From 89ec34a5964ba93f3f7a54a1eca773775c5824e0 Mon Sep 17 00:00:00 2001
From: Shrikant Temburwar <shrikant.temburwar@intel.com>
Date: Mon, 13 Nov 2023 14:46:49 +0530
Subject: [PATCH] Update OpenSSL version to v3.0.12 and curl version to v8.4.0

Signed-off-by: Shrikant Temburwar <shrikant.temburwar@intel.com>
---
 docs/cse.md                   | 36 +++++++++++++++++------------------
 docs/linux.md                 | 32 +++++++++++++++----------------
 docs/tpm.md                   | 36 +++++++++++++++++------------------
 utils/install_openssl_curl.sh |  4 ++--
 4 files changed, 54 insertions(+), 54 deletions(-)

diff --git a/docs/cse.md b/docs/cse.md
index d60929bc..dcc4fc09 100644
--- a/docs/cse.md
+++ b/docs/cse.md
@@ -6,9 +6,9 @@
 
 
 # Intel<sup>&reg;</sup> CSE Implementation
-The development and execution OS used was `Ubuntu* OS version 20.04 or 22.04 / RHEL* OS version 8.4 or 8.6 / Debian 11.4` on x86. Follow these steps to compile and execute FIDO Device Onboard (FDO).
+The development and execution OS used was `Ubuntu* OS version [20.04|22.04] / RHEL* OS version [8.4|8.6|8.8] / Debian 11.4` on x86. Follow these steps to compile and execute FIDO Device Onboard (FDO).
 
-The Intel<sup>&reg;</sup> CSE (Intel<sup>&reg;</sup>  Converged Security Engine) enabled FDO Client SDK execution depends on OpenSSL* toolkit 3.0.8 version. Users must install or upgrade the toolkit before compilation if the toolkit is not available by default in the environment.
+The Intel<sup>&reg;</sup> CSE (Intel<sup>&reg;</sup>  Converged Security Engine) enabled FDO Client SDK execution depends on OpenSSL* toolkit 3.0.12 version. Users must install or upgrade the toolkit before compilation if the toolkit is not available by default in the environment.
 
 # Prerequisites for Intel<sup>&reg;</sup> CSE support
 The system hardware should have the support for Intel<sup>&reg;</sup> CSE FDO client with UUID: 125405e0-fca9-4110-8f88-b4dbcdcb876f
@@ -16,13 +16,13 @@ The system hardware should have the support for Intel<sup>&reg;</sup> CSE FDO cl
 The linux kernel should have the support to enable the Intel<sup>&reg;</sup> CSE clients and have FDO in that list. This support is available in intel-next kernel version 5.9 onwards and is upstreamed in kernel.org version 6.2-rc7 onwards.
 
 ## 1. Packages Requirements when Building Binaries:
-* For Ubuntu* OS version 20.04 or 22.04 / Debian 11.4:
+* For Ubuntu* OS version [20.04|22.04] / Debian 11.4:
 ```shell
 sudo apt-get install build-essential python-setuptools clang-format dos2unix ruby \
   libglib2.0-dev libpcap-dev autoconf libtool libproxy-dev doxygen cmake libssl-dev mercurial nghttp2 libnghttp2-dev
 ```
 
-* For RHEL* OS version 8.4 or 8.6:
+* For RHEL* OS version [8.4|8.6|8.8]:
 ```shell
 sudo subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms
 sudo yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
@@ -33,9 +33,9 @@ sudo yum -y install gcc gcc-c++ python3-setuptools git-clang-format dos2unix rub
 ```
 ## 2. Packages Requirements when Executing Binaries:
 
-OpenSSL* toolkit version 3.0.8
+OpenSSL* toolkit version 3.0.12
 GCC version > 7.5
-Curl version 8.1.2
+Curl version 8.4.0
 
 Following steps will replace the existing versions of OpenSSL and Curl from the system. If you want to keep the existing versions then use [Installation-Script](../utils/install_openssl_curl.sh) script to install Openssl and Curl at a different location.
 > ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl at /opt/ by default. To provide different path, modify these variables in the script 
@@ -46,7 +46,7 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
 
 * Command to install OpenSSL and Curl
 	```
-	sudo ./install_openssl_curl.sh -i -v 3.0.8
+	sudo ./install_openssl_curl.sh -i -v 3.0.12
 	```
 #### Steps to remove the older curl packages
 
@@ -59,15 +59,15 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
 	yum remove curl libcurl-devel
 	```
 
-#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.8
+#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.12
 
 1. Pull the tarball:
 	```
-	wget https://www.openssl.org/source/openssl-3.0.8.tar.gz
+	wget https://www.openssl.org/source/openssl-3.0.12.tar.gz
 	```
 2. Unpack the tarball with:
 	```
-	tar -zxf openssl-3.0.8.tar.gz && cd openssl-3.0.8
+	tar -zxf openssl-3.0.12.tar.gz && cd openssl-3.0.12
 	```
 3. Issue the command:
 	```
@@ -106,20 +106,20 @@ Issue the following command from the terminal:
 	```
 	  Your output should be as follows:
 	```
-	OpenSSL* 3.0.8  7 Feb 2023
+	OpenSSL* 3.0.12  24 Oct 2023
 	```
 
-#### Steps to install curl version 8.1.2 configured with openssl
+#### Steps to install curl version 8.4.0 configured with openssl
 
 After installing openssl, proceed with the installation of curl.
 
 1. Pull the tarball:
 	```
-	wget https://curl.se/download/curl-8.1.2.tar.gz
+	wget https://curl.se/download/curl-8.4.0.tar.gz
 	```
 2. Unpack the tarball with:
 	```
-	tar -zxf curl-8.1.2.tar.gz