1
2================================================================================
3                                 Introduction
4================================================================================
5  OpenSSL is a well-known open source implementation of SSL and TLS protocols.
6The core library implements the basic cryptographic functions and provides various
7utility functions. The OpenSSL library is widely used in variety of security
8products development as base crypto provider. (See http://www.openssl.org for more
9information for OpenSSL).
10  UEFI (Unified Extensible Firmware Interface) is a specification detailing the
11interfaces between OS and platform firmware. Several security features were
12introduced (e.g. Authenticated Variable Service, Driver Signing, etc) from UEFI
132.2 (http://www.uefi.org). These security features highly depends on the
14cryptography. This patch will enable openssl building under UEFI environment.
15
16
17================================================================================
18                                OpenSSL-Version
19================================================================================
20  Current supported OpenSSL version for UEFI Crypto Library is 1.0.2e.
21    http://www.openssl.org/source/openssl-1.0.2e.tar.gz
22
23
24================================================================================
25                      HOW to Install Openssl for UEFI Building
26================================================================================
271.  Download OpenSSL 1.0.2e from official website:
28    http://www.openssl.org/source/openssl-1.0.2e.tar.gz
29
30    NOTE: Some web browsers may rename the downloaded TAR file to openssl-1.0.2e.tar.tar.
31          When you do the download, rename the "openssl-1.0.2e.tar.tar" to
32          "openssl-1.0.2e.tar.gz" or rename the local downloaded file with ".tar.tar"
33          extension to ".tar.gz".
34
352.  Extract TAR into CryptoPkg/Library/OpenSslLib/openssl-1.0.2e
36
37    NOTE: If you use WinZip to unpack the openssl source in Windows, please
38          uncheck the WinZip smart CR/LF conversion option (WINZIP: Options -->
39          Configuration --> Miscellaneous --> "TAR file smart CR/LF conversion").
40
413.  Apply this patch: EDKII_openssl-1.0.2e.patch, and make installation
42
43    For Windows Environment:
44    ------------------------
45    1) Make sure the patch utility has been installed in your machine.
46       Install Cygwin or get the patch utility binary from
47          http://gnuwin32.sourceforge.net/packages/patch.htm
48    2) cd $(WORKSPACE)\CryptoPkg\Library\OpensslLib\openssl-1.0.2e
49    3) patch -p0 -i ..\EDKII_openssl-1.0.2e.patch
50    4) cd ..
51    5) Install.cmd
52
53    For Linux* Environment:
54    -----------------------
55    1) Make sure the patch utility has been installed in your machine.
56       Patch utility is available from http://directory.fsf.org/project/patch/
57    2) cd $(WORKSPACE)/CryptoPkg/Library/OpensslLib/openssl-1.0.2e
58    3) patch -p0 -i ../EDKII_openssl-1.0.2e.patch
59    4) cd ..
60    5) ./Install.sh
61
62