN_3_0
void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc);
OSSL_DEPRECATEDIN_3_0
void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc);
OSSL_DEPRECATEDIN_3_0
void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char *ivec, int *num);
/* NB: the IV is _two_ blocks long */
OSSL_DEPRECATEDIN_3_0
void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char *ivec, const int enc);
/* NB: the IV is _four_ blocks long */
OSSL_DEPRECATEDIN_3_0
void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key, const AES_KEY *key2,
const unsigned char *ivec, const int enc);
OSSL_DEPRECATEDIN_3_0
int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
unsigned char *out, const unsigned char *in,
unsigned int inlen);
OSSL_DEPRECATEDIN_3_0
int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
unsigned char *out, const unsigned char *in,
unsigned int inlen);
# endif
# ifdef __cplusplus
}
# endif
#endif
samples/android/app/src/main/cpp/include/openssl/asn1.h
+1128
View File
File diff suppressed because it is too large Load Diff
samples/android/app/src/main/cpp/include/openssl/asn1_mac.h
+10
View File
@@ -0,0 +1,10 @@
/*
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#error "This file is obsolete; please update your software."
samples/android/app/src/main/cpp/include/openssl/asn1err.h
+140
View File
@@ -0,0 +1,140 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_ASN1ERR_H
# define OPENSSL_ASN1ERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# include <openssl/cryptoerr_legacy.h>
/*
* ASN1 reason codes.
*/
# define ASN1_R_ADDING_OBJECT 171
# define ASN1_R_ASN1_PARSE_ERROR 203
# define ASN1_R_ASN1_SIG_PARSE_ERROR 204
# define ASN1_R_AUX_ERROR 100
# define ASN1_R_BAD_OBJECT_HEADER 102
# define ASN1_R_BAD_TEMPLATE 230
# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214
# define ASN1_R_BN_LIB 105
# define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
# define ASN1_R_BUFFER_TOO_SMALL 107
# define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
# define ASN1_R_CONTEXT_NOT_INITIALISED 217
# define ASN1_R_DATA_IS_WRONG 109
# define ASN1_R_DECODE_ERROR 110
# define ASN1_R_DEPTH_EXCEEDED 174
# define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198
# define ASN1_R_ENCODE_ERROR 112
# define ASN1_R_ERROR_GETTING_TIME 173
# define ASN1_R_ERROR_LOADING_SECTION 172
# define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114
# define ASN1_R_EXPECTING_AN_INTEGER 115
# define ASN1_R_EXPECTING_AN_OBJECT 116
# define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119
# define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120
# define ASN1_R_FIELD_MISSING 121
# define ASN1_R_FIRST_NUM_TOO_LARGE 122
# define ASN1_R_HEADER_TOO_LONG 123
# define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175
# define ASN1_R_ILLEGAL_BOOLEAN 176
# define ASN1_R_ILLEGAL_CHARACTERS 124
# define ASN1_R_ILLEGAL_FORMAT 177
# define ASN1_R_ILLEGAL_HEX 178
# define ASN1_R_ILLEGAL_IMPLICIT_TAG 179
# define ASN1_R_ILLEGAL_INTEGER 180
# define ASN1_R_ILLEGAL_NEGATIVE_VALUE 226
# define ASN1_R_ILLEGAL_NESTED_TAGGING 181
# define ASN1_R_ILLEGAL_NULL 125
# define ASN1_R_ILLEGAL_NULL_VALUE 182
# define ASN1_R_ILLEGAL_OBJECT 183
# define ASN1_R_ILLEGAL_OPTIONAL_ANY 126
# define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170
# define ASN1_R_ILLEGAL_PADDING 221
# define ASN1_R_ILLEGAL_TAGGED_ANY 127
# define ASN1_R_ILLEGAL_TIME_VALUE 184
# define ASN1_R_ILLEGAL_ZERO_CONTENT 222
# define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
# define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
# define ASN1_R_INVALID_BMPSTRING_LENGTH 129
# define ASN1_R_INVALID_DIGIT 130
# define ASN1_R_INVALID_MIME_TYPE 205
# define ASN1_R_INVALID_MODIFIER 186
# define ASN1_R_INVALID_NUMBER 187
# define ASN1_R_INVALID_OBJECT_ENCODING 216
# define ASN1_R_INVALID_SCRYPT_PARAMETERS 227
# define ASN1_R_INVALID_SEPARATOR 131
# define ASN1_R_INVALID_STRING_TABLE_VALUE 218
# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
# define ASN1_R_INVALID_UTF8STRING 134
# define ASN1_R_INVALID_VALUE 219
# define ASN1_R_LENGTH_TOO_LONG 231
# define ASN1_R_LIST_ERROR 188
# define ASN1_R_MIME_NO_CONTENT_TYPE 206
# define ASN1_R_MIME_PARSE_ERROR 207
# define ASN1_R_MIME_SIG_PARSE_ERROR 208
# define ASN1_R_MISSING_EOC 137
# define ASN1_R_MISSING_SECOND_NUMBER 138
# define ASN1_R_MISSING_VALUE 189
# define ASN1_R_MSTRING_NOT_UNIVERSAL 139
# define ASN1_R_MSTRING_WRONG_TAG 140
# define ASN1_R_NESTED_ASN1_STRING 197
# define ASN1_R_NESTED_TOO_DEEP 201
# define ASN1_R_NON_HEX_CHARACTERS 141
# define ASN1_R_NOT_ASCII_FORMAT 190
# define ASN1_R_NOT_ENOUGH_DATA 142
# define ASN1_R_NO_CONTENT_TYPE 209
# define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
# define ASN1_R_NO_MULTIPART_BODY_FAILURE 210
# define ASN1_R_NO_MULTIPART_BOUNDARY 211
# define ASN1_R_NO_SIG_CONTENT_TYPE 212
# define ASN1_R_NULL_IS_WRONG_LENGTH 144
# define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
# define ASN1_R_ODD_NUMBER_OF_CHARS 145
# define ASN1_R_SECOND_NUMBER_TOO_LARGE 147
# define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148
# define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
# define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
# define ASN1_R_SHORT_LINE 150
# define ASN1_R_SIG_INVALID_MIME_TYPE 213
# define ASN1_R_STREAMING_NOT_SUPPORTED 202
# define ASN1_R_STRING_TOO_LONG 151
# define ASN1_R_STRING_TOO_SHORT 152
# define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
# define ASN1_R_TIME_NOT_ASCII_FORMAT 193
# define ASN1_R_TOO_LARGE 223
# define ASN1_R_TOO_LONG 155
# define ASN1_R_TOO_SMALL 224
# define ASN1_R_TYPE_NOT_CONSTRUCTED 156
# define ASN1_R_TYPE_NOT_PRIMITIVE 195
# define ASN1_R_UNEXPECTED_EOC 159
# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215
# define ASN1_R_UNKNOWN_DIGEST 229
# define ASN1_R_UNKNOWN_FORMAT 160
# define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
# define ASN1_R_UNKNOWN_OBJECT_TYPE 162
# define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
# define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199
# define ASN1_R_UNKNOWN_TAG 194
# define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
# define ASN1_R_UNSUPPORTED_CIPHER 228
# define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
# define ASN1_R_UNSUPPORTED_TYPE 196
# define ASN1_R_WRONG_INTEGER_TYPE 225
# define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200
# define ASN1_R_WRONG_TAG 168
#endif
samples/android/app/src/main/cpp/include/openssl/asn1t.h
+946
View File
@@ -0,0 +1,946 @@
/*
* WARNING: do not edit!
* Generated by Makefile from include/openssl/asn1t.h.in
*
* Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_ASN1T_H
# define OPENSSL_ASN1T_H
# pragma once
# include <openssl/macros.h>
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define HEADER_ASN1T_H
# endif
# include <stddef.h>
# include <openssl/e_os2.h>
# include <openssl/asn1.h>
# ifdef OPENSSL_BUILD_SHLIBCRYPTO
# undef OPENSSL_EXTERN
# define OPENSSL_EXTERN OPENSSL_EXPORT
# endif
/* ASN1 template defines, structures and functions */
#ifdef __cplusplus
extern "C" {
#endif
/*-
* These are the possible values for the itype field of the
* ASN1_ITEM structure and determine how it is interpreted.
*
* For PRIMITIVE types the underlying type
* determines the behaviour if items is NULL.
*
* Otherwise templates must contain a single
* template and the type is treated in the
* same way as the type specified in the template.
*
* For SEQUENCE types the templates field points
* to the members, the size field is the
* structure size.
*
* For CHOICE types the templates field points
* to each possible member (typically a union)
* and the 'size' field is the offset of the
* selector.
*
* The 'funcs' field is used for application-specific
* data and functions.
*
* The EXTERN type uses a new style d2i/i2d.
* The new style should be used where possible
* because it avoids things like the d2i IMPLICIT
* hack.
*
* MSTRING is a multiple string type, it is used
* for a CHOICE of character strings where the
* actual strings all occupy an ASN1_STRING
* structure. In this case the 'utype' field
* has a special meaning, it is used as a mask
* of acceptable types using the B_ASN1 constants.
*
* NDEF_SEQUENCE is the same as SEQUENCE except
* that it will use indefinite length constructed
* encoding if requested.
*
*/
# define ASN1_ITYPE_PRIMITIVE 0x0
# define ASN1_ITYPE_SEQUENCE 0x1
# define ASN1_ITYPE_CHOICE 0x2
/* unused value 0x3 */
# define ASN1_ITYPE_EXTERN 0x4
# define ASN1_ITYPE_MSTRING 0x5
# define ASN1_ITYPE_NDEF_SEQUENCE 0x6
/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)((iptr)()))
/* Macros for start and end of ASN1_ITEM definition */
# define ASN1_ITEM_start(itname) \
const ASN1_ITEM * itname##_it(void) \
{ \
static const ASN1_ITEM local_it = {
# define static_ASN1_ITEM_start(itname) \
static ASN1_ITEM_start(itname)
# define ASN1_ITEM_end(itname) \
}; \
return &local_it; \
}
/* Macros to aid ASN1 template writing */
# define ASN1_ITEM_TEMPLATE(tname) \
static const ASN1_TEMPLATE tname##_item_tt
# define ASN1_ITEM_TEMPLATE_END(tname) \
;\
ASN1_ITEM_start(tname) \
ASN1_ITYPE_PRIMITIVE,\
-1,\
&tname##_item_tt,\
0,\
NULL,\
0,\
#tname \
ASN1_ITEM_end(tname)
# define static_ASN1_ITEM_TEMPLATE_END(tname) \
;\
static_ASN1_ITEM_start(tname) \
ASN1_ITYPE_PRIMITIVE,\
-1,\
&tname##_item_tt,\
0,\
NULL,\
0,\
#tname \
ASN1_ITEM_end(tname)
/* This is a ASN1 type which just embeds a template */
/*-
* This pair helps declare a SEQUENCE. We can do:
*
* ASN1_SEQUENCE(stname) = {
* ... SEQUENCE components ...
* } ASN1_SEQUENCE_END(stname)
*
* This will produce an ASN1_ITEM called stname_it
* for a structure called stname.
*
* If you want the same structure but a different
* name then use:
*
* ASN1_SEQUENCE(itname) = {
* ... SEQUENCE components ...
* } ASN1_SEQUENCE_END_name(stname, itname)
*
* This will create an item called itname_it using
* a structure called stname.
*/
# define ASN1_SEQUENCE(tname) \
static const ASN1_TEMPLATE tname##_seq_tt[]
# define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
# define static_ASN1_SEQUENCE_END(stname) static_ASN1_SEQUENCE_END_name(stname, stname)
# define ASN1_SEQUENCE_END_name(stname, tname) \
;\
ASN1_ITEM_start(tname) \
ASN1_ITYPE_SEQUENCE,\
V_ASN1_SEQUENCE,\
tname##_seq_tt,\
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
NULL,\
sizeof(stname),\
#tname \
ASN1_ITEM_end(tname)
# define static_ASN1_SEQUENCE_END_name(stname, tname) \
;\
static_ASN1_ITEM_start(tname) \
ASN1_ITYPE_SEQUENCE,\
V_ASN1_SEQUENCE,\
tname##_seq_tt,\
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
NULL,\
sizeof(stname),\
#stname \
ASN1_ITEM_end(tname)
# define ASN1_NDEF_SEQUENCE(tname) \
ASN1_SEQUENCE(tname)
# define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
ASN1_SEQUENCE_cb(tname, cb)
# define ASN1_SEQUENCE_cb(tname, cb) \
static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0, NULL}; \
ASN1_SEQUENCE(tname)
# define ASN1_SEQUENCE_const_cb(tname, const_cb) \
static const ASN1_AUX tname##_aux = \
{NULL, ASN1_AFLG_CONST_CB, 0, 0, NULL, 0, const_cb}; \
ASN1_SEQUENCE(tname)
# define ASN1_SEQUENCE_cb_const_cb(tname, cb, const_cb) \
static const ASN1_AUX tname##_aux = \
{NULL, ASN1_AFLG_CONST_CB, 0, 0, cb, 0, const_cb}; \
ASN1_SEQUENCE(tname)
# define ASN1_SEQUENCE_ref(tname, cb) \
static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), offsetof(tname, lock), cb, 0, NULL}; \
ASN1_SEQUENCE(tname)
# define ASN1_SEQUENCE_enc(tname, enc, cb) \
static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc), NULL}; \
ASN1_SEQUENCE(tname)
# define ASN1_NDEF_SEQUENCE_END(tname) \
;\
ASN1_ITEM_start(tname) \
ASN1_ITYPE_NDEF_SEQUENCE,\
V_ASN1_SEQUENCE,\
tname##_seq_tt,\
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
NULL,\
sizeof(tname),\
#tname \
ASN1_ITEM_end(tname)
# define static_ASN1_NDEF_SEQUENCE_END(tname) \
;\
static_ASN1_ITEM_start(tname) \
ASN1_ITYPE_NDEF_SEQUENCE,\
V_ASN1_SEQUENCE,\
tname##_seq_tt,\
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
NULL,\
sizeof(tname),\
#tname \
ASN1_ITEM_end(tname)
# define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
# define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
# define static_ASN1_SEQUENCE_END_cb(stname, tname) static_ASN1_SEQUENCE_END_ref(stname, tname)
# define ASN1_SEQUENCE_END_ref(stname, tname) \
;\
ASN1_ITEM_start(tname) \
ASN1_ITYPE_SEQUENCE,\
V_ASN1_SEQUENCE,\
tname##_seq_tt,\
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
&tname##_aux,\
sizeof(stname),\
#tname \
ASN1_ITEM_end(tname)
# define static_ASN1_SEQUENCE_END_ref(stname, tname) \
;\
static_ASN1_ITEM_start(tname) \
ASN1_ITYPE_SEQUENCE,\
V_ASN1_SEQUENCE,\
tname##_seq_tt,\
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
&tname##_aux,\
sizeof(stname),\
#stname \
ASN1_ITEM_end(tname)
# define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
;\
ASN1_ITEM_start(tname) \
ASN1_ITYPE_NDEF_SEQUENCE,\
V_ASN1_SEQUENCE,\
tname##_seq_tt,\
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
&tname##_aux,\
sizeof(stname),\
#stname \
ASN1_ITEM_end(tname)
/*-
* This pair helps declare a CHOICE type. We can do:
*
* ASN1_CHOICE(chname) = {
* ... CHOICE options ...
* ASN1_CHOICE_END(chname)
*
* This will produce an ASN1_ITEM called chname_it
* for a structure called chname. The structure
* definition must look like this:
* typedef struct {
* int type;
* union {
* ASN1_SOMETHING *opt1;
* ASN1_SOMEOTHER *opt2;
* } value;
* } chname;
*
* the name of the selector must be 'type'.
* to use an alternative selector name use the
* ASN1_CHOICE_END_selector() version.
*/
# define ASN1_CHOICE(tname) \
static const ASN1_TEMPLATE tname##_ch_tt[]
# define ASN1_CHOICE_cb(tname, cb) \
static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0, NULL}; \
ASN1_CHOICE(tname)
# define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
# define static_ASN1_CHOICE_END(stname) static_ASN1_CHOICE_END_name(stname, stname)
# define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
# define static_ASN1_CHOICE_END_name(stname, tname) static_ASN1_CHOICE_END_selector(stname, tname, type)
# define ASN1_CHOICE_END_selector(stname, tname, selname) \
;\
ASN1_ITEM_start(tname) \
ASN1_ITYPE_CHOICE,\
offsetof(stname,selname) ,\
tname##_ch_tt,\
sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
NULL,\
sizeof(stname),\
#stname \
ASN1_ITEM_end(tname)
# define static_ASN1_CHOICE_END_selector(stname, tname, selname) \
;\
static_ASN1_ITEM_start(tname) \
ASN1_ITYPE_CHOICE,\
offsetof(stname,selname) ,\
tname##_ch_tt,\
sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
NULL,\
sizeof(stname),\
#stname \
ASN1_ITEM_end(tname)
# define ASN1_CHOICE_END_cb(stname, tname, selname) \
;\
ASN1_ITEM_start(tname) \
ASN1_ITYPE_CHOICE,\
offsetof(stname,selname) ,\
tname##_ch_tt,\
sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
&tname##_aux,\
sizeof(stname),\
#stname \
ASN1_ITEM_end(tname)
/* This helps with the template wrapper form of ASN1_ITEM */
# define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
(flags), (tag), 0,\
#name, ASN1_ITEM_ref(type) }
/* These help with SEQUENCE or CHOICE components */
/* used to declare other types */
# define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
(flags), (tag), offsetof(stname, field),\
#field, ASN1_ITEM_ref(type) }
/* implicit and explicit helper macros */
# define ASN1_IMP_EX(stname, field, type, tag, ex) \
ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | (ex), tag, stname, field, type)
# define ASN1_EXP_EX(stname, field, type, tag, ex) \
ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | (ex), tag, stname, field, type)
/* Any defined by macros: the field used is in the table itself */
# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
/* Plain simple type */
# define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
/* Embedded simple type */
# define ASN1_EMBED(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_EMBED,0, stname, field, type)
/* OPTIONAL simple type */
# define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
# define ASN1_OPT_EMBED(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED, 0, stname, field, type)
/* IMPLICIT tagged simple type */
# define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
# define ASN1_IMP_EMBED(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_EMBED)
/* IMPLICIT tagged OPTIONAL simple type */
# define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
# define ASN1_IMP_OPT_EMBED(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED)
/* Same as above but EXPLICIT */
# define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
# define ASN1_EXP_EMBED(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_EMBED)
# define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
# define ASN1_EXP_OPT_EMBED(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED)
/* SEQUENCE OF type */
# define ASN1_SEQUENCE_OF(stname, field, type) \
ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
/* OPTIONAL SEQUENCE OF */
# define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
/* Same as above but for SET OF */
# define ASN1_SET_OF(stname, field, type) \
ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
# define ASN1_SET_OF_OPT(stname, field, type) \
ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
# define ASN1_IMP_SET_OF(stname, field, type, tag) \
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
# define ASN1_EXP_SET_OF(stname, field, type, tag) \
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
# define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
# define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
# define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
# define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
# define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
# define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
/* EXPLICIT using indefinite length constructed form */
# define ASN1_NDEF_EXP(stname, field, type, tag) \
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
/* EXPLICIT OPTIONAL using indefinite length constructed form */
# define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
/* Macros for the ASN1_ADB structure */
# define ASN1_ADB(name) \
static const ASN1_ADB_TABLE name##_adbtbl[]
# define ASN1_ADB_END(name, flags, field, adb_cb, def, none) \
;\
static const ASN1_ITEM *name##_adb(void) \
{ \
static const ASN1_ADB internal_adb = \
{\
flags,\
offsetof(name, field),\
adb_cb,\
name##_adbtbl,\
sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
def,\
none\
}; \
return (const ASN1_ITEM *) &internal_adb; \
} \
void dummy_function(void)
# define ADB_ENTRY(val, template) {val, template}
# define ASN1_ADB_TEMPLATE(name) \
static const ASN1_TEMPLATE name##_tt
/*
* This is the ASN1 template structure that defines a wrapper round the
* actual type. It determines the actual position of the field in the value
* structure, various flags such as OPTIONAL and the field name.
*/
struct ASN1_TEMPLATE_st {
unsigned long flags; /* Various flags */
long tag; /* tag, not used if no tagging */
unsigned long offset; /* Offset of this field in structure */
const char *field_name; /* Field name */
ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */
};
/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
# define ASN1_TEMPLATE_item(t) (t->item_ptr)
# define ASN1_TEMPLATE_adb(t) (t->item_ptr)
typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
typedef struct ASN1_ADB_st ASN1_ADB;
struct ASN1_ADB_st {
unsigned long flags; /* Various flags */
unsigned long offset; /* Offset of selector field */
int (*adb_cb)(long *psel); /* Application callback */
const ASN1_ADB_TABLE *tbl; /* Table of possible types */
long tblcount; /* Number of entries in tbl */
const ASN1_TEMPLATE *default_tt; /* Type to use if no match */
const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */
};
struct ASN1_ADB_TABLE_st {
long value; /* NID for an object or value for an int */
const ASN1_TEMPLATE tt; /* item for this value */
};
/* template flags */
/* Field is optional */
# define ASN1_TFLG_OPTIONAL (0x1)
/* Field is a SET OF */
# define ASN1_TFLG_SET_OF (0x1 << 1)
/* Field is a SEQUENCE OF */
# define ASN1_TFLG_SEQUENCE_OF (0x2 << 1)
/*
* Special case: this refers to a SET OF that will be sorted into DER order
* when encoded *and* the corresponding STACK will be modified to match the
* new order.
*/
# define ASN1_TFLG_SET_ORDER (0x3 << 1)
/* Mask for SET OF or SEQUENCE OF */
# define ASN1_TFLG_SK_MASK (0x3 << 1)
/*
* These flags mean the tag should be taken from the tag field. If EXPLICIT
* then the underlying type is used for the inner tag.
*/
/* IMPLICIT tagging */
# define ASN1_TFLG_IMPTAG (0x1 << 3)
/* EXPLICIT tagging, inner tag from underlying type */
# define ASN1_TFLG_EXPTAG (0x2 << 3)
# define ASN1_TFLG_TAG_MASK (0x3 << 3)
/* context specific IMPLICIT */
# define ASN1_TFLG_IMPLICIT (ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT)
/* context specific EXPLICIT */
# define ASN1_TFLG_EXPLICIT (ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT)
/*
* If tagging is in force these determine the type of tag to use. Otherwise
* the tag is determined by the underlying type. These values reflect the
* actual octet format.
*/
/* Universal tag */
# define ASN1_TFLG_UNIVERSAL (0x0<<6)
/* Application tag */
# define ASN1_TFLG_APPLICATION (0x1<<6)
/* Context specific tag */
# define ASN1_TFLG_CONTEXT (0x2<<6)
/* Private tag */
# define ASN1_TFLG_PRIVATE (0x3<<6)
# define ASN1_TFLG_TAG_CLASS (0x3<<6)
/*
* These are for ANY DEFINED BY type. In this case the 'item' field points to
* an ASN1_ADB structure which contains a table of values to decode the
* relevant type
*/
# define ASN1_TFLG_ADB_MASK (0x3<<8)
# define ASN1_TFLG_ADB_OID (0x1<<8)
# define ASN1_TFLG_ADB_INT (0x1<<9)
/*
* This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
* indefinite length constructed encoding to be used if required.
*/
# define ASN1_TFLG_NDEF (0x1<<11)
/* Field is embedded and not a pointer */
# define ASN1_TFLG_EMBED (0x1 << 12)
/* This is the actual ASN1 item itself */
struct ASN1_ITEM_st {
char itype; /* The item type, primitive, SEQUENCE, CHOICE
* or extern */
long utype; /* underlying type */
const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains
* the contents */
long tcount; /* Number of templates if SEQUENCE or CHOICE */
const void *funcs; /* further data and type-specific functions */
/* funcs can be ASN1_PRIMITIVE_FUNCS*, ASN1_EXTERN_FUNCS*, or ASN1_AUX* */
long size; /* Structure size (usually) */
const char *sname; /* Structure name */
};
/*
* Cache for ASN1 tag and length, so we don't keep re-reading it for things
* like CHOICE
*/
struct ASN1_TLC_st {
char valid; /* Values below are valid */
int ret; /* return value */
long plen; /* length */
int ptag; /* class value */
int pclass; /* class value */
int hdrlen; /* header length */
};
/* Typedefs for ASN1 function pointers */
typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_ITEM *it, int tag, int aclass, char opt,
ASN1_TLC *ctx);
typedef int ASN1_ex_d2i_ex(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_ITEM *it, int tag, int aclass, char opt,
ASN1_TLC *ctx, OSSL_LIB_CTX *libctx,
const char *propq);
typedef int ASN1_ex_i2d(const ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);
typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
typedef int ASN1_ex_new_ex_func(ASN1_VALUE **pval, const ASN1_ITEM *it,
OSSL_LIB_CTX *libctx, const char *propq);
typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
typedef int ASN1_ex_print_func(BIO *out, const ASN1_VALUE **pval,
int indent, const char *fname,
const ASN1_PCTX *pctx);
typedef int ASN1_primitive_i2c(const ASN1_VALUE **pval, unsigned char *cont,
int *putype, const ASN1_ITEM *it);
typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont,
int len, int utype, char *free_cont,
const ASN1_ITEM *it);
typedef int ASN1_primitive_print(BIO *out, const ASN1_VALUE **pval,
const ASN1_ITEM *it, int indent,
const ASN1_PCTX *pctx);
typedef struct ASN1_EXTERN_FUNCS_st {
void *app_data;
ASN1_ex_new_func *asn1_ex_new;
ASN1_ex_free_func *asn1_ex_free;
ASN1_ex_free_func *asn1_ex_clear;
ASN1_ex_d2i *asn1_ex_d2i;
ASN1_ex_i2d *asn1_ex_i2d;
ASN1_ex_print_func *asn1_ex_print;
ASN1_ex_new_ex_func *asn1_ex_new_ex;
ASN1_ex_d2i_ex *asn1_ex_d2i_ex;
} ASN1_EXTERN_FUNCS;
typedef struct ASN1_PRIMITIVE_FUNCS_st {
void *app_data;
unsigned long flags;
ASN1_ex_new_func *prim_new;
ASN1_ex_free_func *prim_free;
ASN1_ex_free_func *prim_clear;
ASN1_primitive_c2i *prim_c2i;
ASN1_primitive_i2c *prim_i2c;
ASN1_primitive_print *prim_print;
} ASN1_PRIMITIVE_FUNCS;
/*
* This is the ASN1_AUX structure: it handles various miscellaneous
* requirements. For example the use of reference counts and an informational
* callback. The "informational callback" is called at various points during
* the ASN1 encoding and decoding. It can be used to provide minor
* customisation of the structures used. This is most useful where the
* supplied routines *almost* do the right thing but need some extra help at
* a few points. If the callback returns zero then it is assumed a fatal
* error has occurred and the main operation should be abandoned. If major
* changes in the default behaviour are required then an external type is
* more appropriate.
