1 2 ================================================================================ 3 Introduction 4 ================================================================================ 5 OpenSSL is a well-known open source implementation of SSL and TLS protocols. 6 The core library implements the basic cryptographic functions and provides various 7 utility functions. The OpenSSL library is widely used in variety of security 8 products development as base crypto provider. (See http://www.openssl.org for more 9 information for OpenSSL). 10 UEFI (Unified Extensible Firmware Interface) is a specification detailing the 11 interfaces between OS and platform firmware. Several security features were 12 introduced (e.g. Authenticated Variable Service, Driver Signing, etc) from UEFI 13 2.2 (http://www.uefi.org). These security features highly depends on the 14 cryptography. This patch will enable openssl building under UEFI environment. 15 16 17 ================================================================================ 18 OpenSSL-Version 19 ================================================================================ 20 Current supported OpenSSL version for UEFI Crypto Library is 1.0.2j. 21 http://www.openssl.org/source/openssl-1.0.2j.tar.gz 22 23 24 ================================================================================ 25 HOW to Install Openssl for UEFI Building 26 ================================================================================ 27 1. Download OpenSSL 1.0.2j from official website: 28 http://www.openssl.org/source/openssl-1.0.2j.tar.gz 29 30 NOTE: Some web browsers may rename the downloaded TAR file to openssl-1.0.2j.tar.tar. 31 When you do the download, rename the "openssl-1.0.2j.tar.tar" to 32 "openssl-1.0.2j.tar.gz" or rename the local downloaded file with ".tar.tar" 33 extension to ".tar.gz". 34 35 2. Extract TAR into CryptoPkg/Library/OpensslLib/openssl-1.0.2j 36 37 NOTE: If you use WinZip to unpack the openssl source in Windows, please 38 uncheck the WinZip smart CR/LF conversion option (WINZIP: Options --> 39 Configuration --> Miscellaneous --> "TAR file smart CR/LF conversion"). 40 41 3. Apply this patch: EDKII_openssl-1.0.2j.patch, and make installation 42 43 For Windows Environment: 44 ------------------------ 45 1) Make sure the patch utility has been installed in your machine. 46 Install Cygwin or get the patch utility binary from 47 http://gnuwin32.sourceforge.net/packages/patch.htm 48 2) cd $(WORKSPACE)\CryptoPkg\Library\OpensslLib\openssl-1.0.2j 49 3) patch -p1 -i ..\EDKII_openssl-1.0.2j.patch 50 4) cd .. 51 5) Install.cmd 52 53 For Linux* Environment: 54 ----------------------- 55 1) Make sure the patch utility has been installed in your machine. 56 Patch utility is available from http://directory.fsf.org/project/patch/ 57 2) cd $(WORKSPACE)/CryptoPkg/Library/OpensslLib/openssl-1.0.2j 58 3) patch -p1 -i ../EDKII_openssl-1.0.2j.patch 59 4) cd .. 60 5) ./Install.sh 61 62