Skip to content

Instantly share code, notes, and snippets.

@avoidik

avoidik/README.md

Last active April 24, 2023 13:08
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save avoidik/eaeec2d8afa10dbfd0b55572311e77a1 to your computer and use it in GitHub Desktop.
Save avoidik/eaeec2d8afa10dbfd0b55572311e77a1 to your computer and use it in GitHub Desktop.
Download ZIP
Build openssl and M2Crypto on Windows
Raw
README.md

How to build openssl and M2Crypto on Windows

Prerequisites

Steps

  1. Download openssl source code package and extract it to c:\tools\openssl directory

    curl -fsSL https://www.openssl.org/source/openssl-1.1.1f.tar.gz -o openssl-1.1.1f.tar.gz
mkdir openssl
tar zxf openssl-1.1.1f.tar.gz --strip-components=1 -C openssl
rm -f openssl-1.1.1f.tar.gz

    To make the build process parallel it is required to create two distinct folders, e.g.

    mkdir openssl_x86
mkdir openssl_x64
tar zxf openssl-1.1.1f.tar.gz --strip-components=1 -C openssl_x86
tar zxf openssl-1.1.1f.tar.gz --strip-components=1 -C openssl_x64
rm -f openssl-1.1.1f.tar.gz

    Otherwise run only one build process at a time in the folder (e.g. compile for the x86 architecture first, then for the x64 architecture), with nmake clean step in between.

    Alternative way is to clone from the official github repository

    git clone https://github.com/openssl/openssl.git openssl
cd openssl
git checkout refs/tags/OpenSSL_1_1_1f -b OpenSSL_1_1_1f-custom

  2. Open console and navigate to c:\tools\openssl directory, and create required directories

    rem Windows x86
mkdir x86
rem Windows x86_64
mkdir x64

  3. Prepare openssl build configuration for the architecture of your choice (both --prefix and --openssldir required)

    rem Windows x86
perl Configure VC-WIN32 --prefix=c:\tools\openssl\x86 --openssldir=c:\tools\openssl\x86\ssl zlib --with-zlib-include=C:\build\zlib-1.2.11\include --with-zlib-lib=C:\build\zlib-1.2.11\build\x86\ZlibDllRelease\zlibwapi.lib -DZLIB_WINAPI -DOPENSSL_CAPIENG_DIALOG
rem Windows x86_64
perl Configure VC-WIN64A --prefix=c:\tools\openssl\x64 --openssldir=c:\tools\openssl\x64\ssl zlib --with-zlib-include=C:\build\zlib-1.2.11\include --with-zlib-lib=C:\build\zlib-1.2.11\build\x64\ZlibDllRelease\zlibwapi.lib -DZLIB_WINAPI -DOPENSSL_CAPIENG_DIALOG
    • If you don't want to use nasm compiler for intrinsic functions, then add no-asm flag at the end of the perl command above (this will slower asm-optimized functions, better to install nasm)
    • If you don't want to compile dynamic libraries, but static libraries, then add no-shared flag at the end of the perl command above
    • If you want to enable zlib support, then add zlib --with-zlib-include=..\zlib\include --with-zlib-lib=..\zlib\release\zlibwapi.lib flags (zlib must be build beforehand for the appropriate architecture), depending on the calling convention add -DZLIB_WINAPI flag (add if it's stdcall, otherwise it's cdecl and flag is not needed)
    • If you have static zlib library, then add no-zlib-dynamic flag
    • If you want to build openssl with debug symbols enabled, then add --debug flag (by default it is --release)
    • If you want to enable CAPI dialog, then add -DOPENSSL_CAPIENG_DIALOG flag (in addition to enable-capieng flag and maybe -DOPENSSL_SSL_CLIENT_ENGINE_AUTO=capi)
    • To disable configuration files lookup add no-autoload-config option
    • To disable TLSv1.3 add no-tls1_3 option

  4. Build openssl binaries, libraries and documentation

    nmake install

    This builds selected architecture, to build another architecture run nmake clean and repeat perl Configure step from above

  5. Build M2Crypto package

    pip3 install --global-option=build_ext ^
          --global-option="-IC:\tools\openssl\build\include" ^
          --global-option="-LC:\tools\openssl\build\lib" ^
          m2crypto

  6. If previous failed you may try to build from the source

    To build M2Crypto for a particular architecture a Python distribution must be justified to this architecture of your choice. You may use Conda to achieve it.

    git clone https://github.com/mcepl/M2Crypto.git
cd M2Crypto
git checkout refs/tags/0.35.2

    The same rule applies to M2Crypto build process. You can create two different directories for each architecture, otherwise make sure you have clean environment between the builds

    git clone https://github.com/mcepl/M2Crypto.git M2Crypto_x86
cp -r M2Crypto_x86 M2Crypto_x64
cd M2Crypto_x86
git checkout refs/tags/0.35.2
cd ../M2Crypto_x64
git checkout refs/tags/0.35.2

    Now build it

    rem Windows x86
python setup.py build --openssl="c:\tools\openssl\x86" --bundledlls
rem Windows x86_64
python setup.py build --openssl="c:\tools\openssl\x64" --bundledlls

    Make sure you have clean environment between building distinct architectures with python setup.py clean --all

  7. Build distribution

    If you have zlib option selected as openssl configuration item, then it is required to copy zlibwapi.dll and optionally zlibwapi.pdb files into build\lib.[arch-ver]\M2Crypto directory (respecting decided architecture beetween M2Crypto and zlib, an openssl files will be copied automatically because of --bundledlls flag), otherwise you'll end up with the library not found error while using the library in Python

    pip3 install wheel
python setup.py bdist_wheel bdist_wininst
cd dist
dir

  8. Install wheel package with pip

    rem Windows x86
pip3 install -U M2Crypto-0.35.2-cp36-cp36m-win32.whl
rem Windows x86_64
pip3 install -U M2Crypto-0.35.2-cp36-cp36m-win_amd64.whl
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment