sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
00b51e0d78a547dd78119ec44fcc74a01b6f79c8
system76-edk2/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
Gerd Hoffmann 81f5aa0700 CryptoPkg/openssl: add openssl3 configure scripts 
Rewrite the script to configure openssl 3.0 from scratch.  It's two
scripts now:

 * Tiny helper script, dumping the perl configdata as json.
 * Actual configure.py script, written in python, which copies over
   the generated files to openssl-gen and updates the OpensslLib*.inf
   file lists and build flags.

The configuration workflow has changed a bit:

 * All generated files are stored in the OpensslGen directory tree.
 * For ec/no-ec builds two different header files are used.  Default is
   the ec variant, and the new EDK2_OPENSSL_NOEC define is used to
   select the no-ec build.  A five line wrapper include is used to pick
   the one or the other.
 * For non-accel builds -DOPENSSL_NO_ASM on the command line is used
   (same as before).
 * For configration defines the OPENSSL_FLAGS_$(variant) variable is
   used, where variant is the architecture for the accelerated builds
   and 'NOASM' for the non-accelerated builds.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Brian J. Johnson <brian.johnson@hpe.com>
Tested-by: Kenneth Lautner <klautner@microsoft.com>
2023-08-09 07:10:31 +00:00

40 lines
2.3 KiB
Plaintext
Raw Blame History

=============================================================================
Introduction
=============================================================================
OpenSSL is a well-known open source implementation of SSL/TLS protocols.
The core library implements the cryptographic and SSL/TLS functions and
also provides various utility functions. The OpenSSL library is widely used
in variety of security products development as base crypto provider.
(See http://www.openssl.org/ for more information about OpenSSL).
UEFI (Unified Extensible Firmware Interface) is a specification detailing
the interfaces between OS and platform firmware. Several security features
were introduced (e.g. Authenticated Variable Service, Driver Signing, etc)
from UEFI 2.2 (http://www.uefi.org/). These security features highly depend
on the cryptography.
This HOWTO documents OpenSSL building under UEFI/EDKII environment.
=============================================================================
OpenSSL-Version
=============================================================================
EDKII supports building with the latest release of OpenSSL.
NOTE: Only latest release version was fully validated.
And no guarantees on build & functionality if using other versions.
=============================================================================
HOW to Install OpenSSL for UEFI Building
=============================================================================
OpenSSL repository was added as one submodule of EDKII project. Please
refer to edk2/Readme.md for how to clone the code.
=============================================================================
About configure.py
=============================================================================
"configure.py" is one python script which runs the OpenSSL Configure,
then processes the resulting file list into our local OpensslLib.inf and
OpensslLibCrypto.inf.
This only needs to be done once by the maintainer / developer when
updating to a new version of OpenSSL (or changing options, etc.).
Normal users do not need do this, since the results are already stored in
the EDKII git repository for them.
Reference in New Issue View Git Blame Copy Permalink