[mirror_edk2.git] / CryptoPkg / Library / OpensslLib / OpenSSL-HOWTO.txt

\r
=============================================================================\r
                             Introduction\r
=============================================================================\r
  OpenSSL is a well-known open source implementation of SSL/TLS protocols.\r
The core library implements the cryptographic and SSL/TLS functions and\r
also provides various utility functions. The OpenSSL library is widely used\r
in variety of security products development as base crypto provider.\r
(See http://www.openssl.org/ for more information about OpenSSL).\r
  UEFI (Unified Extensible Firmware Interface) is a specification detailing\r
the interfaces between OS and platform firmware. Several security features\r
were introduced (e.g. Authenticated Variable Service, Driver Signing, etc)\r
from UEFI 2.2 (http://www.uefi.org/). These security features highly depend\r
on the cryptography.\r
  This HOWTO documents OpenSSL building under UEFI/EDKII environment.\r
\r
=============================================================================\r
                             OpenSSL-Version\r
=============================================================================\r
  EDKII supports building with the latest release of OpenSSL.\r
  The latest official release is OpenSSL-1.1.0e (Released at 2017-Feb-16).\r
  NOTE: Only latest release version was fully validated.\r
        And no guarantees on build & functionality if using other versions.\r
\r
=============================================================================\r
                      HOW to Install OpenSSL for UEFI Building\r
=============================================================================\r
1. Clone the latest official OpenSSL release into the directory\r
     CryptoPkg/Library/OpensslLib/openssl/\r
\r
   Use OpenSSL-1.1.0e release as one example:\r
     (OpenSSL_1_1_0e below is the tag name for the OpenSSL-1.1.0e release)\r
     > cd CryptoPkg/Library/OpensslLib\r
     > git clone -b OpenSSL_1_1_0e https://github.com/openssl/openssl openssl\r
     or\r
     > git clone https://github.com/openssl/openssl openssl\r
     > git checkout OpenSSL_1_1_0e\r
Or\r
2. Download the latest OpenSSL release package from the official website:\r
     https://www.openssl.org/source/\r
   and unpack the OpenSSL source into:\r
     CryptoPkg/Library/OpensslLib/openssl/\r
\r
=============================================================================\r
                      About process_files.pl\r
=============================================================================\r
  "process_files.pl" is one Perl script which runs the OpenSSL Configure,\r
then processes the resulting file list into our local OpensslLib.inf and\r
OpensslLibCrypto.inf.\r
  This only needs to be done once by the maintainer / developer when\r
updating to a new version of OpenSSL (or changing options, etc.).\r
Normal users do not need do this, since the results are already stored in\r
the EDKII git repository for them.\r
Commit	Line	Data
d2cd3b68 QL	1	\r
	2	=============================================================================\r
	3	Introduction\r
	4	=============================================================================\r
	5	OpenSSL is a well-known open source implementation of SSL/TLS protocols.\r
	6	The core library implements the cryptographic and SSL/TLS functions and\r
	7	also provides various utility functions. The OpenSSL library is widely used\r
	8	in variety of security products development as base crypto provider.\r
	9	(See http://www.openssl.org/ for more information about OpenSSL).\r
	10	UEFI (Unified Extensible Firmware Interface) is a specification detailing\r
	11	the interfaces between OS and platform firmware. Several security features\r
	12	were introduced (e.g. Authenticated Variable Service, Driver Signing, etc)\r
	13	from UEFI 2.2 (http://www.uefi.org/). These security features highly depend\r
	14	on the cryptography.\r
	15	This HOWTO documents OpenSSL building under UEFI/EDKII environment.\r
	16	\r
	17	=============================================================================\r
	18	OpenSSL-Version\r
	19	=============================================================================\r
	20	EDKII supports building with the latest release of OpenSSL.\r
	21	The latest official release is OpenSSL-1.1.0e (Released at 2017-Feb-16).\r
	22	NOTE: Only latest release version was fully validated.\r
	23	And no guarantees on build & functionality if using other versions.\r
	24	\r
	25	=============================================================================\r
	26	HOW to Install OpenSSL for UEFI Building\r
	27	=============================================================================\r
	28	1. Clone the latest official OpenSSL release into the directory\r
	29	CryptoPkg/Library/OpensslLib/openssl/\r
	30	\r
	31	Use OpenSSL-1.1.0e release as one example:\r
	32	(OpenSSL_1_1_0e below is the tag name for the OpenSSL-1.1.0e release)\r
	33	> cd CryptoPkg/Library/OpensslLib\r
	34	> git clone -b OpenSSL_1_1_0e https://github.com/openssl/openssl openssl\r
	35	or\r
	36	> git clone https://github.com/openssl/openssl openssl\r
	37	> git checkout OpenSSL_1_1_0e\r
	38	Or\r
	39	2. Download the latest OpenSSL release package from the official website:\r
	40	https://www.openssl.org/source/\r
	41	and unpack the OpenSSL source into:\r
	42	CryptoPkg/Library/OpensslLib/openssl/\r
	43	\r
	44	=============================================================================\r
	45	About process_files.pl\r
	46	=============================================================================\r
	47	"process_files.pl" is one Perl script which runs the OpenSSL Configure,\r
	48	then processes the resulting file list into our local OpensslLib.inf and\r
	49	OpensslLibCrypto.inf.\r
	50	This only needs to be done once by the maintainer / developer when\r
	51	updating to a new version of OpenSSL (or changing options, etc.).\r
	52	Normal users do not need do this, since the results are already stored in\r
	53	the EDKII git repository for them.\r