Update OpenSSL version to v3.0.14 and curl version to v8.8.0 (fido-de…

…vice-onboard#288)

* Update install_tpm_libs.sh script

* Update OpenSSL version to v3.0.14 and curl version to v8.8.0
Fix install_tpm_libs.sh script

Signed-off-by: Shrikant Temburwar <[email protected]>

docs/cse.md

@@ -2,7 +2,7 @@
 # Intel<sup>&reg;</sup> CSE Implementation
 The development and execution OS used was `Ubuntu* OS version [20.04|22.04] / RHEL* OS version [8.4|8.6|8.8] / Debian 11.4` on x86. Follow these steps to compile and execute FIDO Device Onboard (FDO).
 
-The Intel<sup>&reg;</sup> CSE (Intel<sup>&reg;</sup>  Converged Security Engine) enabled FDO Client SDK execution depends on OpenSSL* toolkit 3.0.13 version. Users must install or upgrade the toolkit before compilation if the toolkit is not available by default in the environment.
+The Intel<sup>&reg;</sup> CSE (Intel<sup>&reg;</sup>  Converged Security Engine) enabled FDO Client SDK execution depends on OpenSSL* toolkit 3.0.14 version. Users must install or upgrade the toolkit before compilation if the toolkit is not available by default in the environment.
 
 # Prerequisites for Intel<sup>&reg;</sup> CSE support
 The system hardware should have the support for Intel<sup>&reg;</sup> CSE FDO client with UUID: 125405e0-fca9-4110-8f88-b4dbcdcb876f
@@ -28,9 +28,9 @@ sudo yum -y install gcc gcc-c++ python3-setuptools git-clang-format dos2unix rub
 
 ## 2. Packages Requirements when Executing Binaries:
 
-OpenSSL* toolkit version 3.0.13
+OpenSSL* toolkit version 3.0.14
 GCC version > 7.5
-Curl version 8.6.0
+Curl version 8.8.0
 
 Following steps will replace the existing versions of OpenSSL and Curl from the system. If you want to keep the existing versions then use [Installation-Script](../utils/install_openssl_curl.sh) script to install Openssl and Curl at a different location.
 > ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl at /opt/ by default. To provide different path, modify these variables in the script
@@ -41,7 +41,7 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
 
 * Command to install OpenSSL and Curl
 	```
-	sudo ./install_openssl_curl.sh -i -v 3.0.13
+	sudo ./install_openssl_curl.sh -i -v 3.0.14
 	```
 #### Steps to remove the older curl packages
 
