On 2012-07-06 01:51, Robert Relyea wrote: > I've gotten NSS to build and mostly run the tests for Android. There are > still a number of tests failing, so the work isn't all done, but it was > a good point to snapshot what I had.
How does this compare/interact with Android's built-in key-store? I'm personally unconvinced that security subsystems running in the application's/user's own security context represent the future since they don't facilitate application-based access control unless each application does its own enrollment. Anders > > I've stuck some very rough instructions on > https://wiki.mozilla.org/NSS:Android . I'm move them to > https://developer.mozilla.org/en/NSS after the upgrade to Kuma wiki, > probably next week. > > *The Cross Build* > > It's not surprising that I was able to get NSS to build for Android > since two other teams are already building NSS for Android in their own > environment. What was surprising was I needed to make a few changes: > one to dbm (use of errno) and one to freebl/ran_unix.c (use of sysinfo). > I was wondering how the other teams were working around the problems I > ran into. > > Besides those 2 problems, I also had to deal with shlibsign in cmd. I > simply changed the makefile to try to use a system installed shlibsign > if you were cross compiling (works on fedora and RHEL, where I know we > include shlibsign with our packages, I don't know about other versions > of Linux. It certainly wouldn't be happy in a windows host). > > The magic to get all this to work was judicious use of make environment > variables. I've added new targets in the Makefile in > mozilla/security/nss which knows how to build Android cross. I believe > you only need the Android NDK to build NSS and NSPR. I haven't tested > without having the SDK installed, but I didn't tell any software how to > get to the SDK, so I'm pretty sure it wasn't used. > > *Running the Tests* > > I've included several make targets to install the built binaries onto > the Android device and run them. The targets do not use adb, mostly > since I don't have my little cable for my Android Table here at work. > Instead I installed SSHDroid and used sftp and ssh to install and run > the tests. It should be possible to make adb versions of the same > commands, but I'm pretty sure you'll then need to install Busybox to get > everything to run (Busybox comes with SSHDroid already, and I know I > make use of several of the Busybox commands in the build). > > Since I'm using ssh/sftp, the Android device doesn't need to be > physically hooked to the Linux host, only connected to a network that > the Linux host could address. > > Anyway feel free to try out the instructions, and update things that > aren't quite right. > > Surprisingly, the fast majority of the tests seem to run, though I'm > still getting quite a few failures. > > bob > > > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
