diff --git a/thirdparty/pkcs11-helper/HPKBUILD b/thirdparty/pkcs11-helper/HPKBUILD new file mode 100644 index 0000000000000000000000000000000000000000..8c0757c3c0bb232f8c4c72165fe14ffe1e5bfdde --- /dev/null +++ b/thirdparty/pkcs11-helper/HPKBUILD @@ -0,0 +1,71 @@ +# Contributor: chengkan +# Maintainer: chengkan +pkgname=pkcs11-helper +pkgver=1.29.0 +pkgrel=0 +pkgdesc="Library that simplifies the interaction with PKCS#11 providers for end-user applications using a simple API and optional OpenSSL engine." +url="https://github.com/OpenSC/pkcs11-helper" +archs=("armeabi-v7a" "arm64-v8a") +license=("GPL" "BSD") +depends=("openssl") +makedepends=() + +source="https://github.com/OpenSC/$pkgname/archive/refs/tags/$pkgname-$pkgver.tar.gz" + +autounpack=true +downloadpackage=true +buildtools="configure" +builddir=$pkgname-$pkgname-${pkgver} +packagename=$builddir.tar.gz + +source envset.sh +host= +prepare() { + cp -arf $builddir $builddir-$ARCH-build + if [ $ARCH == "armeabi-v7a" ]; then + setarm32ENV + host=arm-linux + elif [ $ARCH == "arm64-v8a" ]; then + setarm64ENV + host=aarch64-linux + else + echo "$ARCH not support!" + return -1 + fi + cd $builddir-$ARCH-build + autoreconf -ifv > `pwd`/build.log 2>&1 + cd $OLDPWD +} + +build() { + cd $builddir-$ARCH-build + PKG_CONFIG_LIBDIR="${pkgconfigpath}" ./configure "$@" --host=$host >> `pwd`/build.log 2>&1 + make -j4 VERBOSE=1 >> `pwd`/build.log 2>&1 + ret=$? + cd $OLDPWD + return $ret +} + +package() { + cd $builddir-$ARCH-build + make install >> `pwd`/build.log 2>&1 + cd $OLDPWD + if [ $ARCH == "armeabi-v7a" ]; then + unsetarm32ENV + elif [ $ARCH == "arm64-v8a" ]; then + unsetarm64ENV + else + echo "$ARCH not support!" + fi + unset host +} + +check() { + echo "The test must be on an OpenHarmony device!" + # 编译生成目录下执行make test +} + +# 清理环境 +cleanbuild() { + rm -rf ${PWD}/$builddir ${PWD}/$builddir-${archs[0]}-build ${PWD}/$builddir-${archs[1]}-build #${PWD}/$packagename +} diff --git a/thirdparty/pkcs11-helper/SHA512SUM b/thirdparty/pkcs11-helper/SHA512SUM new file mode 100644 index 0000000000000000000000000000000000000000..7d754307dce2a86421efb3cdc0d28dd9fae1babf --- /dev/null +++ b/thirdparty/pkcs11-helper/SHA512SUM @@ -0,0 +1 @@ +60e792129af6c6989ae2be6317b9c686352ef41d4ad8cc8f9f03ad1ec7325933f9ae34fce8259125e85602750fadbe4966ca890f73f5f778f77c1778b033abd8 pkcs11-helper-pkcs11-helper-1.29.0.tar.gz diff --git a/thirdparty/polarssl/HPKBUILD b/thirdparty/polarssl/HPKBUILD new file mode 100644 index 0000000000000000000000000000000000000000..6352e2036f3db6831af95982ace639d208e9c559 --- /dev/null +++ b/thirdparty/polarssl/HPKBUILD @@ -0,0 +1,53 @@ +# Contributor: chengkan +# Maintainer: chengkan +pkgname=polarssl +pkgver=1.4 +pkgrel=0 +pkgdesc="The PolarSSL library is an implementation of the SSL and TLS protocols and the respective cryptographic algorithms." +url="https://github.com/Linphone-sync/polarssl" +archs=("armeabi-v7a" "arm64-v8a") +license=("GPL-2.0 