1 Notes for Windows platforms
2 ===========================
4 - [Native builds using Visual C++](#native-builds-using-visual-c++)
5 - [Native builds using Embarcadero C++Builder](
6 #native-builds-using-embarcadero-c++-builder)
7 - [Native builds using MinGW](#native-builds-using-mingw)
8 - [Linking native applications](#linking-native-applications)
9 - [Hosted builds using Cygwin](#hosted-builds-using-cygwin)
11 There are various options to build and run OpenSSL on the Windows platforms.
13 "Native" OpenSSL uses the Windows APIs directly at run time.
14 To build a native OpenSSL you can either use:
16 Microsoft Visual C++ (MSVC) C compiler on the command line
18 Embarcadero C++Builder
21 run on the GNU-like development environment MSYS2
22 or run on Linux or Cygwin
24 "Hosted" OpenSSL relies on an external POSIX compatibility layer
25 for building (using GNU/Unix shell, compiler, and tools) and at run time.
26 For this option, you can use Cygwin.
28 Native builds using Visual C++
29 ==============================
31 The native builds using Visual C++ have a `VC-*` prefix.
36 In addition to the requirements and instructions listed in `INSTALL.md`,
37 these are required as well:
41 We recommend Strawberry Perl, available from <http://strawberryperl.com/>
42 Please read NOTES.PERL for more information, including the use of CPAN.
43 An alternative is ActiveState Perl, <https://www.activestate.com/ActivePerl>
44 for which you may need to explicitly build the Perl module Win32/Console.pm
45 via <https://platform.activestate.com/ActiveState> and then download it.
47 ### Microsoft Visual C compiler.
49 Since these are proprietary and ever-changing we cannot test them all.
50 Older versions may not work. Use a recent version wherever possible.
52 ### Netwide Assembler (NASM)
54 NASM is the only supported assembler. It is available from <https://www.nasm.us>.
63 3. Make sure both Perl and NASM are on your %PATH%
65 4. Use Visual Studio Developer Command Prompt with administrative privileges,
66 choosing one of its variants depending on the intended architecture.
67 Or run `cmd` and execute `vcvarsall.bat` with one of the options `x86`,
68 `x86_amd64`, `x86_arm`, `x86_arm64`, `amd64`, `amd64_x86`, `amd64_arm`,
70 This sets up the environment variables needed for `nmake.exe`, `cl.exe`,
73 <https://docs.microsoft.com/cpp/build/building-on-the-command-line>
75 5. From the root of the OpenSSL source directory enter
76 - `perl Configure VC-WIN32` if you want 32-bit OpenSSL or
77 - `perl Configure VC-WIN64A` if you want 64-bit OpenSSL or
78 - `perl Configure VC-WIN64-ARM` if you want Windows on Arm (win-arm64)
80 - `perl Configure VC-WIN32-HYBRIDCRT`
81 - `perl Configure VC-WIN64A-HYBRIDCRT`
82 - `perl Configure` to let Configure figure out the platform
90 For the full installation instructions, or if anything goes wrong at any stage,
91 check the INSTALL.md file.
93 Installation directories
94 ------------------------
96 The default installation directories are derived from environment
99 For VC-WIN32, the following defaults are use:
101 PREFIX: %ProgramFiles(x86)%\OpenSSL
102 OPENSSLDIR: %CommonProgramFiles(x86)%\SSL
104 For VC-WIN64, the following defaults are use:
106 PREFIX: %ProgramW6432%\OpenSSL
107 OPENSSLDIR: %CommonProgramW6432%\SSL
109 Should those environment variables not exist (on a pure Win32
110 installation for examples), these fallbacks are used:
112 PREFIX: %ProgramFiles%\OpenSSL
113 OPENSSLDIR: %CommonProgramFiles%\SSL
115 ALSO NOTE that those directories are usually write protected, even if
116 your account is in the Administrators group. To work around that,
117 start the command prompt by right-clicking on it and choosing "Run as
118 Administrator" before running `nmake install`. The other solution
119 is, of course, to choose a different set of directories by using
120 `--prefix` and `--openssldir` when configuring.
122 Special notes for Universal Windows Platform builds, aka `VC-*-UWP`
123 -------------------------------------------------------------------
125 - UWP targets only support building the static and dynamic libraries.
127 - You should define the platform type to `uwp` and the target arch via
128 `vcvarsall.bat` before you compile. For example, if you want to build
129 `arm64` builds, you should run `vcvarsall.bat x86_arm64 uwp`.
