Updated at Apr. 2022
As well as 1.1.1, the newer version 3.0.x is also buildable for CE by adding a few fixes1. It was found and confirmed to work by Asit. His contribution is now under a review process for merging to upstream. Hope it'll be approved.
This page introduces how I build OpenSSL 1.1.1 (only libraries, no command line application) for Windows CE. The build system and sources of OpenSSL have been changed dramatically in 1.1.0, we have to take some tweaks to build 1.1.1, though there is a good instruction2 for previous version.
I have confirmed that the build libraries works with our customized cURL based code. It can show a page available on only TLS1.33.
Requirements and prerequisite
Our build system is VisualStudio 2008 with WCE700 development environment on Windows7-64bit and target platform is ARMv4I. Perl execution environment is also needed.
Following source file are used. The version which is used here is in parentheses.
Build wcecompat
-
Get wcecompat
-
Fix 2 known bugs as follow.
- localtime() and gmtime()2
src/time.c
struct tm* localtime(const time_t* clock) … - st_tm.tm_mon = stLocal.wMonth; + st_tm.tm_mon = stLocal.wMonth - 1; - st_tm.tm_year = stLocal.wYear; + st_tm.tm_year = stLocal.wYear - 1900; … struct tm* gmtime(const time_t* clock) … - st_tm.tm_mon = stUtc.wMonth; + st_tm.tm_mon = stUtc.wMonth - 1; - st_tm.tm_year = stUtc.wYear; + st_tm.tm_year = stUtc.wYear - 1900;
- Avoid infinite loop6
src/wce211_string.c
_CRTIMP char* __cdecl strrchr(const char* s, int c) { const char* p = s + strlen(s) - 1; while (p >= s) { if (*p == c) return (char*)p; + p -= 1; } return NULL; }
- localtime() and gmtime()2
-
Modify headerfile
-
Add an alias, _access for _wceaccess
include/io.h#define access _wceaccess + #define _access _wceaccess
-
Add aliases for stat and fstat as below
include/sys/stat.h+ #define _stat stat + #define _fstat fstat struct stat {
-
-
Set environmental variables
ReplaceYOURSDKNAME
to your real sdk name.set OSVERSION=WCE700 set PLATFORM=VC-CE set TARGETCPU=ARMV4I set LIB=C:\Program Files (x86)\Windows CE Tools\SDKs\YOURSDKNAME\Lib\ARMv4I;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\ce\lib\armv4i;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib set INCLUDE=C:\Program Files (x86)\Windows CE Tools\SDKs\YOURSDKNAME\Include\Armv4i set Path=C:\WINCE700\sdk\bin\i386\arm;C:\WINCE700\sdk\bin\i386;%Path%
-
Configure then build
On wcecompat top directory,> perl config.pl > nmake -f makefile
There should be wcecompat.lib and wcecompatex.lib in lib directory if your build succeeds.
Build OpenSSL
-
Get OpenSSL and extract
-
Apply a patch if needed
- 1.1.1
- (Before 1.1.1b) Apply the patch at https://github.com/aSoujyuTanaka/building_openssl-1.1.1_for_windowsce
- (From 1.1.1c) No change is needed since my fix7 has been merged.
- 3.0.x
- Take the fix of OpenSSL pull request #180741
- 1.1.1
-
Set environmental variables
- Replace
YOURSDKNAME
to your real sdk name. - Replace
the path of WCECOMPAT
to the actual one you build previously.
set OSVERSION=WCE700 set PLATFORM=VC-CE set TARGETCPU=ARMV4I set WCECOMPAT=C:\Users\tanaka\wcecompat set LIB=C:\Program Files (x86)\Windows CE Tools\SDKs\YOURSDKNAME\Lib\ARMV4I;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\ce\lib\ARMV4I;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib set INCLUDE=C:\Program Files (x86)\Windows CE Tools\SDKs\YOURSDKNAME\Include\ARMV4I;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\ce\include set Path=C:\WINCE700\sdk\bin\i386\arm;C:\WINCE700\sdk\bin\i386;%Path%
- Replace
-
Configure
On OpenSSL top directory,> perl Configure no-idea no-mdc2 no-rc5 no-ssl3 no-weak-ssl-ciphers no-async no-engine VC-CE
2 options are added on purpose. The reasons are as follows.
-
no-async
: For lack of ConvertFiberToThread() in WinCE (used in crypto/async/arch/async_win.c) -
no-engine
: For lack of CreatePipe() in WinCE (used in engines/e_dasync.c)
-
-
Modify makefile as below (1.1.1b - 1.1.1g)
From 1.1.1h and 3.0.x, this step is no longer needed since another fix8 has been merged. Thanks to bjornl and Asit for helping me create the patch.makefile- CFLAGS=/W3 /wd4090 /nologo /O1i + CFLAGS=/W3 /wd4090 /nologo /O1i -D_MSC_VER=1300 @ .. - CNF_CPPFLAGS=-D_WIN32_WCE=700 -DUNDER_CE=700 -DWCE_PLATFORM_VC-CE -DARM -D_ARM_ -DARMV4I -QRarch4T -QRinterwork-return -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG" -I"\$(WCECOMPAT)/include" + CNF_CPPFLAGS=-D_WIN32_WCE=700 -DUNDER_CE=700 -DWCE_PLATFORM_VC-CE -DARM -D_ARM_ -DARMV4I -QRarch4T -QRinterwork-return -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG" -I$(WCECOMPAT)/include @ .. - CNF_EX_LIBS=3 + CNF_EX_LIBS=ws2.lib $(WCECOMPAT)\lib\wcecompatex.lib corelibc.lib coredll.lib
-
Modify makefile for optimization if needed
If you are using WCE700 or above and target CPU is ARMv7 then you should replace any existence of-QRarch4T
with/QRarch7 /arch:VFPv3-D32 /QRfpe-
to take benefit of optimization for newer architecture9. -
Build
# For 1.1.1 > nmake build_generated libcrypto-1_1.dll libssl-1_1.dll # For 3.0 > nmake build_generated libcrypto-3.dll libssl-3.dll
Then you'll get the following artifacts.
- libcrypto.lib
- libcrypto-1_1.dll (or libcrypto-3.dll)
- libssl.lib
- libssl-1_1.dll (or libssl-3.dll)