From nobody Sat Nov 2 12:30:36 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zoho.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1490275216259933.1481733129764; Thu, 23 Mar 2017 06:20:16 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id C900A80432; Thu, 23 Mar 2017 06:20:08 -0700 (PDT) Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D507C80432 for ; Thu, 23 Mar 2017 06:20:05 -0700 (PDT) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga105.jf.intel.com with ESMTP; 23 Mar 2017 06:20:05 -0700 Received: from shwde6388.ccr.corp.intel.com ([10.239.9.17]) by fmsmga002.fm.intel.com with ESMTP; 23 Mar 2017 06:20:03 -0700 X-Original-To: edk2-devel@lists.01.org X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.36,210,1486454400"; d="scan'208";a="1146042179" From: Qin Long To: edk2-devel@lists.01.org Date: Thu, 23 Mar 2017 21:19:26 +0800 Message-Id: <20170323131932.6168-6-qin.long@intel.com> X-Mailer: git-send-email 2.11.1.windows.1 In-Reply-To: <20170323131932.6168-1-qin.long@intel.com> References: <20170323131932.6168-1-qin.long@intel.com> Subject: [edk2] [PATCH v2 05/11] CryptoPkg/OpensslLib: Add new OpenSSL-HOWTO document. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ard.biesheuvel@linaro.org, ting.ye@intel.com, David Woodhouse , ronald.cron@arm.com, jiaxin.wu@intel.com, glin@suse.com, lersek@redhat.com MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Add one new OpenSSL-HOWTO.txt to introduce how to clone / download the latest OpenSSL release source for build. ALso update buildinf.h to reflect the latest update time. Cc: Ting Ye Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Gary Lin Cc: Ronald Cron Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: David Woodhouse Signed-off-by: Qin Long Acked-by: Gary Lin Acked-by: Laszlo Ersek Tested-by: Gary Lin Tested-by: Laszlo Ersek --- CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 53 ++++++++++++++++++++++= ++++ CryptoPkg/Library/OpensslLib/buildinf.h | 2 +- 2 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt diff --git a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt b/CryptoPkg/Lib= rary/OpensslLib/OpenSSL-HOWTO.txt new file mode 100644 index 0000000000..e8b0bab010 --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt @@ -0,0 +1,53 @@ + +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D + Introduction +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D + OpenSSL is a well-known open source implementation of SSL/TLS protocols. +The core library implements the cryptographic and SSL/TLS functions and +also provides various utility functions. The OpenSSL library is widely used +in variety of security products development as base crypto provider. +(See http://www.openssl.org/ for more information about OpenSSL). + UEFI (Unified Extensible Firmware Interface) is a specification detailing +the interfaces between OS and platform firmware. Several security features +were introduced (e.g. Authenticated Variable Service, Driver Signing, etc) +from UEFI 2.2 (http://www.uefi.org/). These security features highly depend +on the cryptography. + This HOWTO documents OpenSSL building under UEFI/EDKII environment. + +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D + OpenSSL-Version +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D + EDKII supports building with the latest release of OpenSSL. + The latest official release is OpenSSL-1.1.0e (Released at 2017-Feb-16). + NOTE: Only latest release version was fully validated. + And no guarantees on build & functionality if using other versions. + +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D + HOW to Install OpenSSL for UEFI Building +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D +1. Clone the latest official OpenSSL release into the directory + CryptoPkg/Library/OpensslLib/openssl/ + + Use OpenSSL-1.1.0e release as one example: + (OpenSSL_1_1_0e below is the tag name for the OpenSSL-1.1.0e release) + > cd CryptoPkg/Library/OpensslLib + > git clone -b OpenSSL_1_1_0e https://github.com/openssl/openssl open= ssl + or + > git clone https://github.com/openssl/openssl openssl + > git checkout OpenSSL_1_1_0e +Or +2. Download the latest OpenSSL release package from the official website: + https://www.openssl.org/source/ + and unpack the OpenSSL source into: + CryptoPkg/Library/OpensslLib/openssl/ + +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D + About process_files.pl +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D + "process_files.pl" is one Perl script which runs the OpenSSL Configure, +then processes the resulting file list into our local OpensslLib.inf and +OpensslLibCrypto.inf. + This only needs to be done once by the maintainer / developer when +updating to a new version of OpenSSL (or changing options, etc.). +Normal users do not need do this, since the results are already stored in +the EDKII git repository for them. diff --git a/CryptoPkg/Library/OpensslLib/buildinf.h b/CryptoPkg/Library/Op= ensslLib/buildinf.h index 673bf787c1..3d967d2a86 100644 --- a/CryptoPkg/Library/OpensslLib/buildinf.h +++ b/CryptoPkg/Library/OpensslLib/buildinf.h @@ -1,2 +1,2 @@ #define PLATFORM "UEFI" -#define DATE "Mon Mar 8 14:17:05 PDT 2010" +#define DATE "Tues Mar 21 01:23:45 PDT 2017" --=20 2.11.1.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel