1 # Building SoftHSM2 for Windows
3 This document describes process of building both 32-bit and 64-bit versions of SoftHSM2 on 64-bit Windows 8.1 machine.
4 Either OpenSSL or Botan can be used as the crypto backend.
8 - [Visual Studio](https://www.visualstudio.com/products/visual-studio-community-vs) (2015 Community)
9 - [GNU Privacy Guard for Windows](http://www.gpg4win.org/) (2.2.5)
10 - [7-zip](http://www.7-zip.org/) (9.20)
11 - [Strawberry Perl](http://strawberryperl.com/) (5.22.0.1)
12 - [The Netwide Assembler](http://www.nasm.us/) (2.11.08)
13 - [Python](https://www.python.org/downloads/windows/) (3.4.2)
15 ## Prepare working directories
20 ## Build OpenSSL 1.0.2d static library
22 Download [OpenSSL 1.0.2d](http://openssl.org/source/openssl-1.0.2d.tar.gz) with [its signature](http://openssl.org/source/openssl-1.0.2d.tar.gz.asc) into `C:\build\src\` directory and verify signature of the downloaded archive:
25 gpg --keyserver pgp.mit.edu --recv-keys 0E604491
26 gpg --verify openssl-1.0.2d.tar.gz.asc openssl-1.0.2d.tar.gz
30 Extract archive `openssl-1.0.2d.tar.gz` into `C:\build\src\openssl-1.0.2d-x86` directory:
33 "C:\Program Files\7-Zip\7z" x openssl-1.0.2d.tar.gz
34 "C:\Program Files\7-Zip\7z" x openssl-1.0.2d.tar
35 rename openssl-1.0.2d openssl-1.0.2d-x86
36 del openssl-1.0.2d.tar*
38 In a **new command line window** build OpenSSL and install it into `C:\build\bin\openssl-1.0.2d-x86` directory:
40 cd C:\build\src\openssl-1.0.2d-x86
41 set PATH=%PATH%;C:\nasm
42 "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat"
43 perl Configure VC-WIN32 --prefix=C:\build\bin\openssl-1.0.2d-x86 enable-static-engine
46 nmake /f ms\nt.mak test
47 nmake /f ms\nt.mak install
51 Extract archive `openssl-1.0.2d.tar.gz` into `C:\build\src\openssl-1.0.2d-x64` directory:
54 "C:\Program Files\7-Zip\7z" x openssl-1.0.2d.tar.gz
55 "C:\Program Files\7-Zip\7z" x openssl-1.0.2d.tar
56 rename openssl-1.0.2d openssl-1.0.2d-x64
57 del openssl-1.0.2d.tar*
59 In a **new command line window** build OpenSSL and install it into `C:\build\bin\openssl-1.0.2d-x64` directory:
61 cd C:\build\src\openssl-1.0.2d-x64
62 set PATH=%PATH%;C:\nasm
63 "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat" amd64
64 perl Configure VC-WIN64A --prefix=C:\build\bin\openssl-1.0.2d-x64 enable-static-engine
67 nmake /f ms\nt.mak test
68 nmake /f ms\nt.mak install
70 ## Build OpenSSL 1.1.0a static library
72 Download [OpenSSL 1.1.0a](https://www.openssl.org/source/openssl-1.1.0a.tar.gz) with [its signature](https://www.openssl.org/source/openssl-1.1.0a.tar.gz.asc) into `C:\build\src\` directory and verify signature of the downloaded archive:
75 gpg --keyserver pgp.mit.edu --recv-keys 0E604491
76 gpg --verify openssl-1.1.0a.tar.gz.asc openssl-1.1.0a.tar.gz
80 Extract archive `openssl-1.1.0a.tar.gz` into `C:\build\src\openssl-1.1.0a-x86` directory:
83 "C:\Program Files\7-Zip\7z" x openssl-1.1.0a.tar.gz
84 "C:\Program Files\7-Zip\7z" x openssl-1.1.0a.tar
85 rename openssl-1.1.0a openssl-1.1.0a-x86
86 del openssl-1.1.0a.tar*
88 In a **new command line window** build OpenSSL and install it into `C:\build\bin\openssl-1.1.0a-x86` directory:
90 cd C:\build\src\openssl-1.1.0a-x86
91 set PATH=%PATH%;C:\nasm
92 "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat"
93 perl Configure VC-WIN32 --prefix=C:\build\bin\openssl-1.1.0a-x86 --openssldir=C:\build\bin\openssl-1.1.0a-x86\ssl no-shared
