Android JNI Builds

[m...@thomaskeller.biz]

Hi all!

I am new to conscrypt, so excuse this question, but I'd like to use conscrypt as a specific JCP on Android. I see performance issues when decrypting RSA payload when using the default JCP implementation on various different Android devices / API versions, while the newer API levels that seem to be backed by conscrypt usually show much better performance. So to "come" clean I thought I should try to use this specific provider everywhere.

However, while the library is dubbed as "for Android and OpenJDK", I fail to find JNI libraries for Android (arm32, arm64, etc.). Is it expected that these are compiled from source or am I missing something?

Thanks,

Thomas.

[Adam Vartanian]

However, while the library is dubbed as "for Android and OpenJDK", I fail to find JNI libraries for Android (arm32, arm64, etc.). Is it expected that these are compiled from source or am I missing something?

The Android AAR we publish on Maven includes native libraries for ARMv7, ARMv8, x86, and x86_64, so it should include everything you need to install the provider.

- Adam

[m...@thomaskeller.biz]

Am Dienstag, 13. März 2018 13:08:11 UTC+1 schrieb Adam Vartanian:

However, while the library is dubbed as "for Android and OpenJDK", I fail to find JNI libraries for Android (arm32, arm64, etc.). Is it expected that these are compiled from source or am I missing something?

The Android AAR we publish on Maven includes native libraries for ARMv7, ARMv8, x86, and x86_64, so it should include everything you need to install the provider.

Thanks Adam, I tried that earlier and stumbled upon this exception:

java.lang.UnsatisfiedLinkError: No implementation found for java.lang.String[] org.conscrypt.NativeCrypto.get_cipher_names(java.lang.String) (tried Java_org_conscrypt_NativeCrypto_get_1cipher_1names and Java_org_conscrypt_NativeCrypto_get_1cipher_1names__Ljava_lang_String_2) 

which is why I initially thought the `conscrypt-android` artifact came without native libs (Android Studio hasn't shown me them in the dependencies view, but I was able to verify they are there after I unpacked the `.aar` and looked into the `jni` directory).

Any hint what's wrong here?

Many thanks!

Thomas.

[Adam Vartanian]

> Thanks Adam, I tried that earlier and stumbled upon this exception:
>
> java.lang.UnsatisfiedLinkError: No implementation found for
> java.lang.String[]
> org.conscrypt.NativeCrypto.get_cipher_names(java.lang.String) (tried
> Java_org_conscrypt_NativeCrypto_get_1cipher_1names and
> Java_org_conscrypt_NativeCrypto_get_1cipher_1names__Ljava_lang_String_2)
>
>
> which is why I initially thought the `conscrypt-android` artifact came
> without native libs (Android Studio hasn't shown me them in the dependencies
> view, but I was able to verify they are there after I unpacked the `.aar`
> and looked into the `jni` directory).
>
>
> Any hint what's wrong here?

Hrm, that implies that it's not able to load the native library. Any
chance that you can attach a debugger and see if
org.conscrypt.NativeCrypto.loadError is getting set to something in
the static initializer? We try to cache that value so you can inspect
it later, but I suspect that a lot of failure modes break the future
static initializers and prevent the class from getting loaded anyhow.

- Adam

[lolivier...@gmail.com]

I'm getting the same error as Thomas:

                                                                                                                           java.lang.UnsatisfiedLinkError: No implementation found for java.lang.String[] org.conscrypt.NativeCrypto.get_cipher_names(java.lang.String) (tried Java_org_conscrypt_NativeCrypto_get_1cipher_1names and Java_org_conscrypt_NativeCrypto_get_1cipher_1names__Ljava_lang_String_2)

I'm an Android developer and I'm trying to use Conscrypt. I have configured Gradle as indicated on https://github.com/google/conscrypt but I now have some difficulties to understand how to mount it as the JCE provider.

I have tried:

    static {

        try {

            Security.insertProviderAt(Conscrypt.newProvider(), 1);

        } catch (NoClassDefFoundError e) {

            e.printStackTrace();

        }

    }

added at the beginning of the file MainActivity.java of my Android App but I get the above crash.

Do you have some advices about how to mount it properly? Is there some documentation explaining that? I didn't find much on google.

Thanks!

[lolivier...@gmail.com]

BTW, I'm using an Android phone with the version 6.0.1 (= API version 23)

What is the min Android API version to use Conscrypt?

Thanks

[Adam Vartanian]

I have tried:

    static {

        try {

            Security.insertProviderAt(Conscrypt.newProvider(), 1);

        } catch (NoClassDefFoundError e) {

            e.printStackTrace();

        }

    }

added at the beginning of the file MainActivity.java of my Android App but I get the above crash.

Do you have some advices about how to mount it properly? Is there some documentation explaining that? I didn't find much on google.