@@ -54,15 +54,15 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
 	yum remove curl libcurl-devel
 	```
 
-#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.13
+#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.14
 
 1. Pull the tarball:
 	```
-	wget https://www.openssl.org/source/openssl-3.0.13.tar.gz
+	wget https://www.openssl.org/source/openssl-3.0.14.tar.gz
 	```
 2. Unpack the tarball with:
 	```
-	tar -zxf openssl-3.0.13.tar.gz && cd openssl-3.0.13
+	tar -zxf openssl-3.0.14.tar.gz && cd openssl-3.0.14
 	```
 3. Issue the command:
 	```
@@ -101,20 +101,20 @@ Issue the following command from the terminal:
 	```
 	  Your output should be as follows:
 	```
-	OpenSSL* 3.0.13  30 Jan 2024
+	OpenSSL* 3.0.14  04 Jun 2024
 	```
 
-#### Steps to install curl version 8.6.0 configured with openssl
+#### Steps to install curl version 8.8.0 configured with openssl
 
 After installing openssl, proceed with the installation of curl.
 
 1. Pull the tarball:
 	```
-	wget https://curl.se/download/curl-8.6.0.tar.gz
+	wget https://curl.se/download/curl-8.8.0.tar.gz
 	```
 2. Unpack the tarball with:
 	```
-	tar -zxf curl-8.6.0.tar.gz && cd curl-8.6.0
+	tar -zxf curl-8.8.0.tar.gz && cd curl-8.8.0
 	```
 3. Issue the command to configure the curl with openssl and nghttp2:
 	```
@@ -137,7 +137,7 @@ Issue the following command from the terminal:
 	```
 	 Your output should point to the openssl version which you installed.
     ```
-    curl 8.6.0 (x86_64-pc-linux-gnu) libcurl/8.6.0 OpenSSL/3.0.13 zlib/1.2.11
+    curl 8.8.0 (x86_64-pc-linux-gnu) libcurl/8.8.0 OpenSSL/3.0.14 zlib/1.2.11
     ```
 Alternatively, execute  [Installation-Script](../utils/install_openssl_curl.sh) which can be used for both installation and uninstallation of OpenSSL and Curl.
 > ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl to /opt/ by default. To provide different path, modify these variables in the script
@@ -148,15 +148,15 @@ Alternatively, execute  [Installation-Script](../utils/install_openssl_curl.sh)
 
 * Command to install OpenSSL and Curl
 	```
-	sudo ./install_openssl_curl.sh -i -v 3.0.13
+	sudo ./install_openssl_curl.sh -i -v 3.0.14
 	```
 
 * Command to uninstall OpenSSL
 	```
-	sudo ./install_openssl_curl.sh -u -v 3.0.13
+	sudo ./install_openssl_curl.sh -u -v 3.0.14
 	```
 
-Note 1: If you are using no_proxy environment variable to exclude proxying for any FDO server IP addresses along with curl 8.6.0 in your setup, ensure to use CIDR notation (https://datatracker.ietf.org/doc/html/rfc1519) as given in below examples.
+Note 1: If you are using no_proxy environment variable to exclude proxying for any FDO server IP addresses along with curl 8.8.0 in your setup, ensure to use CIDR notation (https://datatracker.ietf.org/doc/html/rfc1519) as given in below examples.
 
 Single IP address example: no_proxy="10.60.132.45/32"
 Two IP addresses example: no_proxy="10.60.132.45/32,10.60.132.46/32"

docs/linux.md

@@ -2,7 +2,7 @@
 # Linux* OS
 The development and execution OS used was `Ubuntu* OS version [20.04|22.04] / RHEL* OS version [8.4|8.6|8.8] / Debian 11.4` on x86. Follow these steps to compile and execute FIDO Device Onboard (FDO).
 
-The FDO Client SDK execution depends on OpenSSL* toolkit 3.0.13 version. Users must install or upgrade the toolkit before compilation if the toolkit is not available by default in the environment.
+The FDO Client SDK execution depends on OpenSSL* toolkit 3.0.14 version. Users must install or upgrade the toolkit before compilation if the toolkit is not available by default in the environment.
 
 ## 1. Packages Requirements when Building Binaries:
 * For Ubuntu* OS version [20.04|22.04] / Debian 11.4:
@@ -22,9 +22,9 @@ sudo yum -y install gcc gcc-c++ python3-setuptools git-clang-format dos2unix rub
 ```
 ## 2. Packages Requirements when Executing Binaries:
 
-OpenSSL* toolkit version 3.0.13
+OpenSSL* toolkit version 3.0.14
 GCC version > 7.5
-Curl version 8.6.0
+Curl version 8.8.0
 
 Following steps will replace the existing versions of OpenSSL and Curl from the system. If you want to keep the existing versions then use [Installation-Script](../utils/install_openssl_curl.sh) script to install Openssl and Curl at a different location.
 > ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl at /opt/ by default. To provide different path, modify these variables in the script
@@ -35,7 +35,7 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
 
 * Command to install OpenSSL and Curl
 	```
-	sudo ./install_openssl_curl.sh -i -v 3.0.13
+	sudo ./install_openssl_curl.sh -i -v 3.0.14
 	```
 