* For the operations ASN1_OP_I2D_PRE, ASN1_OP_I2D_POST, ASN1_OP_PRINT_PRE, and
* ASN1_OP_PRINT_POST, meanwhile a variant of the callback with const parameter
* 'in' is provided to make clear statically that its input is not modified. If
* and only if this variant is in use the flag ASN1_AFLG_CONST_CB must be set.
*/
typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
void *exarg);
typedef int ASN1_aux_const_cb(int operation, const ASN1_VALUE **in,
const ASN1_ITEM *it, void *exarg);
typedef struct ASN1_AUX_st {
void *app_data;
int flags;
int ref_offset; /* Offset of reference value */
int ref_lock; /* Offset of lock value */
ASN1_aux_cb *asn1_cb;
int enc_offset; /* Offset of ASN1_ENCODING structure */
ASN1_aux_const_cb *asn1_const_cb; /* for ASN1_OP_I2D_ and ASN1_OP_PRINT_ */
} ASN1_AUX;
/* For print related callbacks exarg points to this structure */
typedef struct ASN1_PRINT_ARG_st {
BIO *out;
int indent;
const ASN1_PCTX *pctx;
} ASN1_PRINT_ARG;
/* For streaming related callbacks exarg points to this structure */
typedef struct ASN1_STREAM_ARG_st {
/* BIO to stream through */
BIO *out;
/* BIO with filters appended */
BIO *ndef_bio;
/* Streaming I/O boundary */
unsigned char **boundary;
} ASN1_STREAM_ARG;
/* Flags in ASN1_AUX */
/* Use a reference count */
# define ASN1_AFLG_REFCOUNT 1
/* Save the encoding of structure (useful for signatures) */
# define ASN1_AFLG_ENCODING 2
/* The Sequence length is invalid */
# define ASN1_AFLG_BROKEN 4
/* Use the new asn1_const_cb */
# define ASN1_AFLG_CONST_CB 8
/* operation values for asn1_cb */
# define ASN1_OP_NEW_PRE 0
# define ASN1_OP_NEW_POST 1
# define ASN1_OP_FREE_PRE 2
# define ASN1_OP_FREE_POST 3
# define ASN1_OP_D2I_PRE 4
# define ASN1_OP_D2I_POST 5
# define ASN1_OP_I2D_PRE 6
# define ASN1_OP_I2D_POST 7
# define ASN1_OP_PRINT_PRE 8
# define ASN1_OP_PRINT_POST 9
# define ASN1_OP_STREAM_PRE 10
# define ASN1_OP_STREAM_POST 11
# define ASN1_OP_DETACHED_PRE 12
# define ASN1_OP_DETACHED_POST 13
# define ASN1_OP_DUP_PRE 14
# define ASN1_OP_DUP_POST 15
# define ASN1_OP_GET0_LIBCTX 16
# define ASN1_OP_GET0_PROPQ 17
/* Macro to implement a primitive type */
# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
ASN1_ITEM_start(itname) \
ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
ASN1_ITEM_end(itname)
/* Macro to implement a multi string type */
# define IMPLEMENT_ASN1_MSTRING(itname, mask) \
ASN1_ITEM_start(itname) \
ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
ASN1_ITEM_end(itname)
# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
ASN1_ITEM_start(sname) \
ASN1_ITYPE_EXTERN, \
tag, \
NULL, \
0, \
&fptrs, \
0, \
#sname \
ASN1_ITEM_end(sname)
/* Macro to implement standard functions in terms of ASN1_ITEM structures */
# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
pre stname *fname##_new(void) \
{ \
return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
} \
pre void fname##_free(stname *a) \
{ \
ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
}
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
stname *fname##_new(void) \
{ \
return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
} \
void fname##_free(stname *a) \
{ \
ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
}
# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
{ \
return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
} \
int i2d_##fname(const stname *a, unsigned char **out) \
{ \
return ASN1_item_i2d((const ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
}
# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
int i2d_##stname##_NDEF(const stname *a, unsigned char **out) \
{ \
return ASN1_item_ndef_i2d((const ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
}
# define IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(stname) \
static stname *d2i_##stname(stname **a, \
const unsigned char **in, long len) \
{ \
return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, \
ASN1_ITEM_rptr(stname)); \
} \
static int i2d_##stname(const stname *a, unsigned char **out) \
{ \
return ASN1_item_i2d((const ASN1_VALUE *)a, out, \
ASN1_ITEM_rptr(stname)); \
}
# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
stname * stname##_dup(const stname *x) \
{ \
return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
}
# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
int fname##_print_ctx(BIO *out, const stname *x, int indent, \
const ASN1_PCTX *pctx) \
{ \
return ASN1_item_print(out, (const ASN1_VALUE *)x, indent, \
ASN1_ITEM_rptr(itname), pctx); \
}
/* external definitions for primitive types */
DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
DECLARE_ASN1_ITEM(CBIGNUM)
DECLARE_ASN1_ITEM(BIGNUM)
DECLARE_ASN1_ITEM(INT32)
DECLARE_ASN1_ITEM(ZINT32)
DECLARE_ASN1_ITEM(UINT32)
DECLARE_ASN1_ITEM(ZUINT32)
DECLARE_ASN1_ITEM(INT64)
DECLARE_ASN1_ITEM(ZINT64)
DECLARE_ASN1_ITEM(UINT64)
DECLARE_ASN1_ITEM(ZUINT64)
# ifndef OPENSSL_NO_DEPRECATED_3_0
/*
* LONG and ZLONG are strongly discouraged for use as stored data, as the
* underlying C type (long) differs in size depending on the architecture.
* They are designed with 32-bit longs in mind.
*/
DECLARE_ASN1_ITEM(LONG)
DECLARE_ASN1_ITEM(ZLONG)
# endif
SKM_DEFINE_STACK_OF_INTERNAL(ASN1_VALUE, ASN1_VALUE, ASN1_VALUE)
#define sk_ASN1_VALUE_num(sk) OPENSSL_sk_num(ossl_check_const_ASN1_VALUE_sk_type(sk))
#define sk_ASN1_VALUE_value(sk, idx) ((ASN1_VALUE *)OPENSSL_sk_value(ossl_check_const_ASN1_VALUE_sk_type(sk), (idx)))
#define sk_ASN1_VALUE_new(cmp) ((STACK_OF(ASN1_VALUE) *)OPENSSL_sk_new(ossl_check_ASN1_VALUE_compfunc_type(cmp)))
#define sk_ASN1_VALUE_new_null() ((STACK_OF(ASN1_VALUE) *)OPENSSL_sk_new_null())
#define sk_ASN1_VALUE_new_reserve(cmp, n) ((STACK_OF(ASN1_VALUE) *)OPENSSL_sk_new_reserve(ossl_check_ASN1_VALUE_compfunc_type(cmp), (n)))
#define sk_ASN1_VALUE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ASN1_VALUE_sk_type(sk), (n))
#define sk_ASN1_VALUE_free(sk) OPENSSL_sk_free(ossl_check_ASN1_VALUE_sk_type(sk))
#define sk_ASN1_VALUE_zero(sk) OPENSSL_sk_zero(ossl_check_ASN1_VALUE_sk_type(sk))
#define sk_ASN1_VALUE_delete(sk, i) ((ASN1_VALUE *)OPENSSL_sk_delete(ossl_check_ASN1_VALUE_sk_type(sk), (i)))
#define sk_ASN1_VALUE_delete_ptr(sk, ptr) ((ASN1_VALUE *)OPENSSL_sk_delete_ptr(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr)))
#define sk_ASN1_VALUE_push(sk, ptr) OPENSSL_sk_push(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr))
#define sk_ASN1_VALUE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr))
#define sk_ASN1_VALUE_pop(sk) ((ASN1_VALUE *)OPENSSL_sk_pop(ossl_check_ASN1_VALUE_sk_type(sk)))
#define sk_ASN1_VALUE_shift(sk) ((ASN1_VALUE *)OPENSSL_sk_shift(ossl_check_ASN1_VALUE_sk_type(sk)))
#define sk_ASN1_VALUE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ASN1_VALUE_sk_type(sk),ossl_check_ASN1_VALUE_freefunc_type(freefunc))
#define sk_ASN1_VALUE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr), (idx))
#define sk_ASN1_VALUE_set(sk, idx, ptr) ((ASN1_VALUE *)OPENSSL_sk_set(ossl_check_ASN1_VALUE_sk_type(sk), (idx), ossl_check_ASN1_VALUE_type(ptr)))
#define sk_ASN1_VALUE_find(sk, ptr) OPENSSL_sk_find(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr))
#define sk_ASN1_VALUE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr))
#define sk_ASN1_VALUE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr), pnum)
#define sk_ASN1_VALUE_sort(sk) OPENSSL_sk_sort(ossl_check_ASN1_VALUE_sk_type(sk))
#define sk_ASN1_VALUE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ASN1_VALUE_sk_type(sk))
#define sk_ASN1_VALUE_dup(sk) ((STACK_OF(ASN1_VALUE) *)OPENSSL_sk_dup(ossl_check_const_ASN1_VALUE_sk_type(sk)))
#define sk_ASN1_VALUE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ASN1_VALUE) *)OPENSSL_sk_deep_copy(ossl_check_const_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_copyfunc_type(copyfunc), ossl_check_ASN1_VALUE_freefunc_type(freefunc)))
#define sk_ASN1_VALUE_set_cmp_func(sk, cmp) ((sk_ASN1_VALUE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_compfunc_type(cmp)))
/* Functions used internally by the ASN1 code */
int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_ITEM *it, int tag, int aclass, char opt,
ASN1_TLC *ctx);
int ASN1_item_ex_i2d(const ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);
/* Legacy compatibility */
# define IMPLEMENT_ASN1_FUNCTIONS_const(name) IMPLEMENT_ASN1_FUNCTIONS(name)
# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname)
#ifdef __cplusplus
}
#endif
#endif
samples/android/app/src/main/cpp/include/openssl/async.h
+96
View File
@@ -0,0 +1,96 @@
/*
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdlib.h>
#ifndef OPENSSL_ASYNC_H
# define OPENSSL_ASYNC_H
# pragma once
# include <openssl/macros.h>
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define HEADER_ASYNC_H
# endif
#if defined(_WIN32)
# if defined(BASETYPES) || defined(_WINDEF_H)
/* application has to include <windows.h> to use this */
#define OSSL_ASYNC_FD HANDLE
#define OSSL_BAD_ASYNC_FD INVALID_HANDLE_VALUE
# endif
#else
#define OSSL_ASYNC_FD int
#define OSSL_BAD_ASYNC_FD -1
#endif
# include <openssl/asyncerr.h>
# ifdef __cplusplus
extern "C" {
# endif
typedef struct async_job_st ASYNC_JOB;
typedef struct async_wait_ctx_st ASYNC_WAIT_CTX;
typedef int (*ASYNC_callback_fn)(void *arg);
#define ASYNC_ERR 0
#define ASYNC_NO_JOBS 1
#define ASYNC_PAUSE 2
#define ASYNC_FINISH 3
#define ASYNC_STATUS_UNSUPPORTED 0
#define ASYNC_STATUS_ERR 1
#define ASYNC_STATUS_OK 2
#define ASYNC_STATUS_EAGAIN 3
int ASYNC_init_thread(size_t max_size, size_t init_size);
void ASYNC_cleanup_thread(void);
#ifdef OSSL_ASYNC_FD
ASYNC_WAIT_CTX *ASYNC_WAIT_CTX_new(void);
void ASYNC_WAIT_CTX_free(ASYNC_WAIT_CTX *ctx);
int ASYNC_WAIT_CTX_set_wait_fd(ASYNC_WAIT_CTX *ctx, const void *key,
OSSL_ASYNC_FD fd,
void *custom_data,
void (*cleanup)(ASYNC_WAIT_CTX *, const void *,
OSSL_ASYNC_FD, void *));
int ASYNC_WAIT_CTX_get_fd(ASYNC_WAIT_CTX *ctx, const void *key,
OSSL_ASYNC_FD *fd, void **custom_data);
int ASYNC_WAIT_CTX_get_all_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *fd,
size_t *numfds);
int ASYNC_WAIT_CTX_get_callback(ASYNC_WAIT_CTX *ctx,
ASYNC_callback_fn *callback,
void **callback_arg);
int ASYNC_WAIT_CTX_set_callback(ASYNC_WAIT_CTX *ctx,
ASYNC_callback_fn callback,
void *callback_arg);
int ASYNC_WAIT_CTX_set_status(ASYNC_WAIT_CTX *ctx, int status);
int ASYNC_WAIT_CTX_get_status(ASYNC_WAIT_CTX *ctx);
int ASYNC_WAIT_CTX_get_changed_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *addfd,
size_t *numaddfds, OSSL_ASYNC_FD *delfd,
size_t *numdelfds);
int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void *key);
#endif
int ASYNC_is_capable(void);
int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *ctx, int *ret,
int (*func)(void *), void *args, size_t size);
int ASYNC_pause_job(void);
ASYNC_JOB *ASYNC_get_current_job(void);
ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
void ASYNC_block_pause(void);
void ASYNC_unblock_pause(void);
# ifdef __cplusplus
}
# endif
#endif
samples/android/app/src/main/cpp/include/openssl/asyncerr.h
+29
View File
@@ -0,0 +1,29 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_ASYNCERR_H
# define OPENSSL_ASYNCERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# include <openssl/cryptoerr_legacy.h>
/*
* ASYNC reason codes.
