OpenSSL 3.0.x build

How to build

參考 OpenSSL文件中
  - INSTALL.md
  - NOTES-WINDOWS.md
  - NOTES-UNIX.md
  - NOTES-ANDROID.md



1. 下載
  - OpenSSL
    https://github.com/openssl/openssl/tags

  - strawberry
    strawberry-perl-5.32.1.1-64bit.msi
    https://strawberryperl.com/

  - nasm 2.15.05
    https://nasm.us/

2. set env 設置環境變量
  - perl  (MSI auto set env)
  - nasm  (should set env by self)
  - openSSL  


3. build

  a.打開x86/ x64命令行工具( 編譯的庫需要對應的x86/x64 cmd)
  b.運行configure 編譯動態庫(默認share DLL)
    perl Configure VC-WIN64A  （Release版本）
    perl Configure debug-VC-WIN64A （Debug版本）
    perl Configure VC-WIN32   （Release版本）
    perl Configure debug-VC-WIN32   （Debug版本）


    如果只想編譯出靜態庫（則加入命令參數no-shared），libcrypto.lib，libssl.lib
    perl Configure VC-WIN32 no-shared no-asm no-shared --prefix="編譯后的安裝路徑"
    perl Configure VC-WIN32 shared no-shared --prefix="編譯后的安裝路徑" 


 
  // 指定openSSL目錄，指定生成位置 lib（*.lib）,bin(dll),include(header),html(?)
  perl Configure VC-WIN64A --prefix=G:\Temp\ssl\openssl-openssl-3.0.2\Output
  
  
  
 nmake
 
 nmake test
 
 nmake install

 以下結果正確
 
 *** Installing runtime programs
Copying: apps//openssl.exe to G:/Temp/ssl/openssl-openssl-3.0.2/Output/bin/openssl.exe
Copying: apps//openssl.pdb to G:/Temp/ssl/openssl-openssl-3.0.2/Output/bin/openssl.pdb
Copying: tools//c_rehash.pl to G:/Temp/ssl/openssl-openssl-3.0.2/Output/bin/c_rehash.pl
Cannot create directory C:/Program Files/Common Files/SSL: Permission denied 
NMAKE : fatal error U1077: 'C:\Strawberry\perl\bin\perl.exe' : return code '0x2'
Stop.

因為訪問權限，所以install 無法安裝到 C:/Program Files/Common Files/SSL 中

reference

web
https://wiki.openssl.org/index.php/OpenSSL_3.0
https://www.openssl.org/docs/
https://www.openssl.org/docs/man3.0/man7/crypto.html
https://www.openssl.org/docs/man3.0/man1/openssl.html



book
https://www.feistyduck.com/library/openssl-cookbook/

doc/readme.txt


OpenSSL Documentation
=====================

README.md  This file

[fingerprints.txt](fingerprints.txt)
        PGP fingerprints of authorised release signers

standards.txt
standards.txt
        Moved to the web, <https://www.openssl.org/docs/standards.html>

[HOWTO/](HOWTO/)
        A few how-to documents; not necessarily up-to-date

[man1/](man1/)
        The openssl command-line tools; start with openssl.pod

[man3/](man3/)
        The SSL library and the crypto library

[man5/](man5/)
        File formats

[man7/](man7/)
        Overviews; start with crypto.pod and ssl.pod, for example
        Algorithm specific EVP_PKEY documentation.

Formatted versions of the manpages (apps,ssl,crypto) can be found at
        <https://www.openssl.org/docs/manpages.html>

版本區別1.x與 3.x

================

openssl 1.x.x  生成 libeay32.dll,  ssleay.dll
openssl 3.x.x  生成 libssl.dll，libcrypto.dll


So while previously in 1.0.x there were libeay32 and ssleay32, 
they are in 1.1.x named libssl and libcrypto

(在1.0.x之前的版本中,文件為libeay32.dll和ssleay32.dll,在1.1.x之后的版本中，名字是libssl.dll和libcrypto.dll)




改變說明   http://www.npcglib.org/~stathis/blog/precompiled-openssl/




The complete explanation is that 1.0.x and 1.1.x do not have the same naming conventions for the generated libraries. OpenSSL 1.1.x has moved into what they call the “unified build system” and changed themselves the names of the libraries. This was done on purpose, mainly because these libraries are not binary compatible and should not be intermixed into projects or dlls deployed to replace 1.0.x with 1.1.x, and vice versa. So while previously in 1.0.x there were libeay32 and ssleay32, they are in 1.1.x named libssl and libcrypto(在1.0.x之前的版本中,文件為libeay32.dll和ssleay32.dll,在1.1.x之后的版本中，名字是libssl.dll和libcrypto.dll). That’s what happened upstream in OpenSSL. Read here also: https://marc.info/?l=openssl-dev&m=147223063610803&w=2 and there are tons of other discussions online you can tap to.

Beyond that, I also manipulate the suffixes in my builds. Namely, I append the MD[d] and MT[d] suffixes, so that it can be clearer when someone uses a library. This may not be very important when using DLLs, but with static builds chaos ensues if you mix them. So I made my own patches to produce these suffixes to the libraries.

I think that’s a complete answer now. I have also a suggestion for you:

You can download my build scripts if you still like to change the names of the library files in a different way and look at the patch, and modify it accordingly.
You can also skip the application of the patch and then you will get exactly the filenaming conventions of OpenSSL upstream in different builds.

I hope this helps.

使用

VS工程導入DLL（或靜態庫）確認好編譯的版本,x86,x64
1. [c/c++]->[Additional Library Directories] add include header
2. [link] ->  [input] 設置lib目錄，
3. [link] ->  [Additional Library Directories]  添加  libcrypto.lib libssl.lib


靜態庫

代碼使用

參考
 - ./demos 目錄  cipher/aesgcm.c   signature\EVP_Signature_demo.c 等等
 - ./test 目錄   aesgcmtest.c 等等
 - ./apps/openssl.exe 相關源碼(因為涉及cmd，調用各種加密算法)

Tips：

網上很多示例代碼，調用后，都會說deprecated since openSSL 3.0 ， 

因為很多接口API已經更換，但某些doc 可能未完成，
參考上文中的 wiki  https://wiki.openssl.org/index.php/OpenSSL_3.0