Building Openssl for Qt and Android

Here I’m describing howto build and use OpenSsl with Qt 5.11 on Android.

Using Openssl with Qt5 is a real hard stuff, because:

  • Qt  does not support an actual NDK  version r18b. The latest NDK version supported is version r17c
  • Qt does also not support the actual version of OpenSsl 1.1.1. So you have to use OpenSsl 1.0.2.p
  • The official description from Qt-Documentation does not describe what NDK and what OpenSsl is supported.
  • Even the OpenSsl-Wiki does not help

The main problem is that the structure of NDK packages may change from time to time. The result is, that the actual setup script does not evaluate the correct path to the include directory.

So what to do?

First you have to build your own toolchain

In your NDK-directory go to build/tools and create your own toolchain.  

./make_standalone_toolchain.py --arch arm --api 24 --install-dir $HOME/tmp/my-android-toolchain

For more information about how to build your own toolchain have a look here.

Add a the include path to your environment

Then export the path where the include directory is located  to your build environment.

This path is the same as you used before as install-dir for the toolchain plus  „/sysroot/user“

export ANDROID_DEV=$HOME/tmp/my-android-toolchain/sysroot/usr

Build OpenSsl

Finally build the libraries with the following three commands

> ./Configure android shared
> make depend
> make CALC_VERSIONS="SHLIB_COMPAT=; SHLIB_SOVER=" build_libs

Do not use any other option for these commands!

The options of the last make command ensures that the libraries a compiled without a version number. This is because Android don’t like versioned libraries and won’t load them.

Verify libraries

If everything works well, you will find two libraries in your build directory:

libssl.so and libcrypt.so

If you see versioned libraries like libssl.so.1.0.0 or libcrypt.so.1.0.0 something went wrong.

Check if the library is not versioned:

> readelf -d libcrypto.so
:
0x0000000e (SONAME)        Library soname: [libcrypto.so]

If you see a version number like this:

0x0000000e (SONAME) Library soname: [libcrypto.so.1.0.0]

something went wrong.

To check if you have build for arm run:

> readelf -h ./libcrypto.0 | grep -i 'class\|machine' | head -2
    Class:                             ELF32
    Machine:                           ARM

This shows that the library was build for a 32Bit ARM CPU.

Now you can copy this libraries to the path of your Qt-Android project.

Deploy it to your phone and hope that every thing works a expected.

Check if OpenSsl works with Qt

Unfortunately Qt does not throw any error during compiling the code, even if you use a complete incompatible ssl library. You can build your project and run it without problems.

While testing your app you may notice that your encrypted network functions may not work, but all other network functions are working correctly. If your are using qDebug() you can see some ssl errors on your console like:

QSslSocket: cannot resolve TLSv1_1_client_method
QSslSocket: cannot resolve TLSv1_2_client_method

In this case its time to look if Qt is using the library.  You can do it like this:

if (QSslSocket::supportsSsl())
   qDebug() << "SSL supported" << QSslSocket::sslLibraryVersionString();
else
   qDebug() << "No SSL-Support " ;

If your output is „No SSl-Support“ your ssl library is not used by Qt, check the steps before 😉

Dieser Beitrag wurde unter Allgemein veröffentlicht. Setze ein Lesezeichen auf den Permalink.