*/
# define ASYNC_R_FAILED_TO_SET_POOL 101
# define ASYNC_R_FAILED_TO_SWAP_CONTEXT 102
# define ASYNC_R_INIT_FAILED 105
# define ASYNC_R_INVALID_POOL_SIZE 103
#endif
samples/android/app/src/main/cpp/include/openssl/bio.h
+887
View File
@@ -0,0 +1,887 @@
/*
* WARNING: do not edit!
* Generated by Makefile from include/openssl/bio.h.in
*
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_BIO_H
# define OPENSSL_BIO_H
# pragma once
# include <openssl/macros.h>
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define HEADER_BIO_H
# endif
# include <openssl/e_os2.h>
# ifndef OPENSSL_NO_STDIO
# include <stdio.h>
# endif
# include <stdarg.h>
# include <openssl/crypto.h>
# include <openssl/bioerr.h>
# include <openssl/core.h>
#ifdef __cplusplus
extern "C" {
#endif
/* There are the classes of BIOs */
# define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */
# define BIO_TYPE_FILTER 0x0200
# define BIO_TYPE_SOURCE_SINK 0x0400
/* These are the 'types' of BIOs */
# define BIO_TYPE_NONE 0
# define BIO_TYPE_MEM ( 1|BIO_TYPE_SOURCE_SINK)
# define BIO_TYPE_FILE ( 2|BIO_TYPE_SOURCE_SINK)
# define BIO_TYPE_FD ( 4|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
# define BIO_TYPE_SOCKET ( 5|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
# define BIO_TYPE_NULL ( 6|BIO_TYPE_SOURCE_SINK)
# define BIO_TYPE_SSL ( 7|BIO_TYPE_FILTER)
# define BIO_TYPE_MD ( 8|BIO_TYPE_FILTER)
# define BIO_TYPE_BUFFER ( 9|BIO_TYPE_FILTER)
# define BIO_TYPE_CIPHER (10|BIO_TYPE_FILTER)
# define BIO_TYPE_BASE64 (11|BIO_TYPE_FILTER)
# define BIO_TYPE_CONNECT (12|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
# define BIO_TYPE_ACCEPT (13|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
# define BIO_TYPE_NBIO_TEST (16|BIO_TYPE_FILTER)/* server proxy BIO */
# define BIO_TYPE_NULL_FILTER (17|BIO_TYPE_FILTER)
# define BIO_TYPE_BIO (19|BIO_TYPE_SOURCE_SINK)/* half a BIO pair */
# define BIO_TYPE_LINEBUFFER (20|BIO_TYPE_FILTER)
# define BIO_TYPE_DGRAM (21|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
# define BIO_TYPE_ASN1 (22|BIO_TYPE_FILTER)
# define BIO_TYPE_COMP (23|BIO_TYPE_FILTER)
# ifndef OPENSSL_NO_SCTP
# define BIO_TYPE_DGRAM_SCTP (24|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
# endif
# define BIO_TYPE_CORE_TO_PROV (25|BIO_TYPE_SOURCE_SINK)
#define BIO_TYPE_START 128
/*
* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
* BIO_set_fp(in,stdin,BIO_NOCLOSE);
*/
# define BIO_NOCLOSE 0x00
# define BIO_CLOSE 0x01
/*
* These are used in the following macros and are passed to BIO_ctrl()
*/
# define BIO_CTRL_RESET 1/* opt - rewind/zero etc */
# define BIO_CTRL_EOF 2/* opt - are we at the eof */
# define BIO_CTRL_INFO 3/* opt - extra tit-bits */
# define BIO_CTRL_SET 4/* man - set the 'IO' type */
# define BIO_CTRL_GET 5/* man - get the 'IO' type */
# define BIO_CTRL_PUSH 6/* opt - internal, used to signify change */
# define BIO_CTRL_POP 7/* opt - internal, used to signify change */
# define BIO_CTRL_GET_CLOSE 8/* man - set the 'close' on free */
# define BIO_CTRL_SET_CLOSE 9/* man - set the 'close' on free */
# define BIO_CTRL_PENDING 10/* opt - is their more data buffered */
# define BIO_CTRL_FLUSH 11/* opt - 'flush' buffered output */
# define BIO_CTRL_DUP 12/* man - extra stuff for 'duped' BIO */
# define BIO_CTRL_WPENDING 13/* opt - number of bytes still to write */
# define BIO_CTRL_SET_CALLBACK 14/* opt - set callback function */
# define BIO_CTRL_GET_CALLBACK 15/* opt - set callback function */
# define BIO_CTRL_PEEK 29/* BIO_f_buffer special */
# define BIO_CTRL_SET_FILENAME 30/* BIO_s_file special */
/* dgram BIO stuff */
# define BIO_CTRL_DGRAM_CONNECT 31/* BIO dgram special */
# define BIO_CTRL_DGRAM_SET_CONNECTED 32/* allow for an externally connected
* socket to be passed in */
# define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33/* setsockopt, essentially */
# define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34/* getsockopt, essentially */
# define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35/* setsockopt, essentially */
# define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36/* getsockopt, essentially */
# define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37/* flag whether the last */
# define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38/* I/O operation timed out */
/* #ifdef IP_MTU_DISCOVER */
# define BIO_CTRL_DGRAM_MTU_DISCOVER 39/* set DF bit on egress packets */
/* #endif */
# define BIO_CTRL_DGRAM_QUERY_MTU 40/* as kernel for current MTU */
# define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
# define BIO_CTRL_DGRAM_GET_MTU 41/* get cached value for MTU */
# define BIO_CTRL_DGRAM_SET_MTU 42/* set cached value for MTU.
* want to use this if asking
* the kernel fails */
# define BIO_CTRL_DGRAM_MTU_EXCEEDED 43/* check whether the MTU was
* exceed in the previous write
* operation */
# define BIO_CTRL_DGRAM_GET_PEER 46
# define BIO_CTRL_DGRAM_SET_PEER 44/* Destination for the data */
# define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45/* Next DTLS handshake timeout
* to adjust socket timeouts */
# define BIO_CTRL_DGRAM_SET_DONT_FRAG 48
# define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD 49
/* Deliberately outside of OPENSSL_NO_SCTP - used in bss_dgram.c */
# define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
# ifndef OPENSSL_NO_SCTP
/* SCTP stuff */
# define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51
# define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52
# define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53
# define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO 60
# define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO 61
# define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO 62
# define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO 63
# define BIO_CTRL_DGRAM_SCTP_GET_PRINFO 64
# define BIO_CTRL_DGRAM_SCTP_SET_PRINFO 65
# define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70
# endif
# define BIO_CTRL_DGRAM_SET_PEEK_MODE 71
/*
* internal BIO:
* # define BIO_CTRL_SET_KTLS_SEND 72
* # define BIO_CTRL_SET_KTLS_SEND_CTRL_MSG 74
* # define BIO_CTRL_CLEAR_KTLS_CTRL_MSG 75
*/
# define BIO_CTRL_GET_KTLS_SEND 73
# define BIO_CTRL_GET_KTLS_RECV 76
# define BIO_CTRL_DGRAM_SCTP_WAIT_FOR_DRY 77
# define BIO_CTRL_DGRAM_SCTP_MSG_WAITING 78
/* BIO_f_prefix controls */
# define BIO_CTRL_SET_PREFIX 79
# define BIO_CTRL_SET_INDENT 80
# define BIO_CTRL_GET_INDENT 81
# ifndef OPENSSL_NO_KTLS
# define BIO_get_ktls_send(b) \
(BIO_ctrl(b, BIO_CTRL_GET_KTLS_SEND, 0, NULL) > 0)
# define BIO_get_ktls_recv(b) \
(BIO_ctrl(b, BIO_CTRL_GET_KTLS_RECV, 0, NULL) > 0)
# else
# define BIO_get_ktls_send(b) (0)
# define BIO_get_ktls_recv(b) (0)
# endif
/* modifiers */
# define BIO_FP_READ 0x02
# define BIO_FP_WRITE 0x04
# define BIO_FP_APPEND 0x08
# define BIO_FP_TEXT 0x10
# define BIO_FLAGS_READ 0x01
# define BIO_FLAGS_WRITE 0x02
# define BIO_FLAGS_IO_SPECIAL 0x04
# define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
# define BIO_FLAGS_SHOULD_RETRY 0x08
# ifndef OPENSSL_NO_DEPRECATED_3_0
/* This #define was replaced by an internal constant and should not be used. */
# define BIO_FLAGS_UPLINK 0
# endif
# define BIO_FLAGS_BASE64_NO_NL 0x100
/*
* This is used with memory BIOs:
* BIO_FLAGS_MEM_RDONLY means we shouldn't free up or change the data in any way;
* BIO_FLAGS_NONCLEAR_RST means we shouldn't clear data on reset.
*/
# define BIO_FLAGS_MEM_RDONLY 0x200
# define BIO_FLAGS_NONCLEAR_RST 0x400
# define BIO_FLAGS_IN_EOF 0x800
/* the BIO FLAGS values 0x1000 to 0x4000 are reserved for internal KTLS flags */
typedef union bio_addr_st BIO_ADDR;
typedef struct bio_addrinfo_st BIO_ADDRINFO;
int BIO_get_new_index(void);
void BIO_set_flags(BIO *b, int flags);
int BIO_test_flags(const BIO *b, int flags);
void BIO_clear_flags(BIO *b, int flags);
# define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
# define BIO_set_retry_special(b) \
BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
# define BIO_set_retry_read(b) \
BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
# define BIO_set_retry_write(b) \
BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
/* These are normally used internally in BIOs */
# define BIO_clear_retry_flags(b) \
BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
# define BIO_get_retry_flags(b) \
BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
/* These should be used by the application to tell why we should retry */
# define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
# define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
# define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
/*
* The next three are used in conjunction with the BIO_should_io_special()
* condition. After this returns true, BIO *BIO_get_retry_BIO(BIO *bio, int
* *reason); will walk the BIO stack and return the 'reason' for the special
* and the offending BIO. Given a BIO, BIO_get_retry_reason(bio) will return
* the code.
