1 2================================================================================ 3 Introduction 4================================================================================ 5 OpenSSL is a well-known open source implementation of SSL and TLS protocols. 6The core library implements the basic cryptographic functions and provides various 7utility functions. The OpenSSL library is widely used in variety of security 8products development as base crypto provider. (See http://www.openssl.org for more 9information for OpenSSL). 10 UEFI (Unified Extensible Firmware Interface) is a specification detailing the 11interfaces between OS and platform firmware. Several security features were 12introduced (e.g. Authenticated Variable Service, Driver Signing, etc) from UEFI 132.2 (http://www.uefi.org). These security features highly depends on the 14cryptography. This patch will enable openssl building under UEFI environment. 15 16 17================================================================================ 18 OpenSSL-Version 19================================================================================ 20 Current supported OpenSSL version for UEFI Crypto Library is 1.0.2j. 21 http://www.openssl.org/source/openssl-1.0.2j.tar.gz 22 23 24================================================================================ 25 HOW to Install Openssl for UEFI Building 26================================================================================ 271. Download OpenSSL 1.0.2j from official website: 28 http://www.openssl.org/source/openssl-1.0.2j.tar.gz 29 30 NOTE: Some web browsers may rename the downloaded TAR file to openssl-1.0.2j.tar.tar. 31 When you do the download, rename the "openssl-1.0.2j.tar.tar" to 32 "openssl-1.0.2j.tar.gz" or rename the local downloaded file with ".tar.tar" 33 extension to ".tar.gz". 34 352. Extract TAR into CryptoPkg/Library/OpensslLib/openssl-1.0.2j 36 37 NOTE: If you use WinZip to unpack the openssl source in Windows, please 38 uncheck the WinZip smart CR/LF conversion option (WINZIP: Options --> 39 Configuration --> Miscellaneous --> "TAR file smart CR/LF conversion"). 40 413. Apply this patch: EDKII_openssl-1.0.2j.patch, and make installation 42 43 For Windows Environment: 44 ------------------------ 45 1) Make sure the patch utility has been installed in your machine. 46 Install Cygwin or get the patch utility binary from 47 http://gnuwin32.sourceforge.net/packages/patch.htm 48 2) cd $(WORKSPACE)\CryptoPkg\Library\OpensslLib\openssl-1.0.2j 49 3) patch -p1 -i ..\EDKII_openssl-1.0.2j.patch 50 4) cd .. 51 5) Install.cmd 52 53 For Linux* Environment: 54 ----------------------- 55 1) Make sure the patch utility has been installed in your machine. 56 Patch utility is available from http://directory.fsf.org/project/patch/ 57 2) cd $(WORKSPACE)/CryptoPkg/Library/OpensslLib/openssl-1.0.2j 58 3) patch -p1 -i ../EDKII_openssl-1.0.2j.patch 59 4) cd .. 60 5) ./Install.sh 61 62