SQLCipher for Android 64bit with OpenSSL 1.1.0

SQLCipher for Android 64bit with OpenSSL 1.1.0
==============================================

Note for my purposes min. api is set to 21 to support 64bitness.
Download and save sqlcipher-x64-pt1.diff & sqlcipher-x64-pt1.diff
to your git folder.

git clone [email protected]:sqlcipher/android-database-sqlcipher.git
cd android-database-sqlcipher
patch -p1 < sqlcipher-x64-pt1.diff
make init
patch -p1 < sqlcipher-x64-pt2.diff
make

sqlcipher-x64-pt1.diff

diff --git a/.gitmodules b/.gitmodules
index 66da6ca..89b4eb7 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -4,3 +4,4 @@
 [submodule "external/openssl"]
 	path = external/openssl
 	url = https://github.com/openssl/openssl.git
+	branch = OpenSSL_1_1_0-stable
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 1e3a8cd..9696b44 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
           package="net.sqlcipher" android:versionCode="1" android:versionName="1.0">
-  <uses-sdk android:minSdkVersion="7" />
+  <uses-sdk android:minSdkVersion="21" />
 </manifest>
diff --git a/Makefile b/Makefile
index 5eda167..9843ff1 100644
--- a/Makefile
+++ b/Makefile
@@ -21,6 +21,7 @@ init: init-environment build-openssl-libraries
 
 init-environment:
 	git submodule update --init
+	git submodule update --remote
 	android update project -p ${CURDIR}
 
 build-openssl-libraries:
diff --git a/build-openssl-libraries.sh b/build-openssl-libraries.sh
index a40ffaa..434b7b9 100755
--- a/build-openssl-libraries.sh
+++ b/build-openssl-libraries.sh
@@ -1,101 +1,100 @@
-#! /usr/bin/env sh
-(cd external/openssl;
-
-    if [ ! ${ANDROID_NDK_ROOT} ]; then
-        echo "ANDROID_NDK_ROOT environment variable not set, set and rerun"
+#! /usr/bin/env bash
+
+cd external/openssl
+
+if [ ! $ANDROID_NDK_ROOT ]; then
+    echo "ANDROID_NDK_ROOT environment variable not set, set and rerun"
+    exit 1
+fi
+
+ANDROID_LIB_ROOT=../android-libs
+HOST_INFO=`uname -a`
+case $HOST_INFO in
+    Darwin*)
+        TOOLCHAIN_SYSTEM=darwin-x86
+        ;;
+    Linux*)
+        if [[ "$HOST_INFO" == *i686* ]]
+        then
+            TOOLCHAIN_SYSTEM=linux-x86
+        else
+            TOOLCHAIN_SYSTEM=linux-x86_64
+        fi
+        ;;
+    *)
+        echo "Toolchain unknown for host system"
         exit 1
-    fi
+        ;;
+esac
+
+function build_arch_crypto {
+    export ARCH1=$1
+    export ARCH2=$2
+    export ARCH3=$3
+    export ARCHTOOL=$4
+
+    echo -e "\n==============================================================================\n"
+    echo -e "\n Building $ARCH1 in $ANDROID_LIB_ROOT/$ARCH2\n"
+    echo -e "\n==============================================================================\n"
+
+    sleep 2
 
-    ANDROID_LIB_ROOT=../android-libs
-    HOST_INFO=`uname -a`
-    case ${HOST_INFO} in
-        Darwin*)
-            TOOLCHAIN_SYSTEM=darwin-x86
-            ;;
-        Linux*)
-            if [[ "${HOST_INFO}" == *i686* ]]
-            then
-                TOOLCHAIN_SYSTEM=linux-x86
-            else
-                TOOLCHAIN_SYSTEM=linux-x86_64
-            fi
-            ;;
-        *)
-            echo "Toolchain unknown for host system"
-            exit 1
-            ;;
-    esac
-
-    rm -rf ${ANDROID_LIB_ROOT}
-    mkdir -p ${ANDROID_LIB_ROOT}/armeabi
-    mkdir -p ${ANDROID_LIB_ROOT}/armeabi-v7a
-    mkdir -p ${ANDROID_LIB_ROOT}/x86
+    rm -rf $ANDROID_LIB_ROOT/$ARCH2
+    mkdir -p $ANDROID_LIB_ROOT/$ARCH2
 