*/
/*
* Returned from the SSL bio when the certificate retrieval code had an error
*/
# define BIO_RR_SSL_X509_LOOKUP 0x01
/* Returned from the connect BIO when a connect would have blocked */
# define BIO_RR_CONNECT 0x02
/* Returned from the accept BIO when an accept would have blocked */
# define BIO_RR_ACCEPT 0x03
/* These are passed by the BIO callback */
# define BIO_CB_FREE 0x01
# define BIO_CB_READ 0x02
# define BIO_CB_WRITE 0x03
# define BIO_CB_PUTS 0x04
# define BIO_CB_GETS 0x05
# define BIO_CB_CTRL 0x06
/*
* The callback is called before and after the underling operation, The
* BIO_CB_RETURN flag indicates if it is after the call
*/
# define BIO_CB_RETURN 0x80
# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
# define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
# define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
# ifndef OPENSSL_NO_DEPRECATED_3_0
typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
long argl, long ret);
OSSL_DEPRECATEDIN_3_0 BIO_callback_fn BIO_get_callback(const BIO *b);
OSSL_DEPRECATEDIN_3_0 void BIO_set_callback(BIO *b, BIO_callback_fn callback);
OSSL_DEPRECATEDIN_3_0 long BIO_debug_callback(BIO *bio, int cmd,
const char *argp, int argi,
long argl, long ret);
# endif
typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
size_t len, int argi,
long argl, int ret, size_t *processed);
BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
long BIO_debug_callback_ex(BIO *bio, int oper, const char *argp, size_t len,
int argi, long argl, int ret, size_t *processed);
char *BIO_get_callback_arg(const BIO *b);
void BIO_set_callback_arg(BIO *b, char *arg);
typedef struct bio_method_st BIO_METHOD;
const char *BIO_method_name(const BIO *b);
int BIO_method_type(const BIO *b);
typedef int BIO_info_cb(BIO *, int, int);
typedef BIO_info_cb bio_info_cb; /* backward compatibility */
SKM_DEFINE_STACK_OF_INTERNAL(BIO, BIO, BIO)
#define sk_BIO_num(sk) OPENSSL_sk_num(ossl_check_const_BIO_sk_type(sk))
#define sk_BIO_value(sk, idx) ((BIO *)OPENSSL_sk_value(ossl_check_const_BIO_sk_type(sk), (idx)))
#define sk_BIO_new(cmp) ((STACK_OF(BIO) *)OPENSSL_sk_new(ossl_check_BIO_compfunc_type(cmp)))
#define sk_BIO_new_null() ((STACK_OF(BIO) *)OPENSSL_sk_new_null())
#define sk_BIO_new_reserve(cmp, n) ((STACK_OF(BIO) *)OPENSSL_sk_new_reserve(ossl_check_BIO_compfunc_type(cmp), (n)))
#define sk_BIO_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_BIO_sk_type(sk), (n))
#define sk_BIO_free(sk) OPENSSL_sk_free(ossl_check_BIO_sk_type(sk))
#define sk_BIO_zero(sk) OPENSSL_sk_zero(ossl_check_BIO_sk_type(sk))
#define sk_BIO_delete(sk, i) ((BIO *)OPENSSL_sk_delete(ossl_check_BIO_sk_type(sk), (i)))
#define sk_BIO_delete_ptr(sk, ptr) ((BIO *)OPENSSL_sk_delete_ptr(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr)))
#define sk_BIO_push(sk, ptr) OPENSSL_sk_push(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr))
#define sk_BIO_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr))
#define sk_BIO_pop(sk) ((BIO *)OPENSSL_sk_pop(ossl_check_BIO_sk_type(sk)))
#define sk_BIO_shift(sk) ((BIO *)OPENSSL_sk_shift(ossl_check_BIO_sk_type(sk)))
#define sk_BIO_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_BIO_sk_type(sk),ossl_check_BIO_freefunc_type(freefunc))
#define sk_BIO_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr), (idx))
#define sk_BIO_set(sk, idx, ptr) ((BIO *)OPENSSL_sk_set(ossl_check_BIO_sk_type(sk), (idx), ossl_check_BIO_type(ptr)))
#define sk_BIO_find(sk, ptr) OPENSSL_sk_find(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr))
#define sk_BIO_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr))
#define sk_BIO_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr), pnum)
#define sk_BIO_sort(sk) OPENSSL_sk_sort(ossl_check_BIO_sk_type(sk))
#define sk_BIO_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_BIO_sk_type(sk))
#define sk_BIO_dup(sk) ((STACK_OF(BIO) *)OPENSSL_sk_dup(ossl_check_const_BIO_sk_type(sk)))
#define sk_BIO_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(BIO) *)OPENSSL_sk_deep_copy(ossl_check_const_BIO_sk_type(sk), ossl_check_BIO_copyfunc_type(copyfunc), ossl_check_BIO_freefunc_type(freefunc)))
#define sk_BIO_set_cmp_func(sk, cmp) ((sk_BIO_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_BIO_sk_type(sk), ossl_check_BIO_compfunc_type(cmp)))
/* Prefix and suffix callback in ASN1 BIO */
typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
void *parg);
typedef void (*BIO_dgram_sctp_notification_handler_fn) (BIO *b,
void *context,
void *buf);
# ifndef OPENSSL_NO_SCTP
/* SCTP parameter structs */
struct bio_dgram_sctp_sndinfo {
uint16_t snd_sid;
uint16_t snd_flags;
uint32_t snd_ppid;
uint32_t snd_context;
};
struct bio_dgram_sctp_rcvinfo {
uint16_t rcv_sid;
uint16_t rcv_ssn;
uint16_t rcv_flags;
uint32_t rcv_ppid;
uint32_t rcv_tsn;
uint32_t rcv_cumtsn;
uint32_t rcv_context;
};
struct bio_dgram_sctp_prinfo {
uint16_t pr_policy;
uint32_t pr_value;
};
# endif
/*
* #define BIO_CONN_get_param_hostname BIO_ctrl
*/
# define BIO_C_SET_CONNECT 100
# define BIO_C_DO_STATE_MACHINE 101
# define BIO_C_SET_NBIO 102
/* # define BIO_C_SET_PROXY_PARAM 103 */
# define BIO_C_SET_FD 104
# define BIO_C_GET_FD 105
# define BIO_C_SET_FILE_PTR 106
# define BIO_C_GET_FILE_PTR 107
# define BIO_C_SET_FILENAME 108
# define BIO_C_SET_SSL 109
# define BIO_C_GET_SSL 110
# define BIO_C_SET_MD 111
# define BIO_C_GET_MD 112
# define BIO_C_GET_CIPHER_STATUS 113
# define BIO_C_SET_BUF_MEM 114
# define BIO_C_GET_BUF_MEM_PTR 115
# define BIO_C_GET_BUFF_NUM_LINES 116
# define BIO_C_SET_BUFF_SIZE 117
# define BIO_C_SET_ACCEPT 118
# define BIO_C_SSL_MODE 119
# define BIO_C_GET_MD_CTX 120
/* # define BIO_C_GET_PROXY_PARAM 121 */
# define BIO_C_SET_BUFF_READ_DATA 122/* data to read first */
# define BIO_C_GET_CONNECT 123
# define BIO_C_GET_ACCEPT 124
# define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
# define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
# define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
# define BIO_C_FILE_SEEK 128
# define BIO_C_GET_CIPHER_CTX 129
# define BIO_C_SET_BUF_MEM_EOF_RETURN 130/* return end of input
* value */
# define BIO_C_SET_BIND_MODE 131
# define BIO_C_GET_BIND_MODE 132
# define BIO_C_FILE_TELL 133
# define BIO_C_GET_SOCKS 134
# define BIO_C_SET_SOCKS 135
# define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */
# define BIO_C_GET_WRITE_BUF_SIZE 137
# define BIO_C_MAKE_BIO_PAIR 138
# define BIO_C_DESTROY_BIO_PAIR 139
# define BIO_C_GET_WRITE_GUARANTEE 140
# define BIO_C_GET_READ_REQUEST 141
# define BIO_C_SHUTDOWN_WR 142
# define BIO_C_NREAD0 143
# define BIO_C_NREAD 144
# define BIO_C_NWRITE0 145
# define BIO_C_NWRITE 146
# define BIO_C_RESET_READ_REQUEST 147
# define BIO_C_SET_MD_CTX 148
# define BIO_C_SET_PREFIX 149
# define BIO_C_GET_PREFIX 150
# define BIO_C_SET_SUFFIX 151
# define BIO_C_GET_SUFFIX 152
# define BIO_C_SET_EX_ARG 153
# define BIO_C_GET_EX_ARG 154
# define BIO_C_SET_CONNECT_MODE 155
# define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
# define BIO_get_app_data(s) BIO_get_ex_data(s,0)
# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
# ifndef OPENSSL_NO_SOCK
/* IP families we support, for BIO_s_connect() and BIO_s_accept() */
/* Note: the underlying operating system may not support some of them */
# define BIO_FAMILY_IPV4 4
# define BIO_FAMILY_IPV6 6
# define BIO_FAMILY_IPANY 256
/* BIO_s_connect() */
# define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0, \
(char *)(name))
# define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1, \
(char *)(port))
# define BIO_set_conn_address(b,addr) BIO_ctrl(b,BIO_C_SET_CONNECT,2, \
(char *)(addr))
# define BIO_set_conn_ip_family(b,f) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,f)
# define BIO_get_conn_hostname(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0))
# define BIO_get_conn_port(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1))
# define BIO_get_conn_address(b) ((const BIO_ADDR *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2))
# define BIO_get_conn_ip_family(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL)
# define BIO_set_conn_mode(b,n) BIO_ctrl(b,BIO_C_SET_CONNECT_MODE,(n),NULL)
/* BIO_s_accept() */
# define BIO_set_accept_name(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0, \
(char *)(name))
# define BIO_set_accept_port(b,port) BIO_ctrl(b,BIO_C_SET_ACCEPT,1, \
(char *)(port))
# define BIO_get_accept_name(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0))
# define BIO_get_accept_port(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,1))
# define BIO_get_peer_name(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,2))
# define BIO_get_peer_port(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,3))
/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
# define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(n)?(void *)"a":NULL)
# define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,3, \
(char *)(bio))
# define BIO_set_accept_ip_family(b,f) BIO_int_ctrl(b,BIO_C_SET_ACCEPT,4,f)
# define BIO_get_accept_ip_family(b) BIO_ctrl(b,BIO_C_GET_ACCEPT,4,NULL)
/* Aliases kept for backward compatibility */
# define BIO_BIND_NORMAL 0
# define BIO_BIND_REUSEADDR BIO_SOCK_REUSEADDR
# define BIO_BIND_REUSEADDR_IF_UNUSED BIO_SOCK_REUSEADDR
# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
# define BIO_get_bind_mode(b) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
# endif /* OPENSSL_NO_SOCK */
# define BIO_do_connect(b) BIO_do_handshake(b)
# define BIO_do_accept(b) BIO_do_handshake(b)
# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
/* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() */
# define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
# define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)(c))
/* BIO_s_file() */
# define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)(fp))
# define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)(fpp))
/* BIO_s_fd() and BIO_s_file() */
# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
# define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
/*
* name is cast to lose const, but might be better to route through a
* function so we can do it safely
*/
# ifdef CONST_STRICT
/*
* If you are wondering why this isn't defined, its because CONST_STRICT is
* purely a compile-time kludge to allow const to be checked.
*/
int BIO_read_filename(BIO *b, const char *name);
# else
# define BIO_read_filename(b,name) (int)BIO_ctrl(b,BIO_C_SET_FILENAME, \
BIO_CLOSE|BIO_FP_READ,(char *)(name))
# endif
# define BIO_write_filename(b,name) (int)BIO_ctrl(b,BIO_C_SET_FILENAME, \
BIO_CLOSE|BIO_FP_WRITE,name)
# define BIO_append_filename(b,name) (int)BIO_ctrl(b,BIO_C_SET_FILENAME, \
BIO_CLOSE|BIO_FP_APPEND,name)
# define BIO_rw_filename(b,name) (int)BIO_ctrl(b,BIO_C_SET_FILENAME, \
BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
/*
* WARNING WARNING, this ups the reference count on the read bio of the SSL
* structure. This is because the ssl read BIO is now pointed to by the
* next_bio field in the bio. So when you free the BIO, make sure you are
* doing a BIO_free_all() to catch the underlying BIO.
