Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-43429

[Android] Qt apps are suspected by Google Play of using an outdated version of OpenSSL



    • Bug
    • Resolution: Done
    • P2: Important
    • 5.4.1
    • 5.4.0
    • QPA
    • None
    • Android


      Attached is the e-mail I have received from Google.

      Steps to reproduce:

      1) Create a simple Qt Quick app and build it for Android.

      2) unzip -p YourApp.apk | strings | grep "OpenSSL" (On Windows I used MSYS)

      This is what I get:

      C:\Android\msys\bin>unzip -p QtApp-release-signed.apk | strings | grep "OpenSSL"
      OpenSSL 1.0.0a 1 Jun 2010

      or, if I go for some more detail:

      C:\Android\msys\bin>unzip -p QtApp-release-signed.apk | grep "OpenSSL"
       -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- ca pathLenConstraint Strange location type keyid serial could not set SSL session could not store persistent v
      ersion of SSL session Error creating SSL context (%1) unsupported protocol Invalid or empty cipher list (%1) Cannot provide a certificate with no key, %1 Error loadi
      ng local certificate, %1 Error loading private key, %1 Private key does not certify public key, %1 OpenSSL 1.0.0a 1 Jun 2010 SSLv3 SSLv2 TLSv1 TLSv1.1 TLSv1.2 Kx= Au
      = Enc= export adh Error creating SSL session, %1 could not set SSL_CTRL_SET_TLSEXT_HOSTNAME, Server Name Indication disabled Error creating SSL session: %1 MINISTRO_
      SSL_CERTS_PATH *.der [0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f].[0-9] Unable to read PKCS#12 structure, %s Unable to parse PKCS#12 structure, %
      s Unable to convert private key Error during SSL handshake: %1 Unable to init SSL Context: %1 Unable to write data: %1 Unable to decrypt data: %1 The TLS/SSL connect
      ion has been closed Error while reading: %1 Unable to create certificate store QSslSocket: cannot call unresolved function %s SSL_library_init QSslSocket: cannot res
      olve %s ASN1_INTEGER_get ASN1_STRING_data ASN1_STRING_length ASN1_STRING_to_UTF8 BIO_ctrl BIO_free BIO_new BIO_new_mem_buf BIO_read BIO_s_mem BIO_write BN_num_bits C
      RYPTO_num_locks CRYPTO_set_locking_callback CRYPTO_set_id_callback CRYPTO_free DSA_new DSA_free d2i_X509 ERR_error_string ERR_get_error ERR_free_strings EVP_des_ede3
      _cbc EVP_PKEY_assign EVP_PKEY_set1_RSA EVP_PKEY_set1_DSA EVP_PKEY_free EVP_PKEY_get1_DSA EVP_PKEY_get1_RSA EVP_PKEY_new EVP_PKEY_type i2d_X509 OBJ_nid2sn OBJ_nid2lni
      2t_ASN1_OBJECT OBJ_obj2txt OBJ_obj2nid PEM_read_bio_DSAPrivateKey PEM_read_bio_RSAPrivateKey PEM_write_bio_DSAPrivateKey PEM_write_bio_RSAPrivateKey PEM_read_bio_DSA
      _PUBKEY PEM_read_bio_RSA_PUBKEY PEM_write_bio_DSA_PUBKEY PEM_write_bio_RSA_PUBKEY RAND_seed RAND_status RSA_new RSA_free sk_num sk_pop_free sk_new_null sk_push sk_fr
      ee sk_value SSL_accept SSL_clear SSL_CIPHER_description SSL_CIPHER_get_bits SSL_connect SSL_CTX_check_private_key SSL_CTX_ctrl SSL_CTX_free SSL_CTX_new SSL_CTX_set_c
      ipher_list SSL_CTX_set_default_verify_paths SSL_CTX_set_verify SSL_CTX_set_verify_depth SSL_CTX_use_certificate SSL_CTX_use_certificate_file SSL_CTX_use_PrivateKey S
      SL_CTX_use_RSAPrivateKey SSL_CTX_use_PrivateKey_file SSL_free SSL_get_ciphers SSL_get_current_cipher SSL_version SSL_get_error SSL_get_peer_cert_chain SSL_get_peer_c
