2010-11-01 07:30:58 +01:00
|
|
|
|
|
|
|
================================================================================
|
|
|
|
Introduction
|
|
|
|
================================================================================
|
|
|
|
OpenSSL is a well-known open source implementation of SSL and TLS protocols.
|
|
|
|
The core library implements the basic cryptographic functions and provides various
|
2015-06-16 02:52:40 +02:00
|
|
|
utility functions. The OpenSSL library is widely used in variety of security
|
|
|
|
products development as base crypto provider. (See http://www.openssl.org for more
|
2010-11-01 07:30:58 +01:00
|
|
|
information for OpenSSL).
|
2015-06-16 02:52:40 +02:00
|
|
|
UEFI (Unified Extensible Firmware Interface) is a specification detailing the
|
|
|
|
interfaces between OS and platform firmware. Several security features were
|
|
|
|
introduced (e.g. Authenticated Variable Service, Driver Signing, etc) from UEFI
|
|
|
|
2.2 (http://www.uefi.org). These security features highly depends on the
|
2010-11-01 07:30:58 +01:00
|
|
|
cryptography. This patch will enable openssl building under UEFI environment.
|
|
|
|
|
|
|
|
|
|
|
|
================================================================================
|
|
|
|
OpenSSL-Version
|
|
|
|
================================================================================
|
2016-07-13 07:27:11 +02:00
|
|
|
Current supported OpenSSL version for UEFI Crypto Library is 1.0.2h.
|
|
|
|
http://www.openssl.org/source/openssl-1.0.2h.tar.gz
|
2010-11-01 07:30:58 +01:00
|
|
|
|
|
|
|
|
|
|
|
================================================================================
|
|
|
|
HOW to Install Openssl for UEFI Building
|
|
|
|
================================================================================
|
2016-07-13 07:27:11 +02:00
|
|
|
1. Download OpenSSL 1.0.2h from official website:
|
|
|
|
http://www.openssl.org/source/openssl-1.0.2h.tar.gz
|
2010-11-01 07:30:58 +01:00
|
|
|
|
2016-07-13 07:27:11 +02:00
|
|
|
NOTE: Some web browsers may rename the downloaded TAR file to openssl-1.0.2h.tar.tar.
|
|
|
|
When you do the download, rename the "openssl-1.0.2h.tar.tar" to
|
|
|
|
"openssl-1.0.2h.tar.gz" or rename the local downloaded file with ".tar.tar"
|
2010-11-01 07:30:58 +01:00
|
|
|
extension to ".tar.gz".
|
|
|
|
|
2016-08-05 22:50:50 +02:00
|
|
|
2. Extract TAR into CryptoPkg/Library/OpensslLib/openssl-1.0.2h
|
2010-11-01 07:30:58 +01:00
|
|
|
|
2015-06-16 02:52:40 +02:00
|
|
|
NOTE: If you use WinZip to unpack the openssl source in Windows, please
|
|
|
|
uncheck the WinZip smart CR/LF conversion option (WINZIP: Options -->
|
2010-11-01 07:30:58 +01:00
|
|
|
Configuration --> Miscellaneous --> "TAR file smart CR/LF conversion").
|
2015-06-16 02:52:40 +02:00
|
|
|
|
2016-07-13 07:27:11 +02:00
|
|
|
3. Apply this patch: EDKII_openssl-1.0.2h.patch, and make installation
|
2010-11-01 07:30:58 +01:00
|
|
|
|
|
|
|
For Windows Environment:
|
|
|
|
------------------------
|
|
|
|
1) Make sure the patch utility has been installed in your machine.
|
2015-06-16 02:52:40 +02:00
|
|
|
Install Cygwin or get the patch utility binary from
|
2010-11-01 07:30:58 +01:00
|
|
|
http://gnuwin32.sourceforge.net/packages/patch.htm
|
2016-07-13 07:27:11 +02:00
|
|
|
2) cd $(WORKSPACE)\CryptoPkg\Library\OpensslLib\openssl-1.0.2h
|
|
|
|
3) patch -p1 -i ..\EDKII_openssl-1.0.2h.patch
|
2010-11-01 07:30:58 +01:00
|
|
|
4) cd ..
|
2012-05-07 12:29:58 +02:00
|
|
|
5) Install.cmd
|
2010-11-01 07:30:58 +01:00
|
|
|
|
|
|
|
For Linux* Environment:
|
|
|
|
-----------------------
|
|
|
|
1) Make sure the patch utility has been installed in your machine.
|
|
|
|
Patch utility is available from http://directory.fsf.org/project/patch/
|
2016-07-13 07:27:11 +02:00
|
|
|
2) cd $(WORKSPACE)/CryptoPkg/Library/OpensslLib/openssl-1.0.2h
|
|
|
|
3) patch -p1 -i ../EDKII_openssl-1.0.2h.patch
|
2010-11-01 07:30:58 +01:00
|
|
|
4) cd ..
|
2012-05-07 12:29:58 +02:00
|
|
|
5) ./Install.sh
|
2010-11-01 07:30:58 +01:00
|
|
|
|