*/
# define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)(ssl))
# define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)(sslp))
# define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
# define BIO_set_ssl_renegotiate_bytes(b,num) \
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL)
# define BIO_get_num_renegotiates(b) \
BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL)
# define BIO_set_ssl_renegotiate_timeout(b,seconds) \
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL)
/* defined in evp.h */
/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)(md)) */
# define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)(pp))
# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)(bm))
# define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0, \
(char *)(pp))
# define BIO_set_mem_eof_return(b,v) \
BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
/* For the BIO_f_buffer() type */
# define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
# define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
/* Don't use the next one unless you know what you are doing :-) */
# define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
# define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
# define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
# define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
# define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
# define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
# define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
/* ...pending macros have inappropriate return type */
size_t BIO_ctrl_pending(BIO *b);
size_t BIO_ctrl_wpending(BIO *b);
# define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
# define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
cbp)
# define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
/* For the BIO_f_buffer() type */
# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
# define BIO_buffer_peek(b,s,l) BIO_ctrl(b,BIO_CTRL_PEEK,(l),(s))
/* For BIO_s_bio() */
# define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
# define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
# define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
# define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
# define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
/* macros with inappropriate type -- but ...pending macros use int too: */
# define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
# define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
size_t BIO_ctrl_get_write_guarantee(BIO *b);
size_t BIO_ctrl_get_read_request(BIO *b);
int BIO_ctrl_reset_read_request(BIO *b);
/* ctrl macros for dgram */
# define BIO_ctrl_dgram_connect(b,peer) \
(int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)(peer))
# define BIO_ctrl_set_connected(b,peer) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, 0, (char *)(peer))
# define BIO_dgram_recv_timedout(b) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
# define BIO_dgram_send_timedout(b) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
# define BIO_dgram_get_peer(b,peer) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)(peer))
# define BIO_dgram_set_peer(b,peer) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)(peer))
# define BIO_dgram_get_mtu_overhead(b) \
(unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
/* ctrl macros for BIO_f_prefix */
# define BIO_set_prefix(b,p) BIO_ctrl((b), BIO_CTRL_SET_PREFIX, 0, (void *)(p))
# define BIO_set_indent(b,i) BIO_ctrl((b), BIO_CTRL_SET_INDENT, (i), NULL)
# define BIO_get_indent(b) BIO_ctrl((b), BIO_CTRL_GET_INDENT, 0, NULL)
#define BIO_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, l, p, newf, dupf, freef)
int BIO_set_ex_data(BIO *bio, int idx, void *data);
void *BIO_get_ex_data(const BIO *bio, int idx);
uint64_t BIO_number_read(BIO *bio);
uint64_t BIO_number_written(BIO *bio);
/* For BIO_f_asn1() */
int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
asn1_ps_func *prefix_free);
int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
asn1_ps_func **pprefix_free);
int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
asn1_ps_func *suffix_free);
int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
asn1_ps_func **psuffix_free);
const BIO_METHOD *BIO_s_file(void);
BIO *BIO_new_file(const char *filename, const char *mode);
BIO *BIO_new_from_core_bio(OSSL_LIB_CTX *libctx, OSSL_CORE_BIO *corebio);
# ifndef OPENSSL_NO_STDIO
BIO *BIO_new_fp(FILE *stream, int close_flag);
# endif
BIO *BIO_new_ex(OSSL_LIB_CTX *libctx, const BIO_METHOD *method);
BIO *BIO_new(const BIO_METHOD *type);
int BIO_free(BIO *a);
void BIO_set_data(BIO *a, void *ptr);
void *BIO_get_data(BIO *a);
void BIO_set_init(BIO *a, int init);
int BIO_get_init(BIO *a);
void BIO_set_shutdown(BIO *a, int shut);
int BIO_get_shutdown(BIO *a);
void BIO_vfree(BIO *a);
int BIO_up_ref(BIO *a);
int BIO_read(BIO *b, void *data, int dlen);
int BIO_read_ex(BIO *b, void *data, size_t dlen, size_t *readbytes);
int BIO_gets(BIO *bp, char *buf, int size);
int BIO_get_line(BIO *bio, char *buf, int size);
int BIO_write(BIO *b, const void *data, int dlen);
int BIO_write_ex(BIO *b, const void *data, size_t dlen, size_t *written);
int BIO_puts(BIO *bp, const char *buf);
int BIO_indent(BIO *b, int indent, int max);
long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp);
void *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
BIO *BIO_push(BIO *b, BIO *append);
BIO *BIO_pop(BIO *b);
void BIO_free_all(BIO *a);
BIO *BIO_find_type(BIO *b, int bio_type);
BIO *BIO_next(BIO *b);
void BIO_set_next(BIO *b, BIO *next);
BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
int BIO_get_retry_reason(BIO *bio);
void BIO_set_retry_reason(BIO *bio, int reason);
BIO *BIO_dup_chain(BIO *in);
int BIO_nread0(BIO *bio, char **buf);
int BIO_nread(BIO *bio, char **buf, int num);
int BIO_nwrite0(BIO *bio, char **buf);
int BIO_nwrite(BIO *bio, char **buf, int num);
const BIO_METHOD *BIO_s_mem(void);
const BIO_METHOD *BIO_s_secmem(void);
BIO *BIO_new_mem_buf(const void *buf, int len);
# ifndef OPENSSL_NO_SOCK
const BIO_METHOD *BIO_s_socket(void);
const BIO_METHOD *BIO_s_connect(void);
const BIO_METHOD *BIO_s_accept(void);
# endif
const BIO_METHOD *BIO_s_fd(void);
const BIO_METHOD *BIO_s_log(void);
const BIO_METHOD *BIO_s_bio(void);
const BIO_METHOD *BIO_s_null(void);
const BIO_METHOD *BIO_f_null(void);
const BIO_METHOD *BIO_f_buffer(void);
const BIO_METHOD *BIO_f_readbuffer(void);
const BIO_METHOD *BIO_f_linebuffer(void);
const BIO_METHOD *BIO_f_nbio_test(void);
const BIO_METHOD *BIO_f_prefix(void);
const BIO_METHOD *BIO_s_core(void);
# ifndef OPENSSL_NO_DGRAM
const BIO_METHOD *BIO_s_datagram(void);
int BIO_dgram_non_fatal_error(int error);
BIO *BIO_new_dgram(int fd, int close_flag);
# ifndef OPENSSL_NO_SCTP
const BIO_METHOD *BIO_s_datagram_sctp(void);
BIO *BIO_new_dgram_sctp(int fd, int close_flag);
int BIO_dgram_is_sctp(BIO *bio);
int BIO_dgram_sctp_notification_cb(BIO *b,
BIO_dgram_sctp_notification_handler_fn handle_notifications,
void *context);
int BIO_dgram_sctp_wait_for_dry(BIO *b);
int BIO_dgram_sctp_msg_waiting(BIO *b);
# endif
# endif
# ifndef OPENSSL_NO_SOCK
int BIO_sock_should_retry(int i);
int BIO_sock_non_fatal_error(int error);
int BIO_socket_wait(int fd, int for_read, time_t max_time);
# endif
int BIO_wait(BIO *bio, time_t max_time, unsigned int nap_milliseconds);
int BIO_do_connect_retry(BIO *bio, int timeout, int nap_milliseconds);
int BIO_fd_should_retry(int i);
int BIO_fd_non_fatal_error(int error);
int BIO_dump_cb(int (*cb) (const void *data, size_t len, void *u),
void *u, const void *s, int len);
int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
void *u, const void *s, int len, int indent);
int BIO_dump(BIO *b, const void *bytes, int len);
int BIO_dump_indent(BIO *b, const void *bytes, int len, int indent);
# ifndef OPENSSL_NO_STDIO
int BIO_dump_fp(FILE *fp, const void *s, int len);
int BIO_dump_indent_fp(FILE *fp, const void *s, int len, int indent);
# endif
int BIO_hex_string(BIO *out, int indent, int width, const void *data,
int datalen);
# ifndef OPENSSL_NO_SOCK
BIO_ADDR *BIO_ADDR_new(void);
int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
const void *where, size_t wherelen, unsigned short port);
void BIO_ADDR_free(BIO_ADDR *);
void BIO_ADDR_clear(BIO_ADDR *ap);
int BIO_ADDR_family(const BIO_ADDR *ap);
int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
char *BIO_ADDR_path_string(const BIO_ADDR *ap);
const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai);
int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai);
int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai);
int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai);
const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);
enum BIO_hostserv_priorities {
BIO_PARSE_PRIO_HOST, BIO_PARSE_PRIO_SERV
};
int BIO_parse_hostserv(const char *hostserv, char **host, char **service,
enum BIO_hostserv_priorities hostserv_prio);
enum BIO_lookup_type {
BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER
};
int BIO_lookup(const char *host, const char *service,
enum BIO_lookup_type lookup_type,
int family, int socktype, BIO_ADDRINFO **res);
int BIO_lookup_ex(const char *host, const char *service,
int lookup_type, int family, int socktype, int protocol,
BIO_ADDRINFO **res);
int BIO_sock_error(int sock);
int BIO_socket_ioctl(int fd, long type, void *arg);
int BIO_socket_nbio(int fd, int mode);
int BIO_sock_init(void);
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
# define BIO_sock_cleanup() while(0) continue
# endif
int BIO_set_tcp_ndelay(int sock, int turn_on);
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
OSSL_DEPRECATEDIN_1_1_0 struct hostent *BIO_gethostbyname(const char *name);
OSSL_DEPRECATEDIN_1_1_0 int BIO_get_port(const char *str, unsigned short *port_ptr);
OSSL_DEPRECATEDIN_1_1_0 int BIO_get_host_ip(const char *str, unsigned char *ip);
OSSL_DEPRECATEDIN_1_1_0 int BIO_get_accept_socket(char *host_port, int mode);
OSSL_DEPRECATEDIN_1_1_0 int BIO_accept(int sock, char **ip_port);
# endif
union BIO_sock_info_u {
BIO_ADDR *addr;
};
enum BIO_sock_info_type {
BIO_SOCK_INFO_ADDRESS
};
int BIO_sock_info(int sock,
enum BIO_sock_info_type type, union BIO_sock_info_u *info);
# define BIO_SOCK_REUSEADDR 0x01
# define BIO_SOCK_V6_ONLY 0x02
# define BIO_SOCK_KEEPALIVE 0x04
# define BIO_SOCK_NONBLOCK 0x08
# define BIO_SOCK_NODELAY 0x10
int BIO_socket(int domain, int socktype, int protocol, int options);
int BIO_connect(int sock, const BIO_ADDR *addr, int options);
int BIO_bind(int sock, const BIO_ADDR *addr, int options);
int BIO_listen(int sock, const BIO_ADDR *addr, int options);
int BIO_accept_ex(int accept_sock, BIO_ADDR *addr, int options);
int BIO_closesocket(int sock);
BIO *BIO_new_socket(int sock, int close_flag);
BIO *BIO_new_connect(const char *host_port);
BIO *BIO_new_accept(const char *host_port);
# endif /* OPENSSL_NO_SOCK*/
BIO *BIO_new_fd(int fd, int close_flag);
int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
BIO **bio2, size_t writebuf2);
/*
* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
* Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
* value.
*/
void BIO_copy_next_retry(BIO *b);
/*
* long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
*/
# define ossl_bio__attr__(x)
# if defined(__GNUC__) && defined(__STDC_VERSION__) \
&& !defined(__MINGW32__) && !defined(__MINGW64__) \
&& !defined(__APPLE__)
/*
* Because we support the 'z' modifier, which made its appearance in C99,
* we can't use __attribute__ with pre C99 dialects.
*/
# if __STDC_VERSION__ >= 199901L
# undef ossl_bio__attr__
# define ossl_bio__attr__ __attribute__
# if __GNUC__*10 + __GNUC_MINOR__ >= 44
# define ossl_bio__printf__ __gnu_printf__
# else
# define ossl_bio__printf__ __printf__
# endif
# endif
# endif
int BIO_printf(BIO *bio, const char *format, ...)
ossl_bio__attr__((__format__(ossl_bio__printf__, 2, 3)));
int BIO_vprintf(BIO *bio, const char *format, va_list args)
ossl_bio__attr__((__format__(ossl_bio__printf__, 2, 0)));
int BIO_snprintf(char *buf, size_t n, const char *format, ...)
ossl_bio__attr__((__format__(ossl_bio__printf__, 3, 4)));
int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
ossl_bio__attr__((__format__(ossl_bio__printf__, 3, 0)));
# undef ossl_bio__attr__
# undef ossl_bio__printf__
BIO_METHOD *BIO_meth_new(int type, const char *name);
void BIO_meth_free(BIO_METHOD *biom);
int (*BIO_meth_get_write(const BIO_METHOD *biom)) (BIO *, const char *, int);
int (*BIO_meth_get_write_ex(const BIO_METHOD *biom)) (BIO *, const char *, size_t,
size_t *);
int BIO_meth_set_write(BIO_METHOD *biom,
int (*write) (BIO *, const char *, int));
int BIO_meth_set_write_ex(BIO_METHOD *biom,
int (*bwrite) (BIO *, const char *, size_t, size_t *));
int (*BIO_meth_get_read(const BIO_METHOD *biom)) (BIO *, char *, int);
int (*BIO_meth_get_read_ex(const BIO_METHOD *biom)) (BIO *, char *, size_t, size_t *);
int BIO_meth_set_read(BIO_METHOD *biom,
int (*read) (BIO *, char *, int));
int BIO_meth_set_read_ex(BIO_METHOD *biom,
int (*bread) (BIO *, char *, size_t, size_t *));
int (*BIO_meth_get_puts(const BIO_METHOD *biom)) (BIO *, const char *);
int BIO_meth_set_puts(BIO_METHOD *biom,
int (*puts) (BIO *, const char *));
int (*BIO_meth_get_gets(const BIO_METHOD *biom)) (BIO *, char *, int);
int BIO_meth_set_gets(BIO_METHOD *biom,
int (*gets) (BIO *, char *, int));
long (*BIO_meth_get_ctrl(const BIO_METHOD *biom)) (BIO *, int, long, void *);
int BIO_meth_set_ctrl(BIO_METHOD *biom,
long (*ctrl) (BIO *, int, long, void *));
int (*BIO_meth_get_create(const BIO_METHOD *bion)) (BIO *);
int BIO_meth_set_create(BIO_METHOD *biom, int (*create) (BIO *));
int (*BIO_meth_get_destroy(const BIO_METHOD *biom)) (BIO *);
int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy) (BIO *));
long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))
(BIO *, int, BIO_info_cb *);
int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
long (*callback_ctrl) (BIO *, int,
BIO_info_cb *));
# ifdef __cplusplus
}
# endif
#endif
samples/android/app/src/main/cpp/include/openssl/bioerr.h
+65
View File
@@ -0,0 +1,65 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_BIOERR_H
# define OPENSSL_BIOERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# include <openssl/cryptoerr_legacy.h>
/*
* BIO reason codes.