 #### Steps to remove the older OpenSSL and curl packages
@@ -53,15 +53,15 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
 	sudo yum remove libcurl-devel openssl-devel
 	```
 
-#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.13
+#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.14
 
 1. Pull the tarball:
 	```
-	wget https://www.openssl.org/source/openssl-3.0.13.tar.gz
+	wget https://www.openssl.org/source/openssl-3.0.14.tar.gz
 	```
 2. Unpack the tarball with:
 	```
-	tar -zxf openssl-3.0.13.tar.gz && cd openssl-3.0.13
+	tar -zxf openssl-3.0.14.tar.gz && cd openssl-3.0.14
 	```
 3. Issue the command:
 	```
@@ -101,20 +101,20 @@ Issue the following command from the terminal:
 	```
 	  Your output should be as follows:
 	```
-	OpenSSL* 3.0.13  30 Jan 2024
+	OpenSSL* 3.0.14  04 Jun 2024
 	```
 
-#### Steps to install curl version 8.6.0 configured with openssl
+#### Steps to install curl version 8.8.0 configured with openssl
 
 After installing openssl, proceed with the installation of curl.
 
 1. Pull the tarball:
 	```
-	wget https://curl.se/download/curl-8.6.0.tar.gz
+	wget https://curl.se/download/curl-8.8.0.tar.gz
 	```
 2. Unpack the tarball with:
 	```
-	tar -zxf curl-8.6.0.tar.gz && cd curl-8.6.0
+	tar -zxf curl-8.8.0.tar.gz && cd curl-8.8.0
 	```
 3. Issue the command to configure the curl with openssl and nghttp2:
 	```
@@ -137,9 +137,9 @@ Issue the following command from the terminal:
 	```
 	 Your output should point to the openssl version which you installed.
     ```
-    curl 8.6.0 (x86_64-pc-linux-gnu) libcurl/8.6.0 OpenSSL/3.0.13 zlib/1.2.11
+    curl 8.8.0 (x86_64-pc-linux-gnu) libcurl/8.8.0 OpenSSL/3.0.14 zlib/1.2.11
     ```
-Note 1: If you are using no_proxy environment variable to exclude proxying for any FDO server IP addresses along with curl 8.6.0 in your setup, ensure to use CIDR notation (https://datatracker.ietf.org/doc/html/rfc1519) as given in below examples.
+Note 1: If you are using no_proxy environment variable to exclude proxying for any FDO server IP addresses along with curl 8.8.0 in your setup, ensure to use CIDR notation (https://datatracker.ietf.org/doc/html/rfc1519) as given in below examples.
 
 Single IP address example: no_proxy="10.60.132.45/32"
 Two IP addresses example: no_proxy="10.60.132.45/32,10.60.132.46/32"

docs/tpm.md

@@ -3,7 +3,7 @@
 
 `Ubuntu* OS version 20.04 or 22.04 / RHEL* OS version [8.4|8.6|8.8] / Debian 11.4` on x86 was used as a development and execution OS. Follow these steps to compile and execute FIDO Device Onboard (FDO).
 
-The FDO Client SDK execution depends on OpenSSL* toolkit 3.0.13 version. Users must install or upgrade the toolkit before compilation if the toolkit is not available by default in the environment.
+The FDO Client SDK execution depends on OpenSSL* toolkit 3.0.14 version. Users must install or upgrade the toolkit before compilation if the toolkit is not available by default in the environment.
 
 ## 1. Packages Requirements when Building Binaries with TPM* 2.0:
 
@@ -23,10 +23,10 @@ sudo yum -y install gcc gcc-c++ python3-setuptools git-clang-format dos2unix rub
   glib2-devel libpcap-devel autoconf libtool libproxy-devel mozjs52-devel doxygen cmake make mercurial nghttp2 libnghttp2-devel
 ```
 
-OpenSSL* toolkit version 3.0.13.
-Curl version 8.6.0
+OpenSSL* toolkit version 3.0.14.
+Curl version 8.8.0
 
-#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.13
+#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.14
 
 Following steps will replace the existing versions of OpenSSL and Curl from the system. If you want to keep the existing versions then use [Installation-Script](../utils/install_openssl_curl.sh) script to install Openssl and Curl at a different location.
 > ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl at /opt/ by default. To provide different path, modify these variables in the script
@@ -37,7 +37,7 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
 
 * Command to install OpenSSL and Curl
 	```
-	sudo ./install_openssl_curl.sh -i -v 3.0.13
+	sudo ./install_openssl_curl.sh -i -v 3.0.14
 	```
 
 1. If libssl-dev, curl and libcurl are installed, uninstall it:
@@ -54,11 +54,11 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
 	```
 2. Pull the tarball:
 	```
-	wget https://www.openssl.org/source/openssl-3.0.13.tar.gz
+	wget https://www.openssl.org/source/openssl-3.0.14.tar.gz
 	```
 3. Unpack the tarball with:
 	```
-	tar -zxf openssl-3.0.13.tar.gz && cd openssl-3.0.13
+	tar -zxf openssl-3.0.14.tar.gz && cd openssl-3.0.14
 	```
 4. Issue the command:
 	```
@@ -97,20 +97,20 @@ Issue the following command from the terminal:
 	```
 	  Your output should be as follows:
 	```
-	OpenSSL* 3.0.13  30 Jan 2024
+	OpenSSL* 3.0.14  04 Jun 2024
 	```
 
-#### Steps to install curl version 8.6.0 configured with openssl
+#### Steps to install curl version 8.8.0 configured with openssl
 
 After installing openssl, proceed with the installation of curl.
 
 1. Pull the tarball:
 	```
-	wget https://curl.se/download/curl-8.6.0.tar.gz
+	wget https://curl.se/download/curl-8.8.0.tar.gz
 	```
 2. Unpack the tarball with:
 	```
-	tar -zxf curl-8.6.0.tar.gz && cd curl-8.6.0
+	tar -zxf curl-8.8.0.tar.gz && cd curl-8.8.0
 	```
 3. Issue the command to configure the curl with openssl and nghttp2:
 	```
@@ -133,10 +133,10 @@ Issue the following command from the terminal:
 	```
 	 Your output should point to the openssl version which you installed.
     ```
-    curl 8.6.0 (x86_64-pc-linux-gnu) libcurl/8.6.0 OpenSSL/3.0.13 zlib/1.2.11
+    curl 8.8.0 (x86_64-pc-linux-gnu) libcurl/8.8.0 OpenSSL/3.0.14 zlib/1.2.11
     ```
 
-Note 1: If you are using no_proxy environment variable to exclude proxying for any FDO server IP addresses, it may not work with curl 8.6.0. Workaround for this is to ensure the no_proxy IP is specified in CIDR notation (https://datatracker.ietf.org/doc/html/rfc1519)
+Note 1: If you are using no_proxy environment variable to exclude proxying for any FDO server IP addresses, it may not work with curl 8.8.0. Workaround for this is to ensure the no_proxy IP is specified in CIDR notation (https://datatracker.ietf.org/doc/html/rfc1519)
 
 Single IP address example: no_proxy="10.60.132.45/32"
 Two IP addresses example: no_proxy="10.60.132.45/32,10.60.132.46/32"
@@ -445,12 +445,12 @@ sudo  ./utils/clear_tpm_nv.sh
 ```
 
