- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
我一直在尝试弄清楚如何为苹果平台(即 iOS 和 osx)创建/构建静态和动态 OpenSSL 库,但找不到任何合适的文档。
我需要构建 1.1.1i 版本的 openssl 或任何 1.1.1 等效版本。
试图关注这个 https://github.com/keeshux/openssl-apple但随后在构建 MAC-OSX arm64 时失败了。
任何人都可以指出我正确的/工作方向吗??
谢谢!!
最佳答案
此脚本可能会有所帮助。它构建 OpenSSL 1.1.1 和 1.0.2 系列库(reference - 也有用于 OSX 的构建脚本)
#!/bin/bash
#
# This script downloads and builds the iOS openSSL libraries with Bitcode enabled
#
# Author: Jason Cox, @jasonacox https://github.com/jasonacox/Build-OpenSSL-cURL
# Date: 2020-Aug-15
#
set -e
# Custom build options
CUSTOMCONFIG="enable-ssl-trace"
# Formatting
default="\033[39m"
white="\033[97m"
green="\033[32m"
red="\033[91m"
yellow="\033[33m"
bold="\033[0m${green}\033[1m"
subbold="\033[0m${green}"
archbold="\033[0m${yellow}\033[1m"
normal="${white}\033[0m"
dim="\033[0m${white}\033[2m"
alert="\033[0m${red}\033[1m"
alertdim="\033[0m${red}\033[2m"
# set trap to help debug build errors
trap 'echo -e "${alert}** ERROR with Build - Check /tmp/openssl*.log${alertdim}"; tail -3 /tmp/openssl*.log' INT TERM EXIT
# Set minimum OS versions for target
MACOS_X86_64_VERSION="" # Empty = use host version
MACOS_ARM64_VERSION="" # Min supported is MacOS 11.0 Big Sur
CATALYST_IOS="13.0" # Min supported is iOS 13.0 for Mac Catalyst
IOS_MIN_SDK_VERSION="8.0"
IOS_SDK_VERSION=""
TVOS_MIN_SDK_VERSION="9.0"
TVOS_SDK_VERSION=""
catalyst="0"
VERSION="1.1.1i" # OpenSSL version default
CORES=$(sysctl -n hw.ncpu)
OPENSSL_VERSION="openssl-${VERSION}"
if [ -z "${MACOS_X86_64_VERSION}" ]; then
MACOS_X86_64_VERSION=$(sw_vers -productVersion)
fi
if [ -z "${MACOS_ARM64_VERSION}" ]; then
MACOS_ARM64_VERSION=$(sw_vers -productVersion)
fi
usage ()
{
echo
echo -e "${bold}Usage:${normal}"
echo
echo -e " ${subbold}$0${normal} [-v ${dim}<version>${normal}] [-s ${dim}<version>${normal}] [-t ${dim}<version>${normal}] [-i ${dim}<version>${normal}] [-a ${dim}<version>${normal}] [-u ${dim}<version>${normal}] [-e] [-m] [-3] [-x] [-h]"
echo
echo " -v version of OpenSSL (default $VERSION)"
echo " -s iOS min target version (default $IOS_MIN_SDK_VERSION)"
echo " -t tvOS min target version (default $TVOS_MIN_SDK_VERSION)"
echo " -i macOS 86_64 min target version (default $MACOS_X86_64_VERSION)"
echo " -a macOS arm64 min target version (default $MACOS_ARM64_VERSION)"
echo " -e compile with engine support"
echo " -m compile Mac Catalyst library"
echo " -u Mac Catalyst iOS min target version (default $CATALYST_IOS)"
echo " -3 compile with SSLv3 support"
echo " -x disable color output"
echo " -h show usage"
echo
trap - INT TERM EXIT
exit 127
}
engine=0
while getopts "v:s:t:i:a:u:emx3h\?" o; do
case "${o}" in
v)
OPENSSL_VERSION="openssl-${OPTARG}"
;;
s)
IOS_MIN_SDK_VERSION="${OPTARG}"
;;
t)
TVOS_MIN_SDK_VERSION="${OPTARG}"
;;
i)
MACOS_X86_64_VERSION="${OPTARG}"
;;
a)
MACOS_ARM64_VERSION="${OPTARG}"
;;
e)
engine=1
;;
m)
catalyst="1"
;;
u)
catalyst="1"
CATALYST_IOS="${OPTARG}"
;;
x)
bold=""
subbold=""
normal=""
dim=""
alert=""
alertdim=""
