[openssl-users] Building libcrypto/libssl without symbolic link

John Foley foleyj at cisco.com
Wed Apr 22 14:26:14 UTC 2015

Are you packaging libcrypto.so into the APK yourself?  The Android OS
comes with it's own resident copy of libcrypto.  You can leverage this
from your app without having to package libcrypto into your
application.  This assumes the version of libcrypto that comes with
Android meets your needs.  Given the various flavors of Android out in
the wild, this may limit what your application can do with libcrypto.

If you're packaging libcrypto into your APK, one problem I've seen in
Android is the System.LoadLibrary() call will use the host resident copy
of libcrypto instead of the one packaged in the APK.  One way to get
around this is to hack the linker step in the OpenSSL makefile to rename
libcrypto to something different.  You'll need to make sure the -soname
option on the linker step is consistent with whatever you name the
library.  For instance, you can name it libcryptoX.so, and pass in this
same name to the -soname option.  Confirm that it works using objdump to
view the ELF header.  The soname will be in the ELF header.  Then
package libcryptoX.so into your APK and use this name with the
System.LoadLibrary() call.

On 04/22/2015 09:41 AM, Shanku Roy wrote:
> Am cross compiling the FIPS enabled version for Android; In Android, some apps are having trouble loading their bundled libcrypto library when the binary is named as *.so.1.0.0 instead of libcrypto.so as platform library.
> ----- Original Message -----
> From: Viktor Dukhovni <openssl-users at dukhovni.org>
> To: openssl-users at openssl.org
> Cc: 
> Sent: Tuesday, April 21, 2015 11:47 PM
> Subject: Re: [openssl-users] Building libcrypto/libssl without symbolic link
> On Wed, Apr 22, 2015 at 12:12:45AM +0000, Shanku Roy wrote:
>> lrw-r--r-- root     root              2015-04-10 02:33 libcrypto.so -> libcrypto.so.1.0.0
>> -rw-r--r-- root     root      1988088 2015-04-10 02:27 libcrypto.so.1.0.0
>> Is there any configure option in OpenSSL build scripts to not generate
>> the symbolic links and rather generate actual binary as
>> libcrypto.so/libssl.so from the build process like following:
> The library "soname" is part of the ABI.  What platform are you
> building for where it would not be appropriate to encode the ABI
> compatibility name into the library name?

More information about the openssl-users mailing list