6
2

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 1 year has passed since last update.

Building OpenSSL 1.1.1 and 3.0 for Windows CE

Last updated at Posted at 2019-03-27

Updated at Apr. 2022
As well as 1.1.1, the newer version 3.0.x is also buildable for CE by adding a few fixes1. It was found and confirmed to work by Asit. His contribution is now under a review process for merging to upstream. Hope it'll be approved.


This page introduces how I build OpenSSL 1.1.1 (only libraries, no command line application) for Windows CE. The build system and sources of OpenSSL have been changed dramatically in 1.1.0, we have to take some tweaks to build 1.1.1, though there is a good instruction2 for previous version.

I have confirmed that the build libraries works with our customized cURL based code. It can show a page available on only TLS1.33.

Requirements and prerequisite

Our build system is VisualStudio 2008 with WCE700 development environment on Windows7-64bit and target platform is ARMv4I. Perl execution environment is also needed.
Following source file are used. The version which is used here is in parentheses.

  • wcecompat4 (bad854b)
  • OpenSSL5 (1.1.1b - or 3.0.2 -)

Build wcecompat

  1. Get wcecompat

  2. Fix 2 known bugs as follow.

    • localtime() and gmtime()2
      src/time.c
        struct tm* localtime(const time_t* clock)
        …
      -     st_tm.tm_mon = stLocal.wMonth;
      +     st_tm.tm_mon = stLocal.wMonth - 1;
      -     st_tm.tm_year = stLocal.wYear;
      +     st_tm.tm_year = stLocal.wYear - 1900;
        …
        struct tm* gmtime(const time_t* clock)
        …
      -     st_tm.tm_mon = stUtc.wMonth;
      +     st_tm.tm_mon = stUtc.wMonth - 1;
      -     st_tm.tm_year = stUtc.wYear;
      +     st_tm.tm_year = stUtc.wYear - 1900;
      
    • Avoid infinite loop6
      src/wce211_string.c
        _CRTIMP char* __cdecl strrchr(const char* s, int c)
        {
            const char*    p = s + strlen(s) - 1;
            while (p >= s)
            {
                if (*p == c)
                    return (char*)p;
      +         p -= 1;
            }
            return NULL;
        }
      
  3. Modify headerfile

    • Add an alias, _access for _wceaccess

      include/io.h
        #define access _wceaccess
      + #define _access _wceaccess
      
    • Add aliases for stat and fstat as below

      include/sys/stat.h
      + #define _stat stat
      + #define _fstat fstat
        struct stat
        {
      
  4. Set environmental variables
    Replace YOURSDKNAME to your real sdk name.

    set OSVERSION=WCE700
    set PLATFORM=VC-CE
    set TARGETCPU=ARMV4I
    set LIB=C:\Program Files (x86)\Windows CE Tools\SDKs\YOURSDKNAME\Lib\ARMv4I;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\ce\lib\armv4i;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib
    set INCLUDE=C:\Program Files (x86)\Windows CE Tools\SDKs\YOURSDKNAME\Include\Armv4i
    set Path=C:\WINCE700\sdk\bin\i386\arm;C:\WINCE700\sdk\bin\i386;%Path%
    
  5. Configure then build
    On wcecompat top directory,

    > perl config.pl
    > nmake -f makefile
    

There should be wcecompat.lib and wcecompatex.lib in lib directory if your build succeeds.

Build OpenSSL

  1. Get OpenSSL and extract

  2. Apply a patch if needed

  3. Set environmental variables

    • Replace YOURSDKNAME to your real sdk name.
    • Replace the path of WCECOMPAT to the actual one you build previously.
    set OSVERSION=WCE700
    set PLATFORM=VC-CE
    set TARGETCPU=ARMV4I
    set WCECOMPAT=C:\Users\tanaka\wcecompat
    set LIB=C:\Program Files (x86)\Windows CE Tools\SDKs\YOURSDKNAME\Lib\ARMV4I;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\ce\lib\ARMV4I;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib
    set INCLUDE=C:\Program Files (x86)\Windows CE Tools\SDKs\YOURSDKNAME\Include\ARMV4I;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\ce\include
    set Path=C:\WINCE700\sdk\bin\i386\arm;C:\WINCE700\sdk\bin\i386;%Path%
    
  4. Configure
    On OpenSSL top directory,

    > perl Configure no-idea no-mdc2 no-rc5 no-ssl3 no-weak-ssl-ciphers no-async no-engine VC-CE
    

    2 options are added on purpose. The reasons are as follows.

    • no-async: For lack of ConvertFiberToThread() in WinCE (used in crypto/async/arch/async_win.c)
    • no-engine: For lack of CreatePipe() in WinCE (used in engines/e_dasync.c)
  5. Modify makefile as below (1.1.1b - 1.1.1g)
    From 1.1.1h and 3.0.x, this step is no longer needed since another fix8 has been merged. Thanks to bjornl and Asit for helping me create the patch.

    makefile
    - CFLAGS=/W3 /wd4090 /nologo /O1i
    + CFLAGS=/W3 /wd4090 /nologo /O1i -D_MSC_VER=1300
    @ ..
    - CNF_CPPFLAGS=-D_WIN32_WCE=700 -DUNDER_CE=700 -DWCE_PLATFORM_VC-CE -DARM -D_ARM_ -DARMV4I -QRarch4T -QRinterwork-return -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG" -I"\$(WCECOMPAT)/include"
    + CNF_CPPFLAGS=-D_WIN32_WCE=700 -DUNDER_CE=700 -DWCE_PLATFORM_VC-CE -DARM -D_ARM_ -DARMV4I -QRarch4T -QRinterwork-return -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG" -I$(WCECOMPAT)/include
    @ ..
    - CNF_EX_LIBS=3
    + CNF_EX_LIBS=ws2.lib $(WCECOMPAT)\lib\wcecompatex.lib corelibc.lib coredll.lib
    
  6. Modify makefile for optimization if needed
    If you are using WCE700 or above and target CPU is ARMv7 then you should replace any existence of -QRarch4T with /QRarch7 /arch:VFPv3-D32 /QRfpe- to take benefit of optimization for newer architecture9.

  7. Build

    # For 1.1.1
    > nmake build_generated libcrypto-1_1.dll libssl-1_1.dll
    # For 3.0
    > nmake build_generated libcrypto-3.dll libssl-3.dll
    

Then you'll get the following artifacts.

  • libcrypto.lib
  • libcrypto-1_1.dll (or libcrypto-3.dll)
  • libssl.lib
  • libssl-1_1.dll (or libssl-3.dll)
  1. https://github.com/openssl/openssl/pull/18074/files 2

  2. C++ UA Server SDK: Compiling OpenSSL for Windows CE 2

  3. https://tls13.crypto.mozilla.org/

  4. https://github.com/mauricek/wcecompat

  5. https://www.openssl.org/

  6. https://curl.haxx.se/mail/lib-2011-01/0219.html

  7. https://github.com/openssl/openssl/pull/8596

  8. https://github.com/openssl/openssl/pull/11526

  9. http://rogeriodossantos.github.io/ARMv7-Performance/

6
2
3

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
6
2

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?