100 Extract archive `openssl-1.1.0a.tar.gz` into `C:\build\src\openssl-1.1.0a-x64` directory:
103 "C:\Program Files\7-Zip\7z" x openssl-1.1.0a.tar.gz
104 "C:\Program Files\7-Zip\7z" x openssl-1.1.0a.tar
105 rename openssl-1.1.0a openssl-1.1.0a-x64
106 del openssl-1.1.0a.tar*
108 In a **new command line window** build OpenSSL and install it into `C:\build\bin\openssl-1.1.0a-x64` directory:
110 cd C:\build\src\openssl-1.1.0a-x64
111 set PATH=%PATH%;C:\nasm
112 "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat" amd64
113 perl Configure VC-WIN64A --prefix=C:\build\bin\openssl-1.1.0a-x64 --openssldir=C:\build\bin\openssl-1.1.0a-x64\ssl no-shared
118 ## Build Botan 1.10.10
120 Download [Botan 1.10.10](http://botan.randombit.net/releases/Botan-1.10.10.tgz) with [its signature](http://botan.randombit.net/releases/Botan-1.10.10.tgz.asc) into `C:\build\src\` directory and verify signature of the downloaded archive:
123 gpg --keyserver pgp.mit.edu --recv-keys EFBADFBC
124 gpg --verify Botan-1.10.10.tgz.asc Botan-1.10.10.tgz
128 Extract archive `Botan-1.10.10.tgz` into `C:\build\src\botan-1.10.10-x86` directory:
131 rename Botan-1.10.10.tgz Botan-1.10.10.tar.gz
132 "C:\Program Files\7-Zip\7z" x Botan-1.10.10.tar.gz
133 "C:\Program Files\7-Zip\7z" x Botan-1.10.10.tgz
134 rename Botan-1.10.10 botan-1.10.10-x86
137 In a **new command line window as admin** build Botan and install it into `C:\build\bin\botan-1.10.10-x86` directory. Need to run the configure script as admin so it can link objects:
139 cd C:\build\src\botan-1.10.10-x86
140 "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat"
141 python configure.py --cc=msvc --cpu=x86 --prefix=C:\build\bin\botan-1.10.10-x86
149 Extract archive `Botan-1.10.10.tgz` into `C:\build\src\botan-1.10.10-x64` directory:
152 rename Botan-1.10.10.tgz Botan-1.10.10.tar.gz
153 "C:\Program Files\7-Zip\7z" x Botan-1.10.10.tar.gz
154 "C:\Program Files\7-Zip\7z" x Botan-1.10.10.tgz
155 rename Botan-1.10.10 botan-1.10.10-x64
158 In a **new command line window as admin** build Botan and install it into `C:\build\bin\botan-1.10.10-x64` directory. Need to run the configure script as admin so it can link objects:
160 cd C:\build\src\botan-1.10.10-x64
161 "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat" amd64
162 python configure.py --cc=msvc --cpu=x64 --prefix=C:\build\bin\botan-1.10.10-x64
168 ## Build CppUnit 1.13.2 unicode library
170 Download [CppUnit 1.13.2](http://dev-www.libreoffice.org/src/cppunit-1.13.2.tar.gz) into `C:\build\src\` directory.
174 Extract archive `cppunit-1.13.2.tar.gz` into `C:\build\src\cppunit-1.13.2-x86` directory:
177 "C:\Program Files\7-Zip\7z" x cppunit-1.13.2.tar.gz
178 "C:\Program Files\7-Zip\7z" x cppunit-1.13.2.tar
179 rename cppunit-1.13.2 cppunit-1.13.2-x86
180 del cppunit-1.13.2.tar*
182 Open solution `C:\build\src\cppunit-1.13.2-x86\src\CppUnitLibraries2010.sln` in Visual Studio and rebuild the source with `Release Unicode\Win32` solution configuration.
184 (If you want to compile SoftHSM with static CRT, then you must also compile CppUnit with static CRT. Change "Runtime Library" to "Multi-threaded (/MT)" in the project "cppunit". This will create some build errors for project "TestRunner", but that can be ignored since it is not used by SoftHSM.)
