Help us understand the problem. What is going on with this article?

Building OpenSSL 1.1.1 for Windows CE

This page introduces how I build OpenSSL 1.1.1 (only libraries, no command line application) for Windows CE. The build system and sources of OpenSSL have been changed dramatically in 1.1.0, we have to take some tweaks to build 1.1.1, though there is a good instruction1 for previous version.

I have confirmed that the build libraries works with our customized cURL based code. It can show a page available on only TLS1.32.

Requirements and prerequisite

Our build system is VisualStudio 2008 with WCE700 development environment on Windows7-64bit and target platform is ARMv4I. Perl execution environment is also needed.
Following source file are used. The version which is used here is in parentheses.

  • wcecompat3 (bad854b)
  • OpenSSL 1.1.14 (1.1.1b -)

Build wcecompat

  1. Get wcecompat
  2. Fix 2 known bugs as follow.

    1. localtime() and gmtime()1

      src/time.c
        struct tm* localtime(const time_t* clock)
        …
      -     st_tm.tm_mon = stLocal.wMonth;
      +     st_tm.tm_mon = stLocal.wMonth - 1;
      -     st_tm.tm_year = stLocal.wYear;
      +     st_tm.tm_year = stLocal.wYear - 1900;
        …
        struct tm* gmtime(const time_t* clock)
        …
      -     st_tm.tm_mon = stUtc.wMonth;
      +     st_tm.tm_mon = stUtc.wMonth - 1;
      -     st_tm.tm_year = stUtc.wYear;
      +     st_tm.tm_year = stUtc.wYear - 1900;
      
    2. Avoid infinite loop5

      src/wce211_string.c
        _CRTIMP char* __cdecl strrchr(const char* s, int c)
        {
            const char*    p = s + strlen(s) - 1;
            while (p >= s)
            {
                if (*p == c)
                    return (char*)p;
      +         p -= 1;
            }
            return NULL;
        }
      
  3. Modify headerfile

    1. Add an alias, "_access" for _wceaccess

      include/io.h
        #define access _wceaccess
      + #define _access _wceaccess
      
    2. Add aliases for stat and fstat as below

      include/sys/stat.h
      + #define _stat stat
      + #define _fstat fstat
        struct stat
        {
      
  4. Set environmental variables
    Replace YOURSDKNAME to your real sdk name.

    set OSVERSION=WCE700
    set PLATFORM=VC-CE
    set TARGETCPU=ARMV4I
    set LIB=C:\Program Files (x86)\Windows CE Tools\SDKs\YOURSDKNAME\Lib\ARMv4I;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\ce\lib\armv4i;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib
    set INCLUDE=C:\Program Files (x86)\Windows CE Tools\SDKs\YOURSDKNAME\Include\Armv4i
    set Path=C:\WINCE700\sdk\bin\i386\arm;C:\WINCE700\sdk\bin\i386;%Path%
    
  5. Configure then build
    On wcecompat top directory,

    > perl config.pl
    > nmake -f makefile
    

If you see wcecompat.lib and wcecompatex.lib in lib directory then wcecompat may successfully be built.

Build OpenSSL

  1. Get OpenSSL and extract
  2. Apply a patch if needed
    (For 1.1.1b) Apply the patch below.
    https://github.com/aSoujyuTanaka/building_openssl-1.1.1_for_windowsce
    (From 1.1.1c) You don't have to change the code since my fix6 has been merged.

  3. Set environmental variables

    • Replace YOURSDKNAME to your real sdk name.
    • Replace the path of WCECOMPAT to the actual one you build previously.
    set OSVERSION=WCE700
    set PLATFORM=VC-CE
    set TARGETCPU=ARMV4I
    set WCECOMPAT=C:\Users\tanaka\wcecompat
    set LIB=C:\Program Files (x86)\Windows CE Tools\SDKs\YOURSDKNAME\Lib\ARMV4I;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\ce\lib\ARMV4I;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib
    set INCLUDE=C:\Program Files (x86)\Windows CE Tools\SDKs\YOURSDKNAME\Include\ARMV4I;C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\ce\include
    set Path=C:\WINCE700\sdk\bin\i386\arm;C:\WINCE700\sdk\bin\i386;%Path%
    
  4. Configure
    On OpenSSL top directory,

    > perl Configure no-idea no-mdc2 no-rc5 no-ssl3 no-weak-ssl-ciphers no-async no-engine VC-CE
    

    2-options are added on purpose. These are why.

    • no-async: For lack of ConvertFiberToThread() in WinCE (used in crypto/async/arch/async_win.c)
    • no-engine: For lack of CreatePipe() in WinCE (used in engines/e_dasync.c)
  5. Modify makefile as below (1.1.1b - 1.1.1g)
    From 1.1.1h, this step is no longer needed since another fix7 has been merged. Thanks to bjornl and Asit for helping me create the patch.

    makefile
    - CFLAGS=/W3 /wd4090 /nologo /O1i
    + CFLAGS=/W3 /wd4090 /nologo /O1i -D_MSC_VER=1300
    ..
    - CNF_CPPFLAGS=-D_WIN32_WCE=700 -DUNDER_CE=700 -DWCE_PLATFORM_VC-CE -DARM -D_ARM_ -DARMV4I -QRarch4T -QRinterwork-return -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG" -I"\$(WCECOMPAT)/include"
    + CNF_CPPFLAGS=-D_WIN32_WCE=700 -DUNDER_CE=700 -DWCE_PLATFORM_VC-CE -DARM -D_ARM_ -DARMV4I -QRarch4T -QRinterwork-return -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG" -I$(WCECOMPAT)/include
    ..
    - CNF_EX_LIBS=3
    + CNF_EX_LIBS=ws2.lib $(WCECOMPAT)\lib\wcecompatex.lib corelibc.lib coredll.lib
    
  6. Modify makefile for optimization if needed
    If you are using WCE700 or above and target CPU is ARMv7 then you should replace any existence of -QRarch4T with /QRarch7 /arch:VFPv3-D32 /QRfpe- to take benefit of optimization for newer architecture8.

  7. Build

    > nmake build_generated libcrypto-1_1.dll libssl-1_1.dll
    

    Then you'll get the following artifacts.

    • libcrypto.lib
    • libcrypto-1_1.dll
    • libcrypto-1_1.pdb
    • libssl.lib
    • libssl-1_1.dll
    • libssl-1_1.pdb
access
SDNからセンサ、家電、電子書籍まで。ACCESSはあらゆるレイヤのデバイス、サービスを「繋げて」いきます。
http://jp.access-company.com
Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away