      ertificate SSL_get_verify_result SSL_load_error_strings SSL_new SSL_ctrl SSL_read SSL_set_bio SSL_set_accept_state SSL_set_connect_state SSL_shutdown SSL_set_session
       SSL_SESSION_free SSL_get1_session SSL_get_session SSLv2_client_method SSLv3_client_method SSLv23_client_method TLSv1_client_method SSLv2_server_method SSLv3_server_
      method SSLv23_server_method TLSv1_server_method SSL_write X509_cmp X509_dup X509_print X509_EXTENSION_get_object X509_free X509_get_ext X509_get_ext_count X509_get_e
      xt_d2i X509V3_EXT_get X509V3_EXT_d2i X509_EXTENSION_get_critical X509_EXTENSION_get_data BASIC_CONSTRAINTS_free AUTHORITY_KEYID_free ASN1_STRING_print X509_check_iss
      ued X509_get_issuer_name X509_get_subject_name X509_verify_cert X509_NAME_entry_count X509_NAME_get_entry X509_NAME_ENTRY_get_data X509_NAME_ENTRY_get_object X509_PU
      BKEY_get X509_STORE_free X509_STORE_new X509_STORE_add_cert X509_STORE_CTX_free X509_STORE_CTX_init X509_STORE_CTX_set_purpose X509_STORE_CTX_get_error X509_STORE_CT
      X_get_error_depth X509_STORE_CTX_get_current_cert X509_STORE_CTX_get_chain X509_STORE_CTX_new OPENSSL_add_all_algorithms_noconf OPENSSL_add_all_algorithms_conf SSL_C
      TX_load_verify_locations SSLeay SSLeay_version i2d_SSL_SESSION d2i_SSL_SESSION DH_new DH_free BN_bin2bn EC_KEY_new_by_curve_name EC_KEY_free PKCS12_parse d2i_PKCS12_
      bio PKCS12_free unsupported date format detected LD_LIBRARY_PATH /lib /usr/lib /usr/local/lib /lib64 /usr/lib64 /usr/local/lib64 /lib32 /usr/lib32 /usr/local/lib32 /
      system/lib ssl 1.0.0 crypto libssl.* libcrypto.* org/qtproject/qt5/android/QtNative getSSLCertificates ()[[B QHttpNetworkHeader QAbstractProtocolHandler QNetworkAcce
      ssCache::CacheableObject* QRunnable 18QHttpNetworkHeader  ÿÿÿÿ☺       ►   /   19QHttpNetworkRequest   11QSharedData 25QHttpNetworkHeaderPrivate HTTP/ 24QHttpNetworkR
      eplyPrivate  ÿÿÿÿ▬       `   ÿÿÿÿ‼       g   ÿÿÿÿ        k   ÿÿÿÿ§       \   ÿÿÿÿ              b   ÿÿÿÿ↑       \   QHttpNetworkConnection _q_startNextRequest  _q_hos
      tLookupFinished QHostInfo _q_connectDelayedChannel                   ♥   ♫                                   ☺       ↔   ☻     ♥   ☺   ▲   ☻     ♣       !   ☻     ++
         ♦  ?☻   +       22QHttpNetworkConnection 29QHttpNetworkConnectionPrivate    ☻   ♥   ♠   ÿÿÿÿ↔       P☺  ÿÿÿÿ        ^☺  ÿÿÿÿ        ^☺  ÿÿÿÿ        O☺  ÿÿÿÿ♣    O
      ☺  ÿÿÿÿT☺  ÿÿÿÿ♣☺  ÿÿÿÿR☺  ÿÿÿÿB☺  ÿÿÿÿH☺  ÿÿÿÿ♦☺  ÿÿÿÿH☺  ÿÿÿÿ▬ ÿÿÿÿ∟ =☺  ÿÿÿÿ♀ ÿÿÿÿ▲ D☺  ÿÿÿÿ♀ ÿÿÿÿ  A☺  ÿÿÿÿ►       >☺  ÿÿÿÿ♠       ?☺  ÿÿÿÿ↑       6☺  QHttpNetwo
      rkConnectionChannel _q_receiveReply  _q_bytesWritten bytes _q_readyRead _q_disconnected _q_connected _q_error QAbstractSocket::SocketError _q_proxyAuthenticationRequ
      ired QNetworkProxy proxy QAuthenticator* auth _q_uploadDataReadyRead _q_encrypted _q_sslErrors QList<QSslError> errors _q_encryptedBytesWritten                 ♂   ♫
                                         ☺       E   ☻           ♥   ☺   F   ☻           ♣       I   ☻           ♠       J   ☻                  K   ☻              ☺   L  ☻

      I think this is a regression, as I am not getting this output with older Qt versions.


        Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.



              releaseteam Qt Release Team
              adrian.gabureanu Adrian Gabureanu
              2 Vote for this issue
              7 Start watching this issue



                Gerrit Reviews

                  There are no open Gerrit changes