archbold=""
;;
3)
CUSTOMCONFIG="enable-ssl3 enable-ssl3-method enable-ssl-trace"
;;
*)
usage
;;
esac
done
shift $((OPTIND-1))
DEVELOPER=`xcode-select -print-path`
# Semantic Version Comparison
version_lte() {
[ "$1" = "`echo -e "$1\n$2" | sort -V | head -n1`" ]
}
if version_lte $MACOS_ARM64_VERSION 11.0; then
MACOS_ARM64_VERSION="11.0" # Min support for Apple Silicon is 11.0
fi
buildIOS()
{
ARCH=$1
pushd . > /dev/null
cd "${OPENSSL_VERSION}"
if [[ "${ARCH}" == "i386" || "${ARCH}" == "x86_64" ]]; then
PLATFORM="iPhoneSimulator"
else
PLATFORM="iPhoneOS"
#sed -ie "s!static volatile sig_atomic_t intr_signal;!static volatile intr_signal;!" "crypto/ui/ui_openssl.c"
fi
export $PLATFORM
export CROSS_TOP="${DEVELOPER}/Platforms/${PLATFORM}.platform/Developer"
export CROSS_SDK="${PLATFORM}${IOS_SDK_VERSION}.sdk"
export BUILD_TOOLS="${DEVELOPER}"
export CC="${BUILD_TOOLS}/usr/bin/gcc -fembed-bitcode -arch ${ARCH}"
echo -e "${subbold}Building ${OPENSSL_VERSION} for ${PLATFORM} ${IOS_SDK_VERSION} ${archbold}${ARCH}${dim} (iOS ${IOS_MIN_SDK_VERSION})"
if [[ "${ARCH}" == "i386" || "${ARCH}" == "x86_64" ]]; then
TARGET="darwin-i386-cc"
if [[ $ARCH == "x86_64" ]]; then
TARGET="darwin64-x86_64-cc"
fi
if [[ "$OPENSSL_VERSION" = "openssl-1.1.1"* ]]; then
./Configure no-asm ${TARGET} -no-shared --prefix="/tmp/${OPENSSL_VERSION}-iOS-${ARCH}" --openssldir="/tmp/${OPENSSL_VERSION}-iOS-${ARCH}" $CUSTOMCONFIG &> "/tmp/${OPENSSL_VERSION}-iOS-${ARCH}.log"
else
./Configure no-asm ${TARGET} -no-shared --openssldir="/tmp/${OPENSSL_VERSION}-iOS-${ARCH}" $CUSTOMCONFIG &> "/tmp/${OPENSSL_VERSION}-iOS-${ARCH}.log"
fi
else
if [[ "$OPENSSL_VERSION" = "openssl-1.1.1"* ]]; then
# export CC="${BUILD_TOOLS}/usr/bin/gcc -arch ${ARCH}"
./Configure iphoneos-cross DSO_LDFLAGS=-fembed-bitcode --prefix="/tmp/${OPENSSL_VERSION}-iOS-${ARCH}" -no-shared --openssldir="/tmp/${OPENSSL_VERSION}-iOS-${ARCH}" $CUSTOMCONFIG &> "/tmp/${OPENSSL_VERSION}-iOS-${ARCH}.log"
else
./Configure iphoneos-cross -no-shared --openssldir="/tmp/${OPENSSL_VERSION}-iOS-${ARCH}" $CUSTOMCONFIG &> "/tmp/${OPENSSL_VERSION}-iOS-${ARCH}.log"
fi
fi
# add -isysroot to CC=
if [[ "$OPENSSL_VERSION" = "openssl-1.1.1"* ]]; then
sed -ie "s!^CFLAGS=!CFLAGS=-isysroot ${CROSS_TOP}/SDKs/${CROSS_SDK} -miphoneos-version-min=${IOS_MIN_SDK_VERSION} !" "Makefile"
else
sed -ie "s!^CFLAG=!CFLAG=-isysroot ${CROSS_TOP}/SDKs/${CROSS_SDK} -miphoneos-version-min=${IOS_MIN_SDK_VERSION} !" "Makefile"
fi
make -j${CORES} >> "/tmp/${OPENSSL_VERSION}-iOS-${ARCH}.log" 2>&1
make install_sw >> "/tmp/${OPENSSL_VERSION}-iOS-${ARCH}.log" 2>&1
make clean >> "/tmp/${OPENSSL_VERSION}-iOS-${ARCH}.log" 2>&1
popd > /dev/null
# Clean up exports
export PLATFORM=""
export CC=""
export CXX=""
export CFLAGS=""
export LDFLAGS=""
export CPPFLAGS=""
export CROSS_TOP=""
export CROSS_SDK=""
export BUILD_TOOLS=""
}
buildIOSsim()
{
ARCH=$1
pushd . > /dev/null
cd "${OPENSSL_VERSION}"
PLATFORM="iPhoneSimulator"
export $PLATFORM
TARGET="darwin-i386-cc"