license") +depends=("pkcs11-helper" "zlib" "openssl") +makedepends=() + +source="https://github.com/Linphone-sync/polarssl/archive/refs/heads/$pkgname-$pkgver.zip" + +autounpack=true +downloadpackage=true +builddir=$pkgname-$pkgname-${pkgver} +packagename=$builddir.zip + +prepare() { + mkdir -p $builddir/$ARCH-build +} + +build() { + cd $builddir + ${OHOS_SDK}/native/build-tools/cmake/bin/cmake "$@" \ + -DCMAKE_INTERNAL_PLATFORM_INFO=0 \ + -DOHOS_ARCH=$ARCH -DUSE_SHARED_POLARSSL_LIBRARY="ON" \ + -DUSE_PKCS11_HELPER_LIBRARY="ON" -DENABLE_ZLIB_SUPPORT="ON" \ + -DCMAKE_EXE_LINKER_FLAGS="${LDFLAGS} -L${LYCIUM_ROOT}/usr/pkcs11-helper/${ARCH}/lib" \ + -B$ARCH-build -S./ -L > `pwd`/$ARCH-build/build.log 2>&1 + make VERBOSE=1 -C $ARCH-build >> `pwd`/$ARCH-build/build.log 2>&1 + ret=$? + cd $OLDPWD + return $ret +} + +package() { + cd "$builddir" + make -C $ARCH-build install >> `pwd`/$ARCH-build/build.log 2>&1 + cd $OLDPWD +} + +check() { + echo "The test must be on an OpenHarmony device!" + # 设置LD_LIBRARY_PATH环境变量 + # ctest 测试 +} + +# 清理环境 +cleanbuild(){ + rm -rf ${PWD}/$builddir +} diff --git a/thirdparty/polarssl/HPKCHECK b/thirdparty/polarssl/HPKCHECK new file mode 100644 index 0000000000000000000000000000000000000000..ced9b6c5a799b5928c2d394ea8b796a70365a426 --- /dev/null +++ b/thirdparty/polarssl/HPKCHECK @@ -0,0 +1,27 @@ +# Contributor: chengkan +# Maintainer: chengkan +source HPKBUILD > /dev/null 2>&1 +logfile=${LYCIUM_THIRDPARTY_ROOT}/${pkgname}/${pkgname}_${ARCH}_${OHOS_SDK_VER}_test.log +checkprepare(){ + # 保存当前系统时间到硬件时间 + busybox hwclock --systohc + # 测试的crt证书过期,需要设置系统时间在过期前的日期进行测试 + busybox date -s "2018-01-01 01:00:00" >> ${logfile} 2>&1 +} +openharmonycheck() { + res=0 + cd $builddir/$ARCH-build + ctest >> ${logfile} 2>&1 + res=$? + + if [ $res -ne 0 ] + then + mkdir ${LYCIUM_FAULT_PATH}/${pkgname} + cp Testing/Temporary/LastTest.log ${LYCIUM_FAULT_PATH}/${pkgname}/ + fi + cd $OLDPWD + + # 从硬件时钟恢复系统时间 + busybox hwclock --hctosys + return $res +} diff --git a/thirdparty/polarssl/OAT.xml b/thirdparty/polarssl/OAT.xml new file mode 100644 index 0000000000000000000000000000000000000000..5eecdd6202e272a5143978ac32f31977d23001c7 --- /dev/null +++ b/thirdparty/polarssl/OAT.xml @@ -0,0 +1,20 @@ + + + + + + + + + + + + + + + + + + + + diff --git a/thirdparty/polarssl/README.OpenSource b/thirdparty/polarssl/README.OpenSource new file mode 100644 index 0000000000000000000000000000000000000000..dc1f9448affbe18a820d7114b1a5a91e3d283495 --- /dev/null +++ b/thirdparty/polarssl/README.OpenSource @@ -0,0 +1,11 @@ +[ + { + "Name": "polarssl", + "License": "GPL-2.0 license", + "License File": "https://github.com/Linphone-sync/polarssl/blob/polarssl-1.4/LICENSE", + "Version Number": "1.4", + "Owner": "kanchengc@isoftstone.com", + "Upstream URL": "https://github.com/Linphone-sync/polarssl/archive/refs/heads/polarssl-1.4.zip", + "Description": "The PolarSSL SSL library is an implementation of the SSL and TLS protocols and the respective cryptographic algorithms." + } +] diff --git a/thirdparty/polarssl/README_zh.md b/thirdparty/polarssl/README_zh.md new file mode 100644 index 0000000000000000000000000000000000000000..c773767d3309df6255d9462afad0ae015b3bc354 --- /dev/null +++ b/thirdparty/polarssl/README_zh.md @@ -0,0 +1,19 @@ +# polarssl三方库说明 +## 功能简介 +PolarSSL库是SSL和TLS协议以及各自加密算法的实现。 +## 使用约束 +- ROM版本:OpenHarmony3.2Release + +- IDE版本:DevEco Studio 3.1 Release + +- SDK:ohos_sdk_public 4.0.8.1 (API Version 10 Release) + +- 三方库版本:1.4 + +- 当前适配功能:加密和解密,包括对称加密(如AES、DES)、非对称加密(如RSA、ECC)和哈希函数 + 支持TLS安全通信协议 + X.509证书管理 + 安全随机数生成 + +## 集成方式 ++ [系统hap包集成](docs/hap_integrate.md) diff --git a/thirdparty/polarssl/SHA512SUM b/thirdparty/polarssl/SHA512SUM new file mode 100644 index 0000000000000000000000000000000000000000..89b1f2ca484b97bc23e8bdac80dd7a73ad1646a0 --- /dev/null +++ b/thirdparty/polarssl/SHA512SUM @@ -0,0 +1 @@ +f12bd33ddbb117c43c3e38779af2207067c6e22ba13f34d90c2b653900b8086738ea72668e7f5a450347580ffe63f5bf07d7bf79cf0933d20e74171ed877bda3 polarssl-polarssl-1.4.zip diff --git a/thirdparty/polarssl/docs/hap_integrate.md b/thirdparty/polarssl/docs/hap_integrate.md new file mode 100644 index 0000000000000000000000000000000000000000..4c28aab9561050bafeb670b1838e610e1d99c154 --- /dev/null +++ b/thirdparty/polarssl/docs/hap_integrate.md @@ -0,0 +1,91 @@ +# polarssl集成到应用hap +本库是在RK3568开发板上基于OpenHarmony3.2 Release版本的镜像验证的,如果是从未使用过RK3568,可以先查看[润和RK3568开发板标准系统快速上手](https://gitee.com/openharmony-sig/knowledge_demo_temp/tree/master/docs/rk3568_helloworld)。 +## 开发环境 +- ubuntu20.04 +- [OpenHarmony3.2Release镜像](https://gitee.com/link?target=https%3A%2F%2Frepo.huaweicloud.com%2Fopenharmony%2Fos%2F3.2-Release%2Fdayu200_standard_arm32.tar.gz) +- [ohos_sdk_public 4.0.8.1 (API Version 10 Release)](https://gitee.com/link?target=http%3A%2F%2Fdownload.ci.openharmony.cn%2Fversion%2FMaster_Version%2FOpenHarmony_4.0.8.1%2F20230608_091058%2Fversion-Master_Version-OpenHarmony_4.0.8.1-20230608_091058-ohos-sdk-public.tar.gz) +- [DevEco Studio 3.1 Release](https://gitee.com/link?target=https%3A%2F%2Fcontentcenter-vali-drcn.dbankcdn.cn%2Fpvt_2%2FDeveloperAlliance_package_901_9%2F81%2Fv3%2FtgRUB84wR72nTfE8Ir_xMw%2Fdevecostudio-windows-3.1.0.501.zip%3FHW-CC-KV%3DV1%26HW-CC-Date%3D20230621T074329Z%26HW-CC-Expire%3D315360000%26HW-CC-Sign%3D22F6787DF6093ECB4D4E08F9379B114280E1F65DA710599E48EA38CB24F3DBF2) +- [准备三方库构建环境](../../../lycium/README.md#1编译环境准备) +- [准备三方库测试环境](../../../lycium/README.md#3ci环境准备) + +## 编译三方库 +- 下载本仓库 + ``` + git clone https://gitee.com/openharmony-sig/tpc_c_cplusplus.git --depth=1 + ``` +- 三方库目录结构 + ``` + tpc_c_cplusplus/thirdparty/polarssl #三方库polarssl的目录结构如下 + ├── docs #三方库相关文档的文件夹 + ├── HPKBUILD #构建脚本 + ├── SHA512SUM #三方库校验文件 + ├── README.OpenSource #说明三方库源码的下载地址,版本,license等信息 + ├── HPKCHECK #自动化测试脚本 + ├── OAT.xml #版权检验文件 + ├── README_zh.md + ``` + + +- 在lycium目录下编译三方库 + 编译环境的搭建参考[准备三方库构建环境](../../../lycium/README.md#1编译环境准备) + + ``` + + cd lycium + ./build.sh polarssl + ``` +- 三方库头文件及生成的库 + 在lycium目录下会生成usr目录,该目录下存在已编译完成的32位和64位三方库 + + ``` + polarssl/arm64-v8a polarssl/armeabi-v7a + ``` + +- [测试三方库](#测试三方库) + +## 应用中使用三方库 +- 在IDE的cpp目录下新增thirdparty目录,将编译生成的库拷贝到该目录下,如下图所示 + ![polarssl_install](pic/polarssl_install.png) +- 在最外层(cpp目录下)CMakeLists.txt中添加如下语句 + ``` + + #将三方库加入工程中 + target_link_libraries(entry PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/thirdparty/polarssl/${OHOS_ARCH}/lib/libpolarssl.a + ${CMAKE_CURRENT_SOURCE_DIR}/thirdparty/pkcs11-helper/${OHOS_ARCH}/lib/libpkcs11-helper.a + ${CMAKE_CURRENT_SOURCE_DIR}/thirdparty/openssl/${OHOS_ARCH}/lib/libssl.a + ${CMAKE_CURRENT_SOURCE_DIR}/thirdparty/zlib/${OHOS_ARCH}/lib/libz.a) + + #将三方库的头文件加入工程中 + target_include_directories(entry PRIVATE + ${CMAKE_CURRENT_SOURCE_DIR}/thirdparty/polarssl/${OHOS_ARCH}/include + ${CMAKE_CURRENT_SOURCE_DIR}/thirdparty/pkcs11-helper/${OHOS_ARCH}/include + ${CMAKE_CURRENT_SOURCE_DIR}/thirdparty/openssl/${OHOS_ARCH}/include + ${CMAKE_CURRENT_SOURCE_DIR}/thirdparty/zlib/${OHOS_ARCH}/include) + + ``` + ![polarssl_usage](pic/polarssl_usage.png) +## 测试三方库 +三方库的测试使用原库自带的测试用例来做测试,[准备三方库测试环境](../../../lycium/README.md#3ci环境准备) + + + +- 将测试资源导入到开发板 +- 设置依赖服务程序路径 +``` +32位系统 +export LD_LIBRARY_PATH=/data/local/tmp/tpc_c_cplusplus/lycium/usr/polarssl/armeabi-v7a/lib:/data/local/tmp/tpc_c_cplusplus/lycium/usr/pkcs11-helper/armeabi-v7a/lib:/data/local/tmp/tpc_c_cplusplus/lycium/usr/openssl/armeabi-v7a/lib:/data/local/tmp/tpc_c_cplusplus/lycium/usr/zlib/armeabi-v7a/lib + +##64位系统 +export LD_LIBRARY_PATH=/data/local/tmp/tpc_c_cplusplus/lycium/usr/polarssl/arm64-v8a/lib:/data/local/tmp/tpc_c_cplusplus/lycium/usr/pkcs11-helper/arm64-v8a/lib:/data/local/tmp/tpc_c_cplusplus/lycium/usr/openssl/arm64-v8a/lib:/data/local/tmp/tpc_c_cplusplus/lycium/usr/zlib/arm64-v8a/lib +``` +- 进入到构建目录$ARCH-build/下执行 ctest 运行测试用例,如下截图(arm64-v8a-build为构建64位的目录,armeabi-v7a-build为构建32位的目录) + + + +![polarssl](pic/polarssl_test.png) + +## 参考资料 +- [润和RK3568开发板标准系统快速上手](https://gitee.com/openharmony-sig/knowledge_demo_temp/tree/master/docs/rk3568_helloworld) +- [OpenHarmony三方库地址](https://gitee.com/openharmony-tpc) +- [OpenHarmony知识体系](https://gitee.com/openharmony-sig/knowledge) +- [通过DevEco Studio开发一个NAPI工程](https://gitee.com/openharmony-sig/knowledge_demo_temp/blob/master/docs/napi_study/docs/hello_napi.md) diff --git a/thirdparty/polarssl/docs/pic/polarssl_install.png b/thirdparty/polarssl/docs/pic/polarssl_install.png new file mode 100644 index 0000000000000000000000000000000000000000..6a346a04a3e1e550026e0a45e718cbadd7545f57 Binary files /dev/null and b/thirdparty/polarssl/docs/pic/polarssl_install.png differ diff --git a/thirdparty/polarssl/docs/pic/polarssl_test.png b/thirdparty/polarssl/docs/pic/polarssl_test.png new file mode 100644 index 0000000000000000000000000000000000000000..51b1a52f64ec4ed1d4836c97c434e48950524a21 Binary files /dev/null and b/thirdparty/polarssl/docs/pic/polarssl_test.png differ diff --git a/thirdparty/polarssl/docs/pic/polarssl_usage.png b/thirdparty/polarssl/docs/pic/polarssl_usage.png new file mode 100644 index 0000000000000000000000000000000000000000..0a92504c80bc86fc138920c98ee04ebdc0959b2d Binary files /dev/null and b/thirdparty/polarssl/docs/pic/polarssl_usage.png differ