This project is an adaptation of the BoringSSL library for KasperskyOS. The project is based on a commit and includes 3 examples demonstrating the use of the BoringSSL library in KasperskyOS.
BoringSSL library for KasperskyOS is based on the BoringSSL library, a fork of OpenSSL library. BoringSSL library for KasperskyOS is intended to provide security and encryption in network applications.
For more information about BoringSSL library, see the README.md file of this library.
For additional details on KasperskyOS, including its limitations and known issues, please refer to the KasperskyOS Community Edition Online Help.
- Install KasperskyOS Community Edition SDK. You can download the latest version of the KasperskyOS Community Edition for free from os.kaspersky.com. The minimum required version of KasperskyOS Community Edition SDK is 1.2. For more information, see System requirements.
- Copy source files to your project directory. The examples of KasperskyOS-based solutions are located in the following directory:
./kos
- To build and run unit tests for BoringSSL library for KasperskyOS, install the
golang
package by running the command:apt-get install -y golang
The BoringSSL library for KasperskyOS is built using the CMake build system, which is provided in the KasperskyOS Community Edition SDK.
To build and install the BoringSSL library, execute the cross-build.sh
script located in the ./kos
directory. There are environment variables that affect the build and installation of the BoringSSL library:
SDK_PREFIX
specifies the path to the installed version of the KasperskyOS Community Edition SDK. The value of this environment variable must be set.INSTALL_PREFIX
specifies the installation path of the library. If not specified, the library will be installed in the./kos/install
directory.TARGET
specifies the target platform. (Currently only theaarch64-kos
platform is supported.)
Warning
The KasperskyOS Community Edition SDK comes with pre-built OpenSSL libraries and headers. It is strongly not recommended to install BoringSSL to the KasperskyOS SDK sysroot-<platform>
directory, as it will cause OpenSSL to malfunction and render it unusable.
For example, review the following command:
$ SDK_PREFIX=/opt/KasperskyOS-Community-Edition-<version> INSTALL_PREFIX=/home/libs/BoringSSL-kos ./cross-build.sh
The BoringSSL library is built and installed in the /home/libs/BoringSSL-kos/
directory using the
SDK toolchain found in the /opt/KasperskyOS-Community-Edition-<version>
path, where version
is the
latest version number of the KasperskyOS Community Edition SDK.
You can also use the following options instead of or in addition to environment variables:
-
-h, --help
Help text.
-
-s, --sdk SDK_PREFIX
Path to the installed version of the KasperskyOS Community Edition SDK. The value specified in the
-s
option takes precedence over the value of theSDK_PREFIX
environment variable. -
-i, --install INSTALL_PREFIX
Directory where BoringSSL for KasperskyOS binary files are installed. The value specified in the
-i
option takes precedence over the value of theINSTALL_PREFIX
environment variable.
For example:
$ ./cross-build.sh -s /opt/KasperskyOS-Community-Edition-<version> -i /opt/libs
The BoringSSL library's tests have been adapted to run on KasperskyOS. The tests have the following limitations:
- Unit tests for KasperskyOS are currently only available for QEMU.
- Only IPv4 tests are compatible with KasperskyOS.
RandTest.Fork
test is skipped due to thefork
system call is not supported by KasperskyOS.
Tests use an out-of-source build. The build tree is situated in the generated build_tests
subdirectory of the kos
directory. For each test suite, a separate image will be created. As it can be taxing on disk space, the tests will run sequentially.
There are environment variables that affect the build and installation of the tests:
SDK_PREFIX
specifies the path to the installed version of the KasperskyOS Community Edition SDK. The value of this environment variable must be set.TARGET
specifies the target platform. (Currently only theaarch64-kos
platform is supported.)
To build and run the tests, go to the ./kos
directory and run the command:
$ [TARGET="aarch64-kos"] ./run-tests.sh [-s SDK_PREFIX] [--help] [--list] [-n TEST_NAME_1] ... [-n TEST_NAME_N] [-t TIMEOUT] [-o OUT_PATH] [-j N_JOBS]
,
where:
-
-s, --sdk SDK_PREFIX
Path to the installed version of the KasperskyOS Community Edition SDK. The value specified in the
-s
option takes precedence over the value of theSDK_PREFIX
environment variable. -
-h, --help
Help text.
-
-l, --list
List of tests that can be run.
-
-n, --name TEST_NAME
Test name to execute. The parameter can be repeated multiple times. If not specified, all tests will be executed.
-
-t, --timeout TIMEOUT
Time, in seconds, allotted to start and execute a single test case. Default value is 300 seconds.
-
-o, --out OUT_PATH
Path where the results of the test run will be stored. If not specified, the results will be stored in the
./kos/build_tests/logs
directory. -
-j, --jobs N_JOBS
Number of jobs for parallel build. If not specified, the default value obtained from the
nproc
command is used.
For example, to start executing all tests, use the following command:
$ SDK_PREFIX=/opt/KasperskyOS-Community-Edition-<version> ./run-tests.sh
To include the BoringSSL library in a KasperskyOS-based solution, there are three recommended options: using the library source code as a git submodule, using the previously installed BoringSSL library, or using the CMake module FetchContent
. Each project example demonstrates one of these methods.
When you develop a KasperskyOS-based solution, use the recommended structure of project directories to simplify usage of CMake scripts.
./kos/examples/common/
—Common source code for all examples that calculates the SHA256 hash for theTest Message Hello World
message../kos/examples/use_as_submodule/
—Example of using the BoringSSL library source code as a git submodule../kos/examples/use_installed/
—Example of using the previously installed BoringSSL library../kos/examples/use_with_fetch_content/
—Example of using the CMake moduleFetchContent
.
./kos/run-tests.sh
—Script runs unit tests using the GoogleTest framework.
Registered trademarks and endpoint marks are the property of their respective owners.
GoogleTest is a trademark of Google LLC.
OpenSSL is a trademark owned by the OpenSSL Software Foundation. BoringSSL adaptation for KasperskyOS is not affiliated with OpenSSL.
Raspberry Pi is a trademark of the Raspberry Pi Foundation.
Only KasperskyOS-specific changes can be approved. See CONTRIBUTING.md for detailed instructions on code contribution.
This project is licensed under the terms of the OpenSSL License. See LICENSE for more information.
© 2024 AO Kaspersky Lab