RUNTARGET=""
MIPHONEOS="${IOS_MIN_SDK_VERSION}"
if [[ $ARCH != "i386" ]]; then
TARGET="darwin64-${ARCH}-cc"
RUNTARGET="-target ${ARCH}-apple-ios${IOS_MIN_SDK_VERSION}-simulator"
# e.g. -target arm64-apple-ios11.0-simulator
#if [[ $ARCH == "arm64" ]]; then
# if (( $(echo "${MIPHONEOS} < 11.0" |bc -l) )); then
# MIPHONEOS="11.0" # Min support for Apple Silicon is iOS 11.0
# fi
#fi
fi
# set up exports for build
export CFLAGS=" -Os -miphoneos-version-min=${MIPHONEOS} -fembed-bitcode -arch ${ARCH} ${RUNTARGET} "
export LDFLAGS=" -arch ${ARCH} -isysroot ${DEVELOPER}/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator.sdk "
export CPPFLAGS=" -I.. -isysroot ${DEVELOPER}/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator.sdk "
export CROSS_TOP="${DEVELOPER}/Platforms/${PLATFORM}.platform/Developer"
export CROSS_SDK="${PLATFORM}${IOS_SDK_VERSION}.sdk"
export BUILD_TOOLS="${DEVELOPER}"
export CC="${BUILD_TOOLS}/usr/bin/gcc"
export CXX="${BUILD_TOOLS}/usr/bin/gcc"
echo -e "${subbold}Building ${OPENSSL_VERSION} for ${PLATFORM} ${iOS_SDK_VERSION} ${archbold}${ARCH}${dim} (iOS ${MIPHONEOS})"
# configure
if [[ "$OPENSSL_VERSION" = "openssl-1.1.1"* ]]; then
./Configure no-asm ${TARGET} -no-shared --prefix="/tmp/${OPENSSL_VERSION}-iOS-Simulator-${ARCH}" --openssldir="/tmp/${OPENSSL_VERSION}-iOS-Simulator-${ARCH}" $CUSTOMCONFIG &> "/tmp/${OPENSSL_VERSION}-iOS-Simulator-${ARCH}.log"
else
./Configure no-asm ${TARGET} -no-shared --openssldir="/tmp/${OPENSSL_VERSION}-iOS-Simulator-${ARCH}" $CUSTOMCONFIG &> "/tmp/${OPENSSL_VERSION}-iOS-Simulator-${ARCH}.log"
fi
# add -isysroot to CC=
# no longer needed with exports
#if [[ "$OPENSSL_VERSION" = "openssl-1.1.1"* ]]; then
# sed -ie "s!^CFLAGS=!CFLAGS=-isysroot ${CROSS_TOP}/SDKs/${CROSS_SDK} -miphoneos-version-min=${IOS_MIN_SDK_VERSION} !" "Makefile"
#else
# sed -ie "s!^CFLAG=!CFLAG=-isysroot ${CROSS_TOP}/SDKs/${CROSS_SDK} -miphoneos-version-min=${IOS_MIN_SDK_VERSION} !" "Makefile"
#fi
# make
make -j${CORES} >> "/tmp/${OPENSSL_VERSION}-iOS-Simulator-${ARCH}.log" 2>&1
make install_sw >> "/tmp/${OPENSSL_VERSION}-iOS-Simulator-${ARCH}.log" 2>&1
make clean >> "/tmp/${OPENSSL_VERSION}-iOS-Simulator-${ARCH}.log" 2>&1
popd > /dev/null
# Clean up exports
export PLATFORM=""
export CC=""
export CXX=""
export CFLAGS=""
export LDFLAGS=""
export CPPFLAGS=""
export CROSS_TOP=""
export CROSS_SDK=""
export BUILD_TOOLS=""
}
#echo -e "${bold}Cleaning up${dim}"
#rm -rf include/openssl/* lib/*
mkdir -p Mac/lib
mkdir -p Catalyst/lib
mkdir -p iOS/lib
mkdir -p iOS-simulator/lib
mkdir -p iOS-fat/lib
mkdir -p tvOS/lib
mkdir -p Mac/include/openssl/
mkdir -p Catalyst/include/openssl/
mkdir -p iOS/include/openssl/
mkdir -p iOS-simulator/include/openssl/
mkdir -p iOS-fat/include/openssl/
mkdir -p tvOS/include/openssl/
rm -rf "/tmp/${OPENSSL_VERSION}-*"
rm -rf "/tmp/${OPENSSL_VERSION}-*.log"
rm -rf "${OPENSSL_VERSION}"
if [ ! -e ${OPENSSL_VERSION}.tar.gz ]; then
echo "Downloading ${OPENSSL_VERSION}.tar.gz"
