Commit | Line | Data |
---|---|---|
d2cd3b68 QL |
1 | \r |
2 | =============================================================================\r | |
3 | Introduction\r | |
4 | =============================================================================\r | |
5 | OpenSSL is a well-known open source implementation of SSL/TLS protocols.\r | |
6 | The core library implements the cryptographic and SSL/TLS functions and\r | |
7 | also provides various utility functions. The OpenSSL library is widely used\r | |
8 | in variety of security products development as base crypto provider.\r | |
9 | (See http://www.openssl.org/ for more information about OpenSSL).\r | |
10 | UEFI (Unified Extensible Firmware Interface) is a specification detailing\r | |
11 | the interfaces between OS and platform firmware. Several security features\r | |
12 | were introduced (e.g. Authenticated Variable Service, Driver Signing, etc)\r | |
13 | from UEFI 2.2 (http://www.uefi.org/). These security features highly depend\r | |
14 | on the cryptography.\r | |
15 | This HOWTO documents OpenSSL building under UEFI/EDKII environment.\r | |
16 | \r | |
17 | =============================================================================\r | |
18 | OpenSSL-Version\r | |
19 | =============================================================================\r | |
20 | EDKII supports building with the latest release of OpenSSL.\r | |
21 | The latest official release is OpenSSL-1.1.0e (Released at 2017-Feb-16).\r | |
22 | NOTE: Only latest release version was fully validated.\r | |
23 | And no guarantees on build & functionality if using other versions.\r | |
24 | \r | |
25 | =============================================================================\r | |
26 | HOW to Install OpenSSL for UEFI Building\r | |
27 | =============================================================================\r | |
28 | 1. Clone the latest official OpenSSL release into the directory\r | |
29 | CryptoPkg/Library/OpensslLib/openssl/\r | |
30 | \r | |
31 | Use OpenSSL-1.1.0e release as one example:\r | |
32 | (OpenSSL_1_1_0e below is the tag name for the OpenSSL-1.1.0e release)\r | |
33 | > cd CryptoPkg/Library/OpensslLib\r | |
34 | > git clone -b OpenSSL_1_1_0e https://github.com/openssl/openssl openssl\r | |
35 | or\r | |
36 | > git clone https://github.com/openssl/openssl openssl\r | |
37 | > git checkout OpenSSL_1_1_0e\r | |
38 | Or\r | |
39 | 2. Download the latest OpenSSL release package from the official website:\r | |
40 | https://www.openssl.org/source/\r | |
41 | and unpack the OpenSSL source into:\r | |
42 | CryptoPkg/Library/OpensslLib/openssl/\r | |
43 | \r | |
44 | =============================================================================\r | |
45 | About process_files.pl\r | |
46 | =============================================================================\r | |
47 | "process_files.pl" is one Perl script which runs the OpenSSL Configure,\r | |
48 | then processes the resulting file list into our local OpensslLib.inf and\r | |
49 | OpensslLibCrypto.inf.\r | |
50 | This only needs to be done once by the maintainer / developer when\r | |
51 | updating to a new version of OpenSSL (or changing options, etc.).\r | |
52 | Normal users do not need do this, since the results are already stored in\r | |
53 | the EDKII git repository for them.\r |