186 Copy the results into `C:\build\bin\cppunit-1.13.2-x86` directory:
188 mkdir C:\build\bin\cppunit-1.13.2-x86\lib
189 xcopy C:\build\src\cppunit-1.13.2-x86\lib C:\build\bin\cppunit-1.13.2-x86\lib /E
190 mkdir C:\build\bin\cppunit-1.13.2-x86\include
191 xcopy C:\build\src\cppunit-1.13.2-x86\include C:\build\bin\cppunit-1.13.2-x86\include /E
195 Extract archive `cppunit-1.13.2.tar.gz` into `C:\build\src\cppunit-1.13.2-x64` directory:
198 "C:\Program Files\7-Zip\7z" x cppunit-1.13.2.tar.gz
199 "C:\Program Files\7-Zip\7z" x cppunit-1.13.2.tar
200 rename cppunit-1.13.2 cppunit-1.13.2-x64
201 del cppunit-1.13.2.tar*
203 Open solution `C:\build\src\cppunit-1.13.2-x64\src\CppUnitLibraries2010.sln` in Visual Studio and rebuild the source with `Release Unicode\x64` solution configuration.
205 (If you want to compile SoftHSM with static CRT, then you must also compile CppUnit with static CRT. Change "Runtime Library" to "Multi-threaded (/MT)" in the project "cppunit". This will create some build errors for project "TestRunner", but that can be ignored since it is not used by SoftHSM.)
207 Copy the results into `C:\build\bin\cppunit-1.13.2-x64` directory:
209 mkdir C:\build\bin\cppunit-1.13.2-x64\lib
210 xcopy C:\build\src\cppunit-1.13.2-x64\lib C:\build\bin\cppunit-1.13.2-x64\lib /E
211 mkdir C:\build\bin\cppunit-1.13.2-x64\include
212 xcopy C:\build\src\cppunit-1.13.2-x64\include C:\build\bin\cppunit-1.13.2-x64\include /E
216 Download the latest version of [SoftHSMv2](https://dist.opendnssec.org/source/) with its signature into `C:\build\src\` directory and verify signature of the downloaded archive:
219 gpg --keyserver pgp.mit.edu --recv-keys 4EE17CD2
220 gpg --verify softhsm-2.x.y.tar.gz.sig softhsm-2.x.y.tar.gz
221 "C:\Program Files\7-Zip\7z" x softhsm-2.x.y.tar.gz
222 "C:\Program Files\7-Zip\7z" x softhsm-2.x.y.tar
223 rename softhsm-2.x.y SoftHSMv2
224 del softhsm-2.x.y.tar*
226 Or clone the source code from GitHub:
229 git clone https://github.com/opendnssec/SoftHSMv2.git
233 Configure build process in a **new command line window**:
235 cd C:\build\src\SoftHSMv2\win32\
236 "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat"
238 OpenSSL (OpenSSL GOST engine does not support OpenSSL 1.1.0) or Botan crypto backend:
240 python Configure.py disable-debug disable-gost with-crypto-backend=openssl with-openssl=C:\build\bin\openssl-1.1.0a-x86\ with-cppunit=C:\build\bin\cppunit-1.13.2-x86\
241 python Configure.py disable-debug with-crypto-backend=botan with-botan=C:\build\bin\botan-1.10.10-x86\ with-cppunit=C:\build\bin\cppunit-1.13.2-x86\
243 (Add option enable-static-runtime if you want to compile with static CRT (/MT))
245 Open solution `C:\build\src\SoftHSMv2\win32\softhsm2.sln` in Visual Studio and rebuild the source with `Release\Win32` solution configuration.