 - OpenSSL* Toolkit Library Linking Related Error While Building FDO Client SDK.<br />
-  There is a dependency on the OpenSSL* toolkit version 3.0.13 for building and running the FDO Client SDK.
+  There is a dependency on the OpenSSL* toolkit version 3.0.14 for building and running the FDO Client SDK.
   Check the version of the OpenSSL* toolkit installed in your machine with the command
 
 ```shell
   openssl version
 ```
-  If the OpenSSL* toolkit version in your machine is earlier than version 3.0.13, follow the steps given in section 1 to update the OpenSSL* version to 3.0.13.
+  If the OpenSSL* toolkit version in your machine is earlier than version 3.0.14, follow the steps given in section 1 to update the OpenSSL* version to 3.0.14.
 
 

utils/install_openssl_curl.sh

@@ -1,7 +1,7 @@
 OPENSSL_ROOT=/opt/openssl
 CURL_ROOT=/opt/curl
-CURL_VER="8.6.0"
-CURL_LINK="https://curl.se/download/curl-8.6.0.tar.gz --no-check-certificate"
+CURL_VER="8.8.0"
+CURL_LINK="https://curl.se/download/curl-8.8.0.tar.gz --no-check-certificate"
 
 PARENT_DIR=`pwd`
 cd $PARENT_DIR
@@ -66,7 +66,7 @@ usage()
         ./$0 <OPTION>\n
         OPTION:
             -i - Install OpenSSL.
-            -u - Uninstall OpenSSL. (e.g. -v 3.0.13)
+            -u - Uninstall OpenSSL. (e.g. -v 3.0.14)
             -v - OpenSSL Version
             -h - Help."
 }

utils/install_tpm_libs.sh

@@ -77,7 +77,7 @@ install_tpm2abrmd()
     wget $TPM2_ABRMD_LINK
     tar -xvzf tpm2-abrmd-$TPM2_ABRMD_VER.tar.gz
     cd tpm2-abrmd-$TPM2_ABRMD_VER
-    
+
     PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/:$OPENSSL3_LIB/pkgconfig/:$CURL_LIB/pkgconfig/ \
     ./configure --with-dbuspolicydir=/etc/dbus-1/system.d --with-systemdsystemunitdir=/lib/systemd/system/ --with-systemdpresetdir=/lib/systemd/system-preset/ \
     CFLAGS="-I$OPENSSL3_INCLUDE -I$CURL_INCLUDE" LDFLAGS="-L$OPENSSL3_LIB -L$CURL_LIB"
@@ -89,9 +89,11 @@ install_tpm2abrmd()
     service tpm2-abrmd stop
     pkill -HUP dbus-daemon
     systemctl daemon-reload
-    service tpm2-abrmd status
+    STATUS=$(service tpm2-abrmd status)
+    echo $STATUS
     service tpm2-abrmd start
-    service tpm2-abrmd status
+    STATUS=$(service tpm2-abrmd status)
+    echo $STATUS
     systemctl enable tpm2-abrmd.service
 }
 

utils/install_tpm_libs_rhel.sh

@@ -51,7 +51,7 @@ install_tpm2tss()
     ./configure --disable-doxygen-doc --with-udevrulesdir=/etc/udev/rules.d/ PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
     make -j$(nproc)
     make install
-    
+
     udevadm control --reload-rules
     udevadm trigger
     ldconfig
@@ -63,7 +63,8 @@ install_tpm2abrmd()
     yum -y install tpm2-abrmd
     service tpm2-abrmd stop
     service tpm2-abrmd start
-    service tpm2-abrmd status
+    STATUS=$(service tpm2-abrmd status)
+    echo $STATUS
     systemctl enable tpm2-abrmd.service
 }