OpenSSL 3.0.x build

How to build

参考 OpenSSL文件中
  - INSTALL.md
  - NOTES-WINDOWS.md
  - NOTES-UNIX.md
  - NOTES-ANDROID.md



1. 下载
  - OpenSSL
    https://github.com/openssl/openssl/tags

  - strawberry
    strawberry-perl-5.32.1.1-64bit.msi
    https://strawberryperl.com/

  - nasm 2.15.05
    https://nasm.us/

2. set env 设置环境变量
  - perl  (MSI auto set env)
  - nasm  (should set env by self)
  - openSSL  


3. build

  a.打开x86/ x64命令行工具( 编译的库需要对应的x86/x64 cmd)
  b.运行configure 编译动态库(默认share DLL)
    perl Configure VC-WIN64A  （Release版本）
    perl Configure debug-VC-WIN64A （Debug版本）
    perl Configure VC-WIN32   （Release版本）
    perl Configure debug-VC-WIN32   （Debug版本）


    如果只想编译出静态库（则加入命令参数no-shared），libcrypto.lib，libssl.lib
    perl Configure VC-WIN32 no-shared no-asm no-shared --prefix="编译后的安装路径"
    perl Configure VC-WIN32 shared no-shared --prefix="编译后的安装路径" 


 
  // 指定openSSL目录，指定生成位置 lib（*.lib）,bin(dll),include(header),html(?)
  perl Configure VC-WIN64A --prefix=G:\Temp\ssl\openssl-openssl-3.0.2\Output
  
  
  
 nmake
 
 nmake test
 
 nmake install

 以下结果正确
 
 *** Installing runtime programs
Copying: apps//openssl.exe to G:/Temp/ssl/openssl-openssl-3.0.2/Output/bin/openssl.exe
Copying: apps//openssl.pdb to G:/Temp/ssl/openssl-openssl-3.0.2/Output/bin/openssl.pdb
Copying: tools//c_rehash.pl to G:/Temp/ssl/openssl-openssl-3.0.2/Output/bin/c_rehash.pl
Cannot create directory C:/Program Files/Common Files/SSL: Permission denied 
NMAKE : fatal error U1077: 'C:\Strawberry\perl\bin\perl.exe' : return code '0x2'
Stop.

因为访问权限，所以install 无法安装到 C:/Program Files/Common Files/SSL 中

reference

web
https://wiki.openssl.org/index.php/OpenSSL_3.0
https://www.openssl.org/docs/
https://www.openssl.org/docs/man3.0/man7/crypto.html
https://www.openssl.org/docs/man3.0/man1/openssl.html



book
https://www.feistyduck.com/library/openssl-cookbook/

doc/readme.txt


OpenSSL Documentation
=====================

README.md  This file

[fingerprints.txt](fingerprints.txt)
        PGP fingerprints of authorised release signers

standards.txt
standards.txt
        Moved to the web, <https://www.openssl.org/docs/standards.html>

[HOWTO/](HOWTO/)
        A few how-to documents; not necessarily up-to-date

[man1/](man1/)
        The openssl command-line tools; start with openssl.pod

[man3/](man3/)
        The SSL library and the crypto library

[man5/](man5/)
        File formats

[man7/](man7/)
        Overviews; start with crypto.pod and ssl.pod, for example
        Algorithm specific EVP_PKEY documentation.

Formatted versions of the manpages (apps,ssl,crypto) can be found at
        <https://www.openssl.org/docs/manpages.html>

版本区别1.x与 3.x

================

openssl 1.x.x  生成 libeay32.dll,  ssleay.dll
openssl 3.x.x  生成 libssl.dll，libcrypto.dll


So while previously in 1.0.x there were libeay32 and ssleay32, 
they are in 1.1.x named libssl and libcrypto

(在1.0.x之前的版本中,文件为libeay32.dll和ssleay32.dll,在1.1.x之后的版本中，名字是libssl.dll和libcrypto.dll)




改变说明   http://www.npcglib.org/~stathis/blog/precompiled-openssl/




The complete explanation is that 1.0.x and 1.1.x do not have the same naming conventions for the generated libraries. OpenSSL 1.1.x has moved into what they call the “unified build system” and changed themselves the names of the libraries. This was done on purpose, mainly because these libraries are not binary compatible and should not be intermixed into projects or dlls deployed to replace 1.0.x with 1.1.x, and vice versa. So while previously in 1.0.x there were libeay32 and ssleay32, they are in 1.1.x named libssl and libcrypto(在1.0.x之前的版本中,文件为libeay32.dll和ssleay32.dll,在1.1.x之后的版本中，名字是libssl.dll和libcrypto.dll). That’s what happened upstream in OpenSSL. Read here also: https://marc.info/?l=openssl-dev&m=147223063610803&w=2 and there are tons of other discussions online you can tap to.

Beyond that, I also manipulate the suffixes in my builds. Namely, I append the MD[d] and MT[d] suffixes, so that it can be clearer when someone uses a library. This may not be very important when using DLLs, but with static builds chaos ensues if you mix them. So I made my own patches to produce these suffixes to the libraries.

I think that’s a complete answer now. I have also a suggestion for you:

You can download my build scripts if you still like to change the names of the library files in a different way and look at the patch, and modify it accordingly.
You can also skip the application of the patch and then you will get exactly the filenaming conventions of OpenSSL upstream in different builds.

I hope this helps.

使用

VS工程导入DLL（或静态库）确认好编译的版本,x86,x64
1. [c/c++]->[Additional Library Directories] add include header
2. [link] ->  [input] 设置lib目录，
3. [link] ->  [Additional Library Directories]  添加  libcrypto.lib libssl.lib


静态库

代码使用

参考
 - ./demos 目录  cipher/aesgcm.c   signature\EVP_Signature_demo.c 等等
 - ./test 目录   aesgcmtest.c 等等
 - ./apps/openssl.exe 相关源码(因为涉及cmd，调用各种加密算法)

Tips：

网上很多示例代码，调用后，都会说deprecated since openSSL 3.0 ， 

因为很多接口API已经更换，但某些doc 可能未完成，
参考上文中的 wiki  https://wiki.openssl.org/index.php/OpenSSL_3.0