curl -LOs https://www.openssl.org/source/${OPENSSL_VERSION}.tar.gz
else
echo "Using ${OPENSSL_VERSION}.tar.gz"
fi
if [[ "$OPENSSL_VERSION" = "openssl-1.1.1"* ]]; then
echo "** Building OpenSSL 1.1.1 **"
else
if [[ "$OPENSSL_VERSION" = "openssl-1.0."* ]]; then
echo "** Building OpenSSL 1.0.x ** "
echo -e "${alert}** WARNING: End of Life Version - Upgrade to 1.1.1 **${dim}"
else
echo -e "${alert}** WARNING: This build script has not been tested with $OPENSSL_VERSION **${dim}"
fi
fi
echo "Unpacking openssl"
tar xfz "${OPENSSL_VERSION}.tar.gz"
if [ "$engine" == "1" ]; then
echo "+ Activate Static Engine"
sed -ie 's/\"engine/\"dynamic-engine/' ${OPENSSL_VERSION}/Configurations/15-ios.conf
fi
echo -e "${bold}Building iOS libraries${dim}"
buildIOS "armv7"
buildIOS "armv7s"
buildIOS "arm64"
buildIOS "arm64e"
buildIOSsim "i386"
buildIOSsim "x86_64"
buildIOSsim "arm64"
echo " Copying headers and libraries"
cp /tmp/${OPENSSL_VERSION}-iOS-arm64/include/openssl/* iOS/include/openssl/
lipo \
"/tmp/${OPENSSL_VERSION}-iOS-armv7/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-iOS-armv7s/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-iOS-arm64/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-iOS-arm64e/lib/libcrypto.a" \
-create -output iOS/lib/libcrypto.a
lipo \
"/tmp/${OPENSSL_VERSION}-iOS-armv7/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-iOS-armv7s/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-iOS-arm64/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-iOS-arm64e/lib/libssl.a" \
-create -output iOS/lib/libssl.a
cp /tmp/${OPENSSL_VERSION}-iOS-Simulator-x86_64/include/openssl/* iOS-simulator/include/openssl/
lipo \
"/tmp/${OPENSSL_VERSION}-iOS-Simulator-i386/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-iOS-Simulator-x86_64/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-iOS-Simulator-arm64/lib/libcrypto.a" \
-create -output iOS-simulator/lib/libcrypto.a
lipo \
"/tmp/${OPENSSL_VERSION}-iOS-Simulator-i386/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-iOS-Simulator-x86_64/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-iOS-Simulator-arm64/lib/libssl.a" \
-create -output iOS-simulator/lib/libssl.a
cp /tmp/${OPENSSL_VERSION}-iOS-arm64/include/openssl/* iOS-fat/include/openssl/
lipo \
"/tmp/${OPENSSL_VERSION}-iOS-armv7/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-iOS-armv7s/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-iOS-arm64/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-iOS-arm64e/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-iOS-Simulator-i386/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-iOS-Simulator-x86_64/lib/libcrypto.a" \
-create -output iOS-fat/lib/libcrypto.a
lipo \
"/tmp/${OPENSSL_VERSION}-iOS-armv7/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-iOS-armv7s/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-iOS-arm64/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-iOS-arm64e/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-iOS-Simulator-x86_64/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-iOS-Simulator-i386/lib/libssl.a" \
