[National secret] Libcurl's Android library compilation process and detailed explanation

I. Overview

This article aims to provide a detailed explanation of the compilation process and use of the Android libcurl national secret library. The
national secret algorithm (SM2/SM3/SM4) is a cryptographic algorithm standard issued by the State Cryptography Administration of China. Use the libcurl library, because it is a widely used network transmission library that supports multiple protocols, so you need to use the libcurl library in combination with the national secret algorithm to achieve national secret communication~

ok，let’s go~

2. Compilation process

The author's environment:
Windows version: Windows 10
Android NDK version: r21 or later

1. Prepare the environment

确保已安装 Android NDK，设置好ANDROID_NDK_HOME环境变量(此处不再赘述，基本功哈...)

2. Obtain GmSSL source code

git clone https://github.com/guanzhi/GmSSL.git

3. Compile GmSSL

First enter the gmssl folder, then create the 'build-android' folder, the purpose of creating this folder is to create the compiled output file, and finally execute

./setenv-android.sh

Then run the following command

make clean
make
make install

ok~ At this point, the compilation of gmssl is completed;

4. Compile libcurl

git clone https://github.com/curl/curl.git

Enter the libcurl source code directory, create a compilation output folder, and execute the following command

cd curl
mkdir build-android
cd build-android

Create a build.sh script file and copy the following content into the file

#!/bin/bash

export ANDROID_NDK_HOME=你的Android_NDK路径
export GmSSL_INSTALL_DIR=你的GmSSL安装目录

API_LEVEL=21
ANDROID_ABI="armeabi-v7a with NEON"
ARCH=arm
PLATFORM=android
TOOLCHAIN=${ANDROID_NDK_HOME}/toolchains/llvm/prebuilt/linux-x86_64

export PATH=${TOOLCHAIN}/bin:$PATH
export CC=${TOOLCHAIN}/bin/armv7a-linux-androideabi${API_LEVEL}-clang
export CXX=${TOOLCHAIN}/bin/armv7a-linux-androideabi${API_LEVEL}-clang++
export AR=${TOOLCHAIN}/bin/arm-linux-androideabi-ar
export LD=${TOOLCHAIN}/bin/arm-linux-androideabi-ld
export RANLIB=${TOOLCHAIN}/bin/arm-linux-androideabi-ranlib

../configure --host=arm-linux-androideabi \
    --enable-static --disable-shared \
    --disable-debug --disable-verbose \
    --disable-curldebug \
    --enable-http --disable-ftp --disable-file --disable-ldap --disable-ldaps --disable-rtsp --disable-proxy --disable-dict --disable-telnet --disable-tftp --disable-pop3 --disable-imap --disable-smb --disable-smtp --disable-gopher --disable-manual \
    --disable-sspi --disable-ntlm-wb --disable-tls-srp \
    --disable-crypto-auth --disable-ntlm --disable-cookies \
    --with-ssl=$GmSSL_INSTALL_DIR \
    --without-zlib \
    --without-ca-bundle --without-ca-path \
    --prefix=$(pwd)/../output/android

make
make install

Finally, give the script executable permissions and execute ~

chmod +x build.sh
./build.sh

At this point, the compiled libcurl will be located in the output/android directory~

3. Detailed explanation

1. Add the compiled libcurl library and GmSSL library to the Android project:

Copy the include folder of the GmSSL library to the jni directory of the Android project
Copy the compiled libcurl library (libcurl.a) and GmSSL library (libcrypto.a, libssl.a) to the jni/libs directory of the Android project

2. Create an Android.mk file:
Create a file named Android.mk in the jni directory, and copy the following content into the file:

LOCAL_PATH := $(call my-dir)

include $(CLEAR_VARS)
LOCAL_MODULE := gmssl
LOCAL_SRC_FILES := libs/libcrypto.a
include $(PREBUILT_STATIC_LIBRARY)

include $(CLEAR_VARS)
LOCAL_MODULE := ssl
LOCAL_SRC_FILES := libs/libssl.a
include $(PREBUILT_STATIC_LIBRARY)

include $(CLEAR_VARS)
LOCAL_MODULE := curl
LOCAL_SRC_FILES := libs/libcurl.a
include $(PREBUILT_STATIC_LIBRARY)

include $(CLEAR_VARS)
LOCAL_MODULE := my_native_module
LOCAL_SRC_FILES := my_native_module.c
LOCAL_STATIC_LIBRARIES := curl ssl gmssl
LOCAL_LDLIBS := -llog

include $(BUILD_SHARED_LIBRARY)

3. Write local code:
In the my_native_module.c file, you can use the libcurl library and the GmSSL library for national secret communication. For example, using an HTTPS GET request:

#include <jni.h>
#include <string.h>
#include <curl/curl.h>

JNIEXPORT jstring JNICALL
Java_com_example_myapp_MainActivity_sendHttpsRequest(JNIEnv *env, jobject instance) {
    
    
    CURL *curl;
    CURLcode res;

    curl_global_init(CURL_GLOBAL_DEFAULT);
    curl = curl_easy_init();

    if (curl) {
    
    
        curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L);
        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 2L);

        res = curl_easy_perform(curl);
        if (res != CURLE_OK) {
    
    
            return (*env)->NewStringUTF(env, curl_easy_strerror(res));
        }

        curl_easy_cleanup(curl);
    }

    curl_global_cleanup();
    return (*env)->NewStringUTF(env, "Request completed successfully.");
}

4. Call the local method in the Android project:
call the local method in MainActivity.java, as shown below

public class MainActivity extends AppCompatActivity {
    
    
    static {
    
    
        System.loadLibrary("my_native_module");
    }

    public native String sendHttpsRequest();

    @Override
    protected void onCreate(Bundle savedInstanceState) {
    
    
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);

        String result = sendHttpsRequest();
        Log.i("MainActivity", result);
    }
}

So far, you have successfully compiled the Android libcurl national secret library and used it in the Android project for national secret communication~

Four, finally

If you have any questions, feel free to comment and contact me~