*/
# define BIO_R_ACCEPT_ERROR 100
# define BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET 141
# define BIO_R_AMBIGUOUS_HOST_OR_SERVICE 129
# define BIO_R_BAD_FOPEN_MODE 101
# define BIO_R_BROKEN_PIPE 124
# define BIO_R_CONNECT_ERROR 103
# define BIO_R_CONNECT_TIMEOUT 147
# define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
# define BIO_R_GETSOCKNAME_ERROR 132
# define BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS 133
# define BIO_R_GETTING_SOCKTYPE 134
# define BIO_R_INVALID_ARGUMENT 125
# define BIO_R_INVALID_SOCKET 135
# define BIO_R_IN_USE 123
# define BIO_R_LENGTH_TOO_LONG 102
# define BIO_R_LISTEN_V6_ONLY 136
# define BIO_R_LOOKUP_RETURNED_NOTHING 142
# define BIO_R_MALFORMED_HOST_OR_SERVICE 130
# define BIO_R_NBIO_CONNECT_ERROR 110
# define BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED 143
# define BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED 144
# define BIO_R_NO_PORT_DEFINED 113
# define BIO_R_NO_SUCH_FILE 128
# define BIO_R_NULL_PARAMETER 115 /* unused */
# define BIO_R_TRANSFER_ERROR 104
# define BIO_R_TRANSFER_TIMEOUT 105
# define BIO_R_UNABLE_TO_BIND_SOCKET 117
# define BIO_R_UNABLE_TO_CREATE_SOCKET 118
# define BIO_R_UNABLE_TO_KEEPALIVE 137
# define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
# define BIO_R_UNABLE_TO_NODELAY 138
# define BIO_R_UNABLE_TO_REUSEADDR 139
# define BIO_R_UNAVAILABLE_IP_FAMILY 145
# define BIO_R_UNINITIALIZED 120
# define BIO_R_UNKNOWN_INFO_TYPE 140
# define BIO_R_UNSUPPORTED_IP_FAMILY 146
# define BIO_R_UNSUPPORTED_METHOD 121
# define BIO_R_UNSUPPORTED_PROTOCOL_FAMILY 131
# define BIO_R_WRITE_TO_READ_ONLY_BIO 126
# define BIO_R_WSASTARTUP 122
#endif
samples/android/app/src/main/cpp/include/openssl/blowfish.h
+78
View File
@@ -0,0 +1,78 @@
/*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_BLOWFISH_H
# define OPENSSL_BLOWFISH_H
# pragma once
# include <openssl/macros.h>
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define HEADER_BLOWFISH_H
# endif
# include <openssl/opensslconf.h>
# ifndef OPENSSL_NO_BF
# include <openssl/e_os2.h>
# ifdef __cplusplus
extern "C" {
# endif
# define BF_BLOCK 8
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define BF_ENCRYPT 1
# define BF_DECRYPT 0
/*-
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! BF_LONG has to be at least 32 bits wide. !
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
# define BF_LONG unsigned int
# define BF_ROUNDS 16
typedef struct bf_key_st {
BF_LONG P[BF_ROUNDS + 2];
BF_LONG S[4 * 256];
} BF_KEY;
# endif /* OPENSSL_NO_DEPRECATED_3_0 */
# ifndef OPENSSL_NO_DEPRECATED_3_0
OSSL_DEPRECATEDIN_3_0 void BF_set_key(BF_KEY *key, int len,
const unsigned char *data);
OSSL_DEPRECATEDIN_3_0 void BF_encrypt(BF_LONG *data, const BF_KEY *key);
OSSL_DEPRECATEDIN_3_0 void BF_decrypt(BF_LONG *data, const BF_KEY *key);
OSSL_DEPRECATEDIN_3_0 void BF_ecb_encrypt(const unsigned char *in,
unsigned char *out, const BF_KEY *key,
int enc);
OSSL_DEPRECATEDIN_3_0 void BF_cbc_encrypt(const unsigned char *in,
unsigned char *out, long length,
const BF_KEY *schedule,
unsigned char *ivec, int enc);
OSSL_DEPRECATEDIN_3_0 void BF_cfb64_encrypt(const unsigned char *in,
unsigned char *out,
long length, const BF_KEY *schedule,
unsigned char *ivec, int *num,
int enc);
OSSL_DEPRECATEDIN_3_0 void BF_ofb64_encrypt(const unsigned char *in,
unsigned char *out,
long length, const BF_KEY *schedule,
unsigned char *ivec, int *num);
OSSL_DEPRECATEDIN_3_0 const char *BF_options(void);
# endif
# ifdef __cplusplus
}
# endif
# endif
#endif
samples/android/app/src/main/cpp/include/openssl/bn.h
+583
View File
@@ -0,0 +1,583 @@
/*
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_BN_H
# define OPENSSL_BN_H
# pragma once
# include <openssl/macros.h>
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define HEADER_BN_H
# endif
# include <openssl/e_os2.h>
# ifndef OPENSSL_NO_STDIO
# include <stdio.h>
# endif
# include <openssl/opensslconf.h>
# include <openssl/types.h>
# include <openssl/crypto.h>
# include <openssl/bnerr.h>
#ifdef __cplusplus
extern "C" {
#endif
/*
* 64-bit processor with LP64 ABI
*/
# ifdef SIXTY_FOUR_BIT_LONG
# define BN_ULONG unsigned long
# define BN_BYTES 8
# endif
/*
* 64-bit processor other than LP64 ABI
*/
# ifdef SIXTY_FOUR_BIT
# define BN_ULONG unsigned long long
# define BN_BYTES 8
# endif
# ifdef THIRTY_TWO_BIT
# define BN_ULONG unsigned int
# define BN_BYTES 4
# endif
# define BN_BITS2 (BN_BYTES * 8)
# define BN_BITS (BN_BITS2 * 2)
# define BN_TBIT ((BN_ULONG)1 << (BN_BITS2 - 1))
# define BN_FLG_MALLOCED 0x01
# define BN_FLG_STATIC_DATA 0x02
/*
* avoid leaking exponent information through timing,
* BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
* BN_div() will call BN_div_no_branch,
* BN_mod_inverse() will call bn_mod_inverse_no_branch.
*/
# define BN_FLG_CONSTTIME 0x04
# define BN_FLG_SECURE 0x08
# ifndef OPENSSL_NO_DEPRECATED_0_9_8
/* deprecated name for the flag */
# define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
# define BN_FLG_FREE 0x8000 /* used for debugging */
# endif
void BN_set_flags(BIGNUM *b, int n);
int BN_get_flags(const BIGNUM *b, int n);
/* Values for |top| in BN_rand() */
#define BN_RAND_TOP_ANY -1
#define BN_RAND_TOP_ONE 0
#define BN_RAND_TOP_TWO 1
/* Values for |bottom| in BN_rand() */
#define BN_RAND_BOTTOM_ANY 0
#define BN_RAND_BOTTOM_ODD 1
/*
* get a clone of a BIGNUM with changed flags, for *temporary* use only (the
* two BIGNUMs cannot be used in parallel!). Also only for *read only* use. The
* value |dest| should be a newly allocated BIGNUM obtained via BN_new() that
* has not been otherwise initialised or used.
*/
void BN_with_flags(BIGNUM *dest, const BIGNUM *b, int flags);
/* Wrapper function to make using BN_GENCB easier */
int BN_GENCB_call(BN_GENCB *cb, int a, int b);
BN_GENCB *BN_GENCB_new(void);
void BN_GENCB_free(BN_GENCB *cb);
/* Populate a BN_GENCB structure with an "old"-style callback */
void BN_GENCB_set_old(BN_GENCB *gencb, void (*callback) (int, int, void *),
void *cb_arg);
/* Populate a BN_GENCB structure with a "new"-style callback */
void BN_GENCB_set(BN_GENCB *gencb, int (*callback) (int, int, BN_GENCB *),
void *cb_arg);
void *BN_GENCB_get_arg(BN_GENCB *cb);
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define BN_prime_checks 0 /* default: select number of iterations based
* on the size of the number */
/*
* BN_prime_checks_for_size() returns the number of Miller-Rabin iterations
* that will be done for checking that a random number is probably prime. The
* error rate for accepting a composite number as prime depends on the size of
* the prime |b|. The error rates used are for calculating an RSA key with 2 primes,
* and so the level is what you would expect for a key of double the size of the
* prime.
*
* This table is generated using the algorithm of FIPS PUB 186-4
* Digital Signature Standard (DSS), section F.1, page 117.
* (https://dx.doi.org/10.6028/NIST.FIPS.186-4)
*
* The following magma script was used to generate the output:
* securitybits:=125;
* k:=1024;
* for t:=1 to 65 do
* for M:=3 to Floor(2*Sqrt(k-1)-1) do
* S:=0;
* // Sum over m
* for m:=3 to M do
* s:=0;
* // Sum over j
* for j:=2 to m do
* s+:=(RealField(32)!2)^-(j+(k-1)/j);
* end for;
* S+:=2^(m-(m-1)*t)*s;
* end for;
* A:=2^(k-2-M*t);
* B:=8*(Pi(RealField(32))^2-6)/3*2^(k-2)*S;
* pkt:=2.00743*Log(2)*k*2^-k*(A+B);
* seclevel:=Floor(-Log(2,pkt));
* if seclevel ge securitybits then
* printf "k: %5o, security: %o bits (t: %o, M: %o)\n",k,seclevel,t,M;
* break;
* end if;
* end for;
* if seclevel ge securitybits then break; end if;
* end for;
*
* It can be run online at:
* http://magma.maths.usyd.edu.au/calc
*
* And will output:
* k: 1024, security: 129 bits (t: 6, M: 23)
*
* k is the number of bits of the prime, securitybits is the level we want to
* reach.