That should be all that's necessary.  Any chance you can attach a debugger and see if org.conscrypt.NativeCrypto.loadError is getting set to something in the static initializer?

What is the min Android API version to use Conscrypt?

We support as far back as API level 9 (Gingerbread), so that shouldn't be the problem.

- Adam

[Yuri Schimke]

It should probably be considered a bug if this code can throw a NoClassDefFoundError.

static {

  if (Conscrypt.isAvailable()) {

    Security.insertProviderAt(Conscrypt.newProvider(), 1);

  }

}

--
You received this message because you are subscribed to the Google Groups "conscrypt" group.
To unsubscribe from this group and stop receiving emails from it, send an email to conscrypt+unsubscribe@googlegroups.com.
To post to this group, send email to cons...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/conscrypt/CAB3gpb71ZBL4usL2sU%3D%3D0O5jcOzUApf0DQw1mxRwRzB_Q%2BbhJg%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

[lolivier...@gmail.com]

"if (Conscrypt.isAvailable())" return false. I have done some "step into" this function and I see that it fails in "NativeCrypto.class" in:

        try {
            NativeCryptoJni.init();
            clinit();
        } catch (UnsatisfiedLinkError var4) {
            allCipherSuites = var4;
        }

It goes in the "catch" statement:

java.lang.UnsatisfiedLinkError: dalvik.system.PathClassLoader[DexPathList[...PATH TRUNCATED ...]]] couldn't find "libconscrypt_openjdk_jni-linux-aarch_64.so"

So I have probably missed something in Conscrypt setup. I have followed the instruction given on https://github.com/google/conscrypt

In build.gradle, I have added :

 buildscript {
     repositories {
-        jcenter()
+        mavenCentral()

     }
     dependencies {
         classpath 'com.android.tools.build:gradle:2.3.1'
+        classpath 'com.google.gradle:osdetector-gradle-plugin:1.4.0'
 
         // NOTE: Do not place your application dependencies here; they belong
         // in the individual module build.gradle files
     }

In app/build.gradle, I have added:

+// Use the osdetector-gradle-plugin
+apply plugin: "com.google.osdetector"

In the dependencies:

+    compile 'org.conscrypt:conscrypt-openjdk:1.1.3:' + osdetector.classifier

Do you know what could be missing?

Thanks

Le mercredi 11 juillet 2018 18:16:54 UTC+2, Yuri Schimke a écrit :

It should probably be considered a bug if this code can throw a NoClassDefFoundError.

static {

  if (Conscrypt.isAvailable()) {

    Security.insertProviderAt(Conscrypt.newProvider(), 1);

  }

}

On 11 July 2018 at 16:03, 'Adam Vartanian' via conscrypt <cons...@googlegroups.com> wrote:

I have tried:

    static {

        try {

            Security.insertProviderAt(Conscrypt.newProvider(), 1);

        } catch (NoClassDefFoundError e) {

            e.printStackTrace();

        }

    }

added at the beginning of the file MainActivity.java of my Android App but I get the above crash.

Do you have some advices about how to mount it properly? Is there some documentation explaining that? I didn't find much on google.

That should be all that's necessary.  Any chance you can attach a debugger and see if org.conscrypt.NativeCrypto.loadError is getting set to something in the static initializer?

What is the min Android API version to use Conscrypt?

We support as far back as API level 9 (Gingerbread), so that shouldn't be the problem.

- Adam

--
You received this message because you are subscribed to the Google Groups "conscrypt" group.

To unsubscribe from this group and stop receiving emails from it, send an email to conscrypt+...@googlegroups.com.

To post to this group, send email to cons...@googlegroups.com.

[Adam Vartanian]

In build.gradle, I have added :

 buildscript {
     repositories {
-        jcenter()
+        mavenCentral()

     }
     dependencies {
         classpath 'com.android.tools.build:gradle:2.3.1'
+        classpath 'com.google.gradle:osdetector-gradle-plugin:1.4.0'
 
         // NOTE: Do not place your application dependencies here; they belong
         // in the individual module build.gradle files
     }

In app/build.gradle, I have added:

+// Use the osdetector-gradle-plugin
+apply plugin: "com.google.osdetector"

In the dependencies:

+    compile 'org.conscrypt:conscrypt-openjdk:1.1.3:' + osdetector.classifier

Do you know what could be missing?

Ah, that's the dependency for the OpenJDK version of the library.  You need to depend on 'org.conscrypt:conscrypt-android:1.1.4' to get the Android version (and you don't need the osdetector dependency).  I see the README.md doesn't have Android instructions, I'll get those added.

- Adam

[lolivier...@gmail.com]

Thank you very much Adam. I confirm that it fixes my issue. I can see that the README.md file has been updated with this info.

Thanks again

Olivier