131 Native builds using Embarcadero C++Builder
132 =========================================
134 This toolchain (a descendant of Turbo/Borland C++) is an alternative to MSVC.
135 OpenSSL currently includes an experimental 32-bit configuration targeting the
136 Clang-based compiler (`bcc32c.exe`) in v10.3.3 Community Edition.
137 <https://www.embarcadero.com/products/cbuilder/starter>
141 2. Open the RAD Studio Command Prompt.
143 3. Go to the root of the OpenSSL source directory and run:
144 `perl Configure BC-32 --prefix=%CD%`
150 6. Build your program against this OpenSSL:
151 * Set your include search path to the "include" subdirectory of OpenSSL.
152 * Set your library search path to the OpenSSL source directory.
154 Note that this is very experimental. Support for 64-bit and other Configure
155 options is still pending.
157 Native builds using MinGW
158 =========================
160 MinGW offers an alternative way to build native OpenSSL, by cross compilation.
162 * Usually the build is done on Windows in a GNU-like environment called MSYS2.
164 MSYS2 provides GNU tools, a Unix-like command prompt,
165 and a UNIX compatibility layer for applications.
166 However, in this context it is only used for building OpenSSL.
167 The resulting OpenSSL does not rely on MSYS2 to run and is fully native.
171 - MSYS2 shell, from <https://www.msys2.org/>
173 - Perl, at least version 5.10.0, which usually comes pre-installed with MSYS2
175 - make, installed using `pacman -S make` into the MSYS2 environment
177 - MinGW[64] compiler: `mingw-w64-i686-gcc` and/or `mingw-w64-x86_64-gcc`.
178 These compilers must be on your MSYS2 $PATH.
179 A common error is to not have these on your $PATH.
180 The MSYS2 version of gcc will not work correctly here.
182 In the MSYS2 shell do the configuration depending on the target architecture:
184 ./Configure mingw ...
188 ./Configure mingw64 ...
194 for the default architecture.
196 Apart from that, follow the Unix / Linux instructions in `INSTALL.md`.
198 * It is also possible to build mingw[64] on Linux or Cygwin.
200 In this case configure with the corresponding `--cross-compile-prefix=`
203 ./Configure mingw --cross-compile-prefix=i686-w64-mingw32- ...
207 ./Configure mingw64 --cross-compile-prefix=x86_64-w64-mingw32- ...
209 This requires that you've installed the necessary add-on packages for
210 mingw[64] cross compilation.
212 Linking native applications
213 ===========================
215 This section applies to all native builds.
217 If you link with static OpenSSL libraries, then you're expected to
218 additionally link your application with `WS2_32.LIB`, `GDI32.LIB`,
219 `ADVAPI32.LIB`, `CRYPT32.LIB` and `USER32.LIB`. Those developing
220 non-interactive service applications might feel concerned about
221 linking with `GDI32.LIB` and `USER32.LIB`, as they are justly associated
222 with interactive desktop, which is not available to service
223 processes. The toolkit is designed to detect in which context it's
224 currently executed, GUI, console app or service, and act accordingly,
225 namely whether to actually make GUI calls. Additionally, those
226 who wish to `/DELAYLOAD:GDI32.DLL` and `/DELAYLOAD:USER32.DLL` and
227 actually keep them off service process should consider implementing
228 and exporting from .exe image in question own `_OPENSSL_isservice` not
229 relying on `USER32.DLL`. E.g., on Windows Vista and later you could:
231 __declspec(dllexport) __cdecl BOOL _OPENSSL_isservice(void)
235 if (ProcessIdToSessionId(GetCurrentProcessId(), &sess))
240 If you link with OpenSSL .DLLs, then you're expected to include into
241 your application code a small "shim" snippet, which provides
242 the glue between the OpenSSL BIO layer and your compiler run-time.
243 See also the OPENSSL_Applink manual page.
245 Hosted builds using Cygwin
246 ==========================
248 Cygwin implements a POSIX/Unix runtime system (`cygwin1.dll`) on top of the
249 Windows subsystem and provides a Bash shell and GNU tools environment.
250 Consequently, a build of OpenSSL with Cygwin is virtually identical to the
253 To build OpenSSL using Cygwin, you need to:
255 * Install Cygwin, see <https://cygwin.com/>
257 * Install Cygwin Perl, at least version 5.10.0
258 and ensure it is in the $PATH
260 * Run the Cygwin Bash shell
262 Apart from that, follow the Unix / Linux instructions in INSTALL.md.
264 NOTE: `make test` and normal file operations may fail in directories
265 mounted as text (i.e. `mount -t c:\somewhere /home`) due to Cygwin
266 stripping of carriage returns. To avoid this, ensure that a binary
267 mount is used, e.g. `mount -b c:\somewhere /home`.