247 Verify the build by running the test programs:
249 C:\build\src\SoftHSMv2\win32\Release\cryptotest.exe
250 C:\build\src\SoftHSMv2\win32\Release\datamgrtest.exe
251 C:\build\src\SoftHSMv2\win32\Release\handlemgrtest.exe
252 C:\build\src\SoftHSMv2\win32\Release\objstoretest.exe
253 C:\build\src\SoftHSMv2\win32\Release\p11test.exe
254 C:\build\src\SoftHSMv2\win32\Release\sessionmgrtest.exe
255 C:\build\src\SoftHSMv2\win32\Release\slotmgrtest.exe
257 Copy the results into `C:\build\bin\SoftHSMv2-x86` directory:
259 mkdir C:\build\bin\SoftHSMv2-x86
260 mkdir C:\build\bin\SoftHSMv2-x86\tokens
261 copy C:\build\src\SoftHSMv2\win32\Release\softhsm2.dll C:\build\bin\SoftHSMv2-x86\
262 copy C:\build\src\SoftHSMv2\win32\Release\softhsm2-dump-file.exe C:\build\bin\SoftHSMv2-x86\
263 copy C:\build\src\SoftHSMv2\win32\Release\softhsm2-keyconv.exe C:\build\bin\SoftHSMv2-x86\
264 copy C:\build\src\SoftHSMv2\win32\Release\softhsm2-util.exe C:\build\bin\SoftHSMv2-x86\
265 copy C:\build\src\SoftHSMv2\src\lib\common\softhsm2.conf.in C:\build\bin\SoftHSMv2-x86\softhsm2.conf
267 Replace `@softhsmtokendir@` with `C:\build\bin\SoftHSMv2-x86\tokens` in the file `C:\build\bin\SoftHSMv2-x86\softhsm2.conf`
269 Set the environment variable SOFTHSM2_CONF to `C:\build\bin\SoftHSMv2-x86\softhsm2.conf`
273 Configure build process in a **new command line window**:
275 cd C:\build\src\SoftHSMv2\win32\
276 "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat" amd64
278 OpenSSL (OpenSSL GOST engine does not support OpenSSL 1.1.0) or Botan crypto backend:
280 python Configure.py enable-64bit disable-debug disable-gost with-crypto-backend=openssl with-openssl=C:\build\bin\openssl-1.1.0a-x64\ with-cppunit=C:\build\bin\cppunit-1.13.2-x64\
281 python Configure.py enable-64bit disable-debug with-crypto-backend=botan with-botan=C:\build\bin\botan-1.10.10-x64\ with-cppunit=C:\build\bin\cppunit-1.13.2-x64\
283 (Add option enable-static-runtime if you want to compile with static CRT (/MT))
285 Open solution `C:\build\src\SoftHSMv2\win32\softhsm2.sln` in Visual Studio and rebuild the source with `Release\x64` solution configuration.
287 Verify the build by running the test programs:
289 C:\build\src\SoftHSMv2\win32\x64\Release\cryptotest.exe
290 C:\build\src\SoftHSMv2\win32\x64\Release\datamgrtest.exe
291 C:\build\src\SoftHSMv2\win32\x64\Release\handlemgrtest.exe
292 C:\build\src\SoftHSMv2\win32\x64\Release\objstoretest.exe
293 C:\build\src\SoftHSMv2\win32\x64\Release\p11test.exe
294 C:\build\src\SoftHSMv2\win32\x64\Release\sessionmgrtest.exe
295 C:\build\src\SoftHSMv2\win32\x64\Release\slotmgrtest.exe
297 Copy the results into `C:\build\bin\SoftHSMv2-x64` directory:
299 mkdir C:\build\bin\SoftHSMv2-x64
300 mkdir C:\build\bin\SoftHSMv2-x64\tokens
301 copy C:\build\src\SoftHSMv2\win32\x64\Release\softhsm2.dll C:\build\bin\SoftHSMv2-x64\
302 copy C:\build\src\SoftHSMv2\win32\x64\Release\softhsm2-dump-file.exe C:\build\bin\SoftHSMv2-x64\
303 copy C:\build\src\SoftHSMv2\win32\x64\Release\softhsm2-keyconv.exe C:\build\bin\SoftHSMv2-x64\
304 copy C:\build\src\SoftHSMv2\win32\x64\Release\softhsm2-util.exe C:\build\bin\SoftHSMv2-x64\
305 copy C:\build\src\SoftHSMv2\src\lib\common\softhsm2.conf.in C:\build\bin\SoftHSMv2-x64\softhsm2.conf
307 Replace `@softhsmtokendir@` with `C:\build\bin\SoftHSMv2-x64\tokens` in the file `C:\build\bin\SoftHSMv2-x64\softhsm2.conf`
309 Set the environment variable SOFTHSM2_CONF to `C:\build\bin\SoftHSMv2-x64\softhsm2.conf`
311 ## Continue reading in the README