1. Developer Kit Simulator User Guide
  2. Setup, Samples, and Tools
  3. Installation
  4. Install and Setup the Java Card Development Kit Simulator
  5. Before Installing the Java Card Development Kit Simulator
  6. Build and Install the OpenSSL Library
  7. Build and Configure OpenSSL on Linux

Build and Configure OpenSSL on Linux

The following series of steps is one way of many to build the OpenSSL sources in Linux.

Example of Building OpenSSL

Refer to the OpenSSL website for additional ways to build with Linux.

  1. Update and install build-essential packages. Check for any updates available by updating the package lists from the repository:
    sudo apt-get update
sudo apt install build-essential checkinstall zlib1g-dev -y
  2. Install additional 32-bit libraries. For buildling 32-bit ELF format, additional gcc-multilib and g++-multilib packages must be installed:
    sudo apt-get install gcc-multilib g++-multilib
  3. Configure:
    • OpenSSL for 32 bits
    • OpenSSL to be installed in /usr/local/ssl directory
    • No multithreading
    • Disabled assembly language
    • Add support for weak chipers:
      perl ./Configure linux-x86 no-asm no-threads enable-weak-ssl-ciphers --prefix=/usr/local/ssl --openssldir=/usr/local/ssl
      You should see something similar to this:
      
*************************************************************************
******   OpenSSL has been successfully configured                     
******                                                                
******   If you encounter a problem while building, please open an    
******   issue on GitHub and include the output from the following command:           
******                                                                
******       perl configdata.pm --dump                                
******                                                                
******   (If you are new to OpenSSL, you might want to consult the    
******   'Troubleshooting' section in the INSTALL.md file first)      
******                                                                
*************************************************************************
  4. Run the build.
    make
  5. (Optional) - Test results.
    make test
  6. Install.
    make install

Configuring OpenSSL for the Simulator

For the Simulator to access the OpenSSL-3 libraries, follow these steps:

  • Set up the LD_LIBRARY_PATH environment variable to refer to the directory containig the OpenSSL shared libraries
    For example, if the newly built library is in your /usr/local/ssl/lib, do the following:
    export LD_LIBRARY_PATH=/usr/local/ssl/lib
    Also, make sure that this directory contains a symbolic link pointing to this version of the library. Otherwise, you an create it by:
    ln -s /usr/local/ssl/lib/libcrypto.so.3 /usr/local/ssl/lib/libcrypto.so
ln -s /usr/local/ssl/lib/libssl.so.3 /usr/local/ssl/lib/libssl.so
  • Use the legacy provider (legacy.so) for "weak SSL ciphers" (like "single DES"), by setting up the OPENSSL_MODULES environment variable. For example, if the legacy.so library is in your /usr/local/ssl/lib folder, do the following:
    export OPENSSL_MODULES=/usr/local/ssl/lib