*
* prime length | RSA key size | # MR tests | security level
* -------------+--------------|------------+---------------
* (b) >= 6394 | >= 12788 | 3 | 256 bit
* (b) >= 3747 | >= 7494 | 3 | 192 bit
* (b) >= 1345 | >= 2690 | 4 | 128 bit
* (b) >= 1080 | >= 2160 | 5 | 128 bit
* (b) >= 852 | >= 1704 | 5 | 112 bit
* (b) >= 476 | >= 952 | 5 | 80 bit
* (b) >= 400 | >= 800 | 6 | 80 bit
* (b) >= 347 | >= 694 | 7 | 80 bit
* (b) >= 308 | >= 616 | 8 | 80 bit
* (b) >= 55 | >= 110 | 27 | 64 bit
* (b) >= 6 | >= 12 | 34 | 64 bit
*/
# define BN_prime_checks_for_size(b) ((b) >= 3747 ? 3 : \
(b) >= 1345 ? 4 : \
(b) >= 476 ? 5 : \
(b) >= 400 ? 6 : \
(b) >= 347 ? 7 : \
(b) >= 308 ? 8 : \
(b) >= 55 ? 27 : \
/* b >= 6 */ 34)
# endif
# define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w);
int BN_is_zero(const BIGNUM *a);
int BN_is_one(const BIGNUM *a);
int BN_is_word(const BIGNUM *a, const BN_ULONG w);
int BN_is_odd(const BIGNUM *a);
# define BN_one(a) (BN_set_word((a),1))
void BN_zero_ex(BIGNUM *a);
# if OPENSSL_API_LEVEL > 908
# define BN_zero(a) BN_zero_ex(a)
# else
# define BN_zero(a) (BN_set_word((a),0))
# endif
const BIGNUM *BN_value_one(void);
char *BN_options(void);
BN_CTX *BN_CTX_new_ex(OSSL_LIB_CTX *ctx);
BN_CTX *BN_CTX_new(void);
BN_CTX *BN_CTX_secure_new_ex(OSSL_LIB_CTX *ctx);
BN_CTX *BN_CTX_secure_new(void);
void BN_CTX_free(BN_CTX *c);
void BN_CTX_start(BN_CTX *ctx);
BIGNUM *BN_CTX_get(BN_CTX *ctx);
void BN_CTX_end(BN_CTX *ctx);
int BN_rand_ex(BIGNUM *rnd, int bits, int top, int bottom,
unsigned int strength, BN_CTX *ctx);
int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
int BN_priv_rand_ex(BIGNUM *rnd, int bits, int top, int bottom,
unsigned int strength, BN_CTX *ctx);
int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom);
int BN_rand_range_ex(BIGNUM *r, const BIGNUM *range, unsigned int strength,
BN_CTX *ctx);
int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
int BN_priv_rand_range_ex(BIGNUM *r, const BIGNUM *range,
unsigned int strength, BN_CTX *ctx);
int BN_priv_rand_range(BIGNUM *rnd, const BIGNUM *range);
# ifndef OPENSSL_NO_DEPRECATED_3_0
OSSL_DEPRECATEDIN_3_0
int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
OSSL_DEPRECATEDIN_3_0
int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
# endif
int BN_num_bits(const BIGNUM *a);
int BN_num_bits_word(BN_ULONG l);
int BN_security_bits(int L, int N);
BIGNUM *BN_new(void);
BIGNUM *BN_secure_new(void);
void BN_clear_free(BIGNUM *a);
BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
void BN_swap(BIGNUM *a, BIGNUM *b);
BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
int BN_bn2bin(const BIGNUM *a, unsigned char *to);
int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
BIGNUM *BN_native2bn(const unsigned char *s, int len, BIGNUM *ret);
int BN_bn2nativepad(const BIGNUM *a, unsigned char *to, int tolen);
BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret);
int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
/** BN_set_negative sets sign of a BIGNUM
* \param b pointer to the BIGNUM object
* \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise
*/
void BN_set_negative(BIGNUM *b, int n);
/** BN_is_negative returns 1 if the BIGNUM is negative
* \param b pointer to the BIGNUM object
* \return 1 if a < 0 and 0 otherwise
*/
int BN_is_negative(const BIGNUM *b);
int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
BN_CTX *ctx);
# define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
BN_CTX *ctx);
int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m);
int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
BN_CTX *ctx);
int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m);
int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
BN_CTX *ctx);
int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
BN_CTX *ctx);
int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
int BN_mul_word(BIGNUM *a, BN_ULONG w);
int BN_add_word(BIGNUM *a, BN_ULONG w);
int BN_sub_word(BIGNUM *a, BN_ULONG w);
int BN_set_word(BIGNUM *a, BN_ULONG w);
BN_ULONG BN_get_word(const BIGNUM *a);
int BN_cmp(const BIGNUM *a, const BIGNUM *b);
void BN_free(BIGNUM *a);
int BN_is_bit_set(const BIGNUM *a, int n);
int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
int BN_lshift1(BIGNUM *r, const BIGNUM *a);
int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *in_mont);
int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
int BN_mod_exp_mont_consttime_x2(BIGNUM *rr1, const BIGNUM *a1, const BIGNUM *p1,
const BIGNUM *m1, BN_MONT_CTX *in_mont1,
BIGNUM *rr2, const BIGNUM *a2, const BIGNUM *p2,
const BIGNUM *m2, BN_MONT_CTX *in_mont2,
BN_CTX *ctx);
int BN_mask_bits(BIGNUM *a, int n);
# ifndef OPENSSL_NO_STDIO
int BN_print_fp(FILE *fp, const BIGNUM *a);
# endif
int BN_print(BIO *bio, const BIGNUM *a);
int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
int BN_rshift1(BIGNUM *r, const BIGNUM *a);
void BN_clear(BIGNUM *a);
BIGNUM *BN_dup(const BIGNUM *a);
int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
int BN_set_bit(BIGNUM *a, int n);
int BN_clear_bit(BIGNUM *a, int n);
char *BN_bn2hex(const BIGNUM *a);
char *BN_bn2dec(const BIGNUM *a);
int BN_hex2bn(BIGNUM **a, const char *str);
int BN_dec2bn(BIGNUM **a, const char *str);
int BN_asc2bn(BIGNUM **a, const char *str);
int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
* -2 for
* error */
BIGNUM *BN_mod_inverse(BIGNUM *ret,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
BIGNUM *BN_mod_sqrt(BIGNUM *ret,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
/* Deprecated versions */
# ifndef OPENSSL_NO_DEPRECATED_0_9_8
OSSL_DEPRECATEDIN_0_9_8
BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
const BIGNUM *add, const BIGNUM *rem,
void (*callback) (int, int, void *),
void *cb_arg);
OSSL_DEPRECATEDIN_0_9_8
int BN_is_prime(const BIGNUM *p, int nchecks,
void (*callback) (int, int, void *),
BN_CTX *ctx, void *cb_arg);
OSSL_DEPRECATEDIN_0_9_8
int BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
void (*callback) (int, int, void *),
BN_CTX *ctx, void *cb_arg,
int do_trial_division);
# endif
# ifndef OPENSSL_NO_DEPRECATED_3_0
OSSL_DEPRECATEDIN_3_0
int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
OSSL_DEPRECATEDIN_3_0
int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
int do_trial_division, BN_GENCB *cb);
# endif
/* Newer versions */
int BN_generate_prime_ex2(BIGNUM *ret, int bits, int safe,
const BIGNUM *add, const BIGNUM *rem, BN_GENCB *cb,
BN_CTX *ctx);
int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
const BIGNUM *rem, BN_GENCB *cb);
int BN_check_prime(const BIGNUM *p, BN_CTX *ctx, BN_GENCB *cb);
# ifndef OPENSSL_NO_DEPRECATED_3_0
OSSL_DEPRECATEDIN_3_0
int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
OSSL_DEPRECATEDIN_3_0
int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
const BIGNUM *Xp, const BIGNUM *Xp1,
const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
BN_GENCB *cb);
OSSL_DEPRECATEDIN_3_0
int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
BN_CTX *ctx, BN_GENCB *cb);
# endif
BN_MONT_CTX *BN_MONT_CTX_new(void);
int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mont, BN_CTX *ctx);
int BN_to_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
BN_CTX *ctx);
int BN_from_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
BN_CTX *ctx);
void BN_MONT_CTX_free(BN_MONT_CTX *mont);
int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx);
BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, CRYPTO_RWLOCK *lock,
const BIGNUM *mod, BN_CTX *ctx);
/* BN_BLINDING flags */
# define BN_BLINDING_NO_UPDATE 0x00000001
# define BN_BLINDING_NO_RECREATE 0x00000002
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
void BN_BLINDING_free(BN_BLINDING *b);
int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
BN_CTX *);
int BN_BLINDING_is_current_thread(BN_BLINDING *b);
void BN_BLINDING_set_current_thread(BN_BLINDING *b);
int BN_BLINDING_lock(BN_BLINDING *b);
int BN_BLINDING_unlock(BN_BLINDING *b);
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
int (*bn_mod_exp) (BIGNUM *r,
const BIGNUM *a,
const BIGNUM *p,
const BIGNUM *m,
BN_CTX *ctx,
BN_MONT_CTX *m_ctx),
BN_MONT_CTX *m_ctx);
# ifndef OPENSSL_NO_DEPRECATED_0_9_8
OSSL_DEPRECATEDIN_0_9_8
void BN_set_params(int mul, int high, int low, int mont);
OSSL_DEPRECATEDIN_0_9_8
int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
# endif
BN_RECP_CTX *BN_RECP_CTX_new(void);
void BN_RECP_CTX_free(BN_RECP_CTX *recp);
int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
BN_RECP_CTX *recp, BN_CTX *ctx);
int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
BN_RECP_CTX *recp, BN_CTX *ctx);
# ifndef OPENSSL_NO_EC2M
/*
* Functions for arithmetic over binary polynomials represented by BIGNUMs.
* The BIGNUM::neg property of BIGNUMs representing binary polynomials is
* ignored. Note that input arguments are not const so that their bit arrays
* can be expanded to the appropriate size if needed.
*/
/*
* r = a + b
*/
int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
# define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
/*
* r=a mod p
*/
int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
/* r = (a * b) mod p */
int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *p, BN_CTX *ctx);
/* r = (a * a) mod p */
int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
/* r = (1 / b) mod p */
int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
/* r = (a / b) mod p */
int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *p, BN_CTX *ctx);
/* r = (a ^ b) mod p */
int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *p, BN_CTX *ctx);
/* r = sqrt(a) mod p */
int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
BN_CTX *ctx);
/* r^2 + r = a mod p */
int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
BN_CTX *ctx);
# define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
/*-
* Some functions allow for representation of the irreducible polynomials
* as an unsigned int[], say p. The irreducible f(t) is then of the form:
* t^p[0] + t^p[1] + ... + t^p[k]
* where m = p[0] > p[1] > ... > p[k] = 0.
*/
/* r = a mod p */
int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
/* r = (a * b) mod p */
int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const int p[], BN_CTX *ctx);
/* r = (a * a) mod p */
int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
BN_CTX *ctx);
/* r = (1 / b) mod p */
int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
BN_CTX *ctx);
/* r = (a / b) mod p */
int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const int p[], BN_CTX *ctx);
/* r = (a ^ b) mod p */
int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const int p[], BN_CTX *ctx);
/* r = sqrt(a) mod p */
int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
const int p[], BN_CTX *ctx);
/* r^2 + r = a mod p */
int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
const int p[], BN_CTX *ctx);
int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
# endif
/*
* faster mod functions for the 'NIST primes' 0 <= a < p^2
*/
int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
const BIGNUM *BN_get0_nist_prime_192(void);
const BIGNUM *BN_get0_nist_prime_224(void);
const BIGNUM *BN_get0_nist_prime_256(void);
const BIGNUM *BN_get0_nist_prime_384(void);
const BIGNUM *BN_get0_nist_prime_521(void);
int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
const BIGNUM *field, BN_CTX *ctx);
int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
const BIGNUM *priv, const unsigned char *message,
size_t message_len, BN_CTX *ctx);
/* Primes from RFC 2409 */
BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn);
BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn);
/* Primes from RFC 3526 */
BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn);
BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn);
BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn);
BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn);
BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn);
BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn);
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
# define get_rfc2409_prime_768 BN_get_rfc2409_prime_768
# define get_rfc2409_prime_1024 BN_get_rfc2409_prime_1024
# define get_rfc3526_prime_1536 BN_get_rfc3526_prime_1536
# define get_rfc3526_prime_2048 BN_get_rfc3526_prime_2048
# define get_rfc3526_prime_3072 BN_get_rfc3526_prime_3072
# define get_rfc3526_prime_4096 BN_get_rfc3526_prime_4096
# define get_rfc3526_prime_6144 BN_get_rfc3526_prime_6144
# define get_rfc3526_prime_8192 BN_get_rfc3526_prime_8192
# endif
int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
# ifdef __cplusplus
}
# endif
#endif
samples/android/app/src/main/cpp/include/openssl/bnerr.h
+47
View File
@@ -0,0 +1,47 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_BNERR_H
# define OPENSSL_BNERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# include <openssl/cryptoerr_legacy.h>
/*
* BN reason codes.
*/
# define BN_R_ARG2_LT_ARG3 100
# define BN_R_BAD_RECIPROCAL 101
# define BN_R_BIGNUM_TOO_LONG 114
# define BN_R_BITS_TOO_SMALL 118
# define BN_R_CALLED_WITH_EVEN_MODULUS 102
# define BN_R_DIV_BY_ZERO 103
# define BN_R_ENCODING_ERROR 104
# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
# define BN_R_INPUT_NOT_REDUCED 110
# define BN_R_INVALID_LENGTH 106
# define BN_R_INVALID_RANGE 115
# define BN_R_INVALID_SHIFT 119
# define BN_R_NOT_A_SQUARE 111
# define BN_R_NOT_INITIALIZED 107
# define BN_R_NO_INVERSE 108
# define BN_R_NO_PRIME_CANDIDATE 121
# define BN_R_NO_SOLUTION 116
# define BN_R_NO_SUITABLE_DIGEST 120
# define BN_R_PRIVATE_KEY_TOO_LARGE 117
# define BN_R_P_IS_NOT_PRIME 112
# define BN_R_TOO_MANY_ITERATIONS 113
# define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
#endif
samples/android/app/src/main/cpp/include/openssl/buffer.h
+62
View File
@@ -0,0 +1,62 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_BUFFER_H
# define OPENSSL_BUFFER_H
# pragma once
# include <openssl/macros.h>
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define HEADER_BUFFER_H
# endif
# include <openssl/types.h>
# ifndef OPENSSL_CRYPTO_H
# include <openssl/crypto.h>
# endif
# include <openssl/buffererr.h>
#ifdef __cplusplus
extern "C" {
#endif
# include <stddef.h>
# include <sys/types.h>
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define BUF_strdup(s) OPENSSL_strdup(s)
# define BUF_strndup(s, size) OPENSSL_strndup(s, size)
# define BUF_memdup(data, size) OPENSSL_memdup(data, size)
# define BUF_strlcpy(dst, src, size) OPENSSL_strlcpy(dst, src, size)
# define BUF_strlcat(dst, src, size) OPENSSL_strlcat(dst, src, size)
# define BUF_strnlen(str, maxlen) OPENSSL_strnlen(str, maxlen)
# endif
struct buf_mem_st {
size_t length; /* current number of bytes */
char *data;
size_t max; /* size of buffer */
unsigned long flags;
};
# define BUF_MEM_FLAG_SECURE 0x01
BUF_MEM *BUF_MEM_new(void);
BUF_MEM *BUF_MEM_new_ex(unsigned long flags);
void BUF_MEM_free(BUF_MEM *a);
size_t BUF_MEM_grow(BUF_MEM *str, size_t len);
size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
# ifdef __cplusplus
}
# endif
#endif

Some files were not shown because too many files have changed in this diff Show More