     git clean -dfx && git checkout -f
     ./Configure dist
 
-    ANDROID_PLATFORM_VERSION=android-19
-    ANDROID_TOOLCHAIN_DIR=/tmp/sqlcipher-android-toolchain
-    OPENSSL_CONFIGURE_OPTIONS="-no-krb5 no-idea no-camellia
-        no-seed no-bf no-cast no-rc2 no-rc4 no-rc5 no-md2 
-        no-md4 no-ripemd no-rsa no-ecdh no-sock no-ssl2 no-ssl3 
-        no-dsa no-dh no-ec no-ecdsa no-tls1 no-pbe no-pkcs
-        no-tlsext no-pem no-rfc3779 no-whirlpool no-ui no-srp
-        no-ssltrace no-tlsext no-mdc2 no-ecdh no-engine
-        no-tls2 no-srtp -fPIC"
-
-    # arm build
-    ${ANDROID_NDK_ROOT}/build/tools/make-standalone-toolchain.sh \
-        --platform=${ANDROID_PLATFORM_VERSION} \
-        --install-dir=${ANDROID_TOOLCHAIN_DIR} \
-        --arch=arm
-
-    export PATH=${ANDROID_TOOLCHAIN_DIR}/bin:$PATH
-
-    RANLIB=arm-linux-androideabi-ranlib \
-        AR=arm-linux-androideabi-ar \
-        CC=arm-linux-androideabi-gcc \
-        ./Configure android ${OPENSSL_CONFIGURE_OPTIONS}
+    ANDROID_PLATFORM=android-21
+    ANDROID_TOOLCHAIN_DIR=/tmp/sqlcipher-android-toolchain-$ARCH1
+    OPENSSL_CONFIGURE_OPTIONS="no-idea no-camellia 
+            no-seed no-bf no-cast no-rc2 no-rc4 no-rc5 
+            no-md4 no-ecdh no-sock no-ssl3 no-engine 
+            no-dsa no-dh no-ec no-ecdsa no-tls1 no-md2 
+            no-rfc3779 no-whirlpool no-ui no-srp 
+            no-mdc2 no-ecdh no-srtp -fPIC"
+
+    $ANDROID_NDK_ROOT/build/tools/make-standalone-toolchain.sh \
+            --platform=$ANDROID_PLATFORM \
+            --install-dir=$ANDROID_TOOLCHAIN_DIR \
+            --arch=$ARCH1
+
+    export PATH=$ANDROID_TOOLCHAIN_DIR/bin:$PATH
+
+    export ANDROID_PLAT="android"
+    if [[ "$1" == "arm" ]]; then
+        ANDROID_PLAT="androideabi"
+    else
+        ANDROID_PLAT="android"
+    fi
+    export ANDROID_PLAT
 
-    make clean
-    make build_crypto
-    mv libcrypto.a ${ANDROID_LIB_ROOT}/armeabi/
-    
-    rm -rf ${ANDROID_TOOLCHAIN_DIR}
+    export CROSS_SYSROOT=$ANDROID_TOOLCHAIN_DIR/sysroot
+    export RANLIB=$ARCHTOOL-linux-$ANDROID_PLAT-ranlib
+    export AR=$ARCHTOOL-linux-$ANDROID_PLAT-ar
+    export CC=$ARCHTOOL-linux-$ANDROID_PLAT-gcc
 
-    #armv7 build
-    ${ANDROID_NDK_ROOT}/build/tools/make-standalone-toolchain.sh \
-        --platform=${ANDROID_PLATFORM_VERSION} \
-        --install-dir=${ANDROID_TOOLCHAIN_DIR} \
-        --arch=arm
+    ./Configure $ARCH3 $OPENSSL_CONFIGURE_OPTIONS
 
-    export PATH=${ANDROID_TOOLCHAIN_DIR}/bin:$PATH
+    make clean
+    make build_libs
+    mv libcrypto.a $ANDROID_LIB_ROOT/$ARCH2/
 
