I'm building AOSP, so lets say i have root for all module in Android. Sure there is OpenSSL library which building and reusing in other modules.
And we have base application (system, external, whatever), which also communicate with native code. And my question is: How to include in local project, existing Android OpenSSL library, to work with it?
Another say, how i can get active instance of OpenSSL/BoringSSL in native code. And also, how to get instance of Android Keystore engine and work with it?
Thanks!
From the release notes of Android 6.0:
If you’re using the Android NDK in your app, don't link against cryptographic libraries that are not a part of the NDK API, such as libcrypto.so and libssl.so. These libraries are not public APIs, and may change or break without notice across releases and devices. In addition, you may expose yourself to security vulnerabilities. Instead, modify your native code to call the Java cryptography APIs via JNI or to statically link against a cryptography library of your choice.
In your native code besides the C/native API you have access to the Java API as well. Therefore you can write C code that calls the regular Java API for accessing the AndroidKeyStore. You just have to translate the Java code into C code. Accessing the Java API this way is a bit complicated, however it is the safest way (regarding compatibility).
See also