-create -output iOS-fat/lib/libssl.a
echo " Creating combined OpenSSL libraries for iOS"
libtool -no_warning_for_no_symbols -static -o openssl-ios-armv7_armv7s_arm64_arm64e.a iOS/lib/libcrypto.a iOS/lib/libssl.a
libtool -no_warning_for_no_symbols -static -o openssl-ios-i386_x86_64_arm64-simulator.a iOS-simulator/lib/libcrypto.a iOS-simulator/lib/libssl.a
echo -e "${bold}Cleaning up${dim}"
rm -rf /tmp/${OPENSSL_VERSION}-*
rm -rf ${OPENSSL_VERSION}
#reset trap
trap - INT TERM EXIT
echo -e "${normal}Done"
注意:总体project为 MacOS(x86_64、arm64)、Mac Catalyst(x86_64、arm64)、iOS(armv7、armv7s、arm64 和 arm64e)、iOS 模拟器(x86_64、arm64)、tvOS(arm64)和 tvOS 模拟器构建 OpenSSL、nghttp2 和 cURL/libcurl (x86_64)。 Update 现在构建 XCFrameworks,它支持所有平台和目标,以便轻松导入到您的项目中。
关于ios - 如何为 iOS 和 OSX 构建 OpenSSL,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/65397852/
如果我使用open ssl命令 sudo openssl genrsa -out privkey.pem 2048 要生成rsa key ,它仅生成1个文件。这是私钥。我如何获得公钥。 最佳答案 回答
三个不同版本的 openssl 正在同时更新 openssl.org : 0.98, 1.0.0, 1.0.1?它们之间有什么区别,我该如何选择要使用的版本? 最佳答案 https://en.wiki
我有以下命令用于 OpenSSL 生成私钥和公钥: openssl genrsa –aes-128-cbc –out priv.pem –passout pass:[privateKeyPass] 2
我正在尝试使用对应的 gcc (arm-none-eabi-5_4-2016q2) 为 cortex m3 机器交叉编译 openssl。机器应该有能力做 TCP 请求,我们希望在一天结束时做 HTT
我正在尝试使用 openssl dsa 实现,但我对以下细节感到非常困惑: 命令 openssl dsa .... 的选项“-text”:输出中的十六进制数字,我是否正确地假设这些是字节,因此它们是按
我正在尝试制作一个假 CA 并用它签署一个证书以与 stunnel 一起使用(这似乎只是调用 OpenSSL 例程,因此您可能不需要了解该程序来提供帮助:)。然而,stunnel 一直拒绝我的证书,说
不幸的是,Perl 在尝试安装 OpenSSL 的手册页(例如 OpenSSL_1_0_1g)时不知何故遇到了错误。因为我不需要它们 - 我只想使用 OpenSSL 作为 C 库,我想我可以通过完全跳
OpenSSL 中的 BIO 对到底是什么?它的用途是什么?我已经检查过 OpenSSL 文档,但任何细节都很少。 最佳答案 OpenSSL 中的 BIO 类似于文件句柄。您可以使用一对它们来安全地相
openssl ca 和 openssl x509 命令有什么区别?我正在使用它来创建和签署我的 root-ca、intermed-ca 和客户端证书,但是 openssl ca 命令不会在证书上注册
如何(如果有的话)为 OpenSSL 定义一个单一的可信证书文件在 Windows(Win-7,OpenSSL 1.0.1c)上使用 SSL_CERT_FILE 环境变量? 各种研究促使我下载了 Mo
我有一个自签名证书,其中显示了列出的基本约束,但从中生成的签名请求不显示这些属性,例如 [v3_req]。我怎样才能让它可见?我正在使用 openssl 生成证书。 场景: 我使用以下方法创建自签名证
这个问题在这里已经有了答案: Check if a connection is TLSv1 vs SSLv3 (SSL_CIPHER_description/SSL_CIPHER_get_name)
是否有更简单的方法来确定在构建 openssl 期间指定的选项,例如当时是否定义了 OPENSSL_NO_SRTP? 我只能从以下方面获得有限的信息: openssl 版本 -a 命令。但是,如果我只
我们正在与 AWS Nitro 合作,仅提供 3 小时的证书。 我们正在寻找一种可以跳过验证中的过期部分并仍然确认证书链有效的方法。 最佳答案 根据 openssl-verify 文档
嗨,我如何在 Easyphp 中启用 openssl,因为我收到错误消息无法发送。Mailer 错误:缺少扩展:opensslTime:使用 phpmailer 时。谢谢 最佳答案 在您的 php.i
我正在尝试以编程方式读取 OpenSSL 警报消息,但无法找到执行此操作的方法。 OpenSSL API 提供如下功能: const char *SSL_alert_type_string(int v
我跑了openssl speed在我的 Ubuntu 计算机上。一些结果: Doing md4 for 3s on 16 size blocks: 9063888 md4's in 3.00s Doi
我编译了带有cryptodev支持(即硬件加速)的OpenSSL,但不幸的是默认引擎仍然是软件。 time openssl speed -evp aes-128-cbc -engine cryptod
我需要从 RedHat Linux 服务器连接到 Microsoft Dynamics CRM 服务器。地址是xxx.api.crm4.dynamics.com。服务器接受 TLSv1 但不接受 1.
关闭。这个问题不满足Stack Overflow guidelines .它目前不接受答案。 想改善这个问题吗?更新问题,使其成为 on-topic对于堆栈溢出。 上个月关闭。 Improve thi
我是一名优秀的程序员,十分优秀!