-    RANLIB=arm-linux-androideabi-ranlib \
-        AR=arm-linux-androideabi-ar \
-        CC=arm-linux-androideabi-gcc \
-        ./Configure android-armv7 ${OPENSSL_CONFIGURE_OPTIONS}
+    rm -rf $ANDROID_TOOLCHAIN_DIR
+}
 
-    make clean
-    make build_crypto
-    mv libcrypto.a ${ANDROID_LIB_ROOT}/armeabi-v7a/
+# Build arm arch
+build_arch_crypto "arm" "armeabi" "android-armeabi" "arm"
 
-    rm -rf ${ANDROID_TOOLCHAIN_DIR}    
+# Build armv7 arch
+build_arch_crypto "arm" "armeabi-v7a" "android-armeabi" "arm"
 
-    # x86 build
-    ${ANDROID_NDK_ROOT}/build/tools/make-standalone-toolchain.sh \
-        --platform=${ANDROID_PLATFORM_VERSION} \
-        --install-dir=${ANDROID_TOOLCHAIN_DIR} \
-        --arch=x86
+# Build arm64-v8a arch
+build_arch_crypto "arm64" "arm64-v8a" "android64-aarch64" "aarch64"
 
-    export PATH=${ANDROID_TOOLCHAIN_DIR}/bin:$PATH
+# Build x86 arch
+build_arch_crypto "x86" "x86" "android-x86" "i686"
 
-    RANLIB=i686-linux-android-ranlib \
-        AR=i686-linux-android-ar \
-        CC=i686-linux-android-gcc \
-        ./Configure android-x86 ${OPENSSL_CONFIGURE_OPTIONS}
+# Build x86_64 arch
+build_arch_crypto "x86_64" "x86_64" "android64" "x86_64"
 
-    make clean
-    make build_crypto
-    mv libcrypto.a ${ANDROID_LIB_ROOT}/x86/
-)
diff --git a/jni/Application.mk b/jni/Application.mk
index d48fc53..59061c4 100644
--- a/jni/Application.mk
+++ b/jni/Application.mk
@@ -1,5 +1,5 @@
 APP_PROJECT_PATH := $(shell pwd)
-APP_ABI := armeabi armeabi-v7a x86
+APP_ABI := armeabi armeabi-v7a x86 x86_64 arm64-v8a
 APP_PLATFORM := 21
 APP_BUILD_SCRIPT := $(APP_PROJECT_PATH)/Android.mk
 APP_STL := stlport_static
diff --git a/jni/net_sqlcipher_CursorWindow.cpp b/jni/net_sqlcipher_CursorWindow.cpp
index 14f4e2f..0e99e81 100644
--- a/jni/net_sqlcipher_CursorWindow.cpp
+++ b/jni/net_sqlcipher_CursorWindow.cpp
@@ -38,7 +38,7 @@ namespace sqlcipher {
   static jfieldID gSizeCopiedField;
 
 #define GET_WINDOW(env, object) ((CursorWindow *)env->GetIntField(object, gWindowField))
-#define SET_WINDOW(env, object, window) (env->SetIntField(object, gWindowField, (int)window))
+#define SET_WINDOW(env, object, window) (env->SetIntField(object, gWindowField, (long long int)window))
 #define SET_BUFFER(env, object, buf) (env->SetObjectField(object, gBufferField, buf))
 #define SET_SIZE_COPIED(env, object, size) (env->SetIntField(object, gSizeCopiedField, size))
 
diff --git a/jni/net_sqlcipher_database_SQLiteCompiledSql.cpp b/jni/net_sqlcipher_database_SQLiteCompiledSql.cpp
index 90100d0..88f00da 100644
--- a/jni/net_sqlcipher_database_SQLiteCompiledSql.cpp
+++ b/jni/net_sqlcipher_database_SQLiteCompiledSql.cpp
@@ -66,7 +66,7 @@ sqlite3_stmt * compile(JNIEnv* env, jobject object,
     if (err == SQLITE_OK) {
         // Store the statement in the Java object for future calls
         LOGV("Prepared statement %p on %p", statement, handle);
-        env->SetIntField(object, gStatementField, (int)statement);
+        env->SetIntField(object, gStatementField, (long long int)statement);
         return statement;
     } else {
         // Error messages like 'near ")": syntax error' are not
diff --git a/jni/net_sqlcipher_database_SQLiteDatabase.cpp b/jni/net_sqlcipher_database_SQLiteDatabase.cpp
index 15a288f..459ed5a 100644
--- a/jni/net_sqlcipher_database_SQLiteDatabase.cpp
+++ b/jni/net_sqlcipher_database_SQLiteDatabase.cpp
@@ -244,7 +244,7 @@ namespace sqlcipher {
     sqlite3_enable_load_extension(handle, 1);
 
