CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt

   1
   2 =============================================================================
   3                              Introduction
   4 =============================================================================
   5   OpenSSL is a well-known open source implementation of SSL/TLS protocols.
   6 The core library implements the cryptographic and SSL/TLS functions and
   7 also provides various utility functions. The OpenSSL library is widely used
   8 in variety of security products development as base crypto provider.
   9 (See http://www.openssl.org/ for more information about OpenSSL).
  10   UEFI (Unified Extensible Firmware Interface) is a specification detailing
  11 the interfaces between OS and platform firmware. Several security features
  12 were introduced (e.g. Authenticated Variable Service, Driver Signing, etc)
  13 from UEFI 2.2 (http://www.uefi.org/). These security features highly depend
  14 on the cryptography.
  15   This HOWTO documents OpenSSL building under UEFI/EDKII environment.
  16
  17 =============================================================================
  18                              OpenSSL-Version
  19 =============================================================================
  20   EDKII supports building with the latest release of OpenSSL.
  21   The latest official release is OpenSSL-1.1.0g (Released at 2017-Nov-02).
  22   NOTE: Only latest release version was fully validated.
  23         And no guarantees on build & functionality if using other versions.
  24
  25 =============================================================================
  26                       HOW to Install OpenSSL for UEFI Building
  27 =============================================================================
  28 1. Clone the latest official OpenSSL release into the directory
  29      CryptoPkg/Library/OpensslLib/openssl/
  30
  31    Use OpenSSL-1.1.0g release as one example:
  32      (OpenSSL_1_1_0g below is the tag name for the OpenSSL-1.1.0g release)
  33      > cd CryptoPkg/Library/OpensslLib
  34      > git clone -b OpenSSL_1_1_0g https://github.com/openssl/openssl openssl
  35      or
  36      > git clone https://github.com/openssl/openssl openssl
  37      > git checkout OpenSSL_1_1_0g
  38 Or
  39 2. Download the latest OpenSSL release package from the official website:
  40      https://www.openssl.org/source/
  41    and unpack the OpenSSL source into:
  42      CryptoPkg/Library/OpensslLib/openssl/
  43
  44 =============================================================================
  45                       About process_files.pl
  46 =============================================================================
  47   "process_files.pl" is one Perl script which runs the OpenSSL Configure,
  48 then processes the resulting file list into our local OpensslLib.inf and
  49 OpensslLibCrypto.inf.
  50   This only needs to be done once by the maintainer / developer when
  51 updating to a new version of OpenSSL (or changing options, etc.).
  52 Normal users do not need do this, since the results are already stored in
  53 the EDKII git repository for them.