     LOGV("Opened '%s' - %p\n", path8, handle);
-    env->SetIntField(object, offset_db_handle, (int) handle);
+    env->SetIntField(object, offset_db_handle, (long long int) handle);
     handle = NULL;  // The caller owns the handle now.
 
   done:
diff --git a/project.properties b/project.properties
index a5578ba..bbe203c 100644
--- a/project.properties
+++ b/project.properties
@@ -8,4 +8,4 @@
 # project structure.
 
 # Project target.
-target=android-19
+target=android-21

sqlcipher-x64-pt2.diff

diff -ur a/external/sqlcipher/src/crypto_openssl.c b/external/sqlcipher/src/crypto_openssl.c
--- a/external/sqlcipher/src/crypto_openssl.c	2016-10-20 14:51:26.463011353 -0400
+++ b/external/sqlcipher/src/crypto_openssl.c	2016-10-20 15:37:30.725936381 -0400
@@ -155,14 +155,14 @@
 }
 
 static int sqlcipher_openssl_hmac(void *ctx, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) {
-  HMAC_CTX hctx;
+  HMAC_CTX *hctx;
   unsigned int outlen;
-  HMAC_CTX_init(&hctx);
-  HMAC_Init_ex(&hctx, hmac_key, key_sz, EVP_sha1(), NULL);
-  HMAC_Update(&hctx, in, in_sz);
-  HMAC_Update(&hctx, in2, in2_sz);
-  HMAC_Final(&hctx, out, &outlen);
-  HMAC_CTX_cleanup(&hctx);
+  hctx = HMAC_CTX_new();
+  HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha1(), NULL);
+  HMAC_Update(hctx, in, in_sz);
+  HMAC_Update(hctx, in2, in2_sz);
+  HMAC_Final(hctx, out, &outlen);
+  HMAC_CTX_free(hctx);
   return SQLITE_OK; 
 }
 
@@ -172,18 +172,19 @@
 }
 
 static int sqlcipher_openssl_cipher(void *ctx, int mode, unsigned char *key, int key_sz, unsigned char *iv, unsigned char *in, int in_sz, unsigned char *out) {
-  EVP_CIPHER_CTX ectx;
+  EVP_CIPHER_CTX *ectx;
   int tmp_csz, csz;
- 
-  EVP_CipherInit(&ectx, ((openssl_ctx *)ctx)->evp_cipher, NULL, NULL, mode);
-  EVP_CIPHER_CTX_set_padding(&ectx, 0); // no padding
-  EVP_CipherInit(&ectx, NULL, key, iv, mode);
-  EVP_CipherUpdate(&ectx, out, &tmp_csz, in, in_sz);
+
+  ectx = EVP_CIPHER_CTX_new();
+  EVP_CipherInit_ex(ectx, ((openssl_ctx *)ctx)->evp_cipher, NULL, NULL, NULL, mode);
+  EVP_CIPHER_CTX_set_padding(ectx, 0); // no padding
+  EVP_CipherInit_ex(ectx, NULL, NULL, key, iv, mode);
+  EVP_CipherUpdate(ectx, out, &tmp_csz, in, in_sz);
   csz = tmp_csz;  
   out += tmp_csz;
-  EVP_CipherFinal(&ectx, out, &tmp_csz);
+  EVP_CipherFinal(ectx, out, &tmp_csz);
   csz += tmp_csz;
-  EVP_CIPHER_CTX_cleanup(&ectx);
+  EVP_CIPHER_CTX_free(ectx);
   assert(in_sz == csz);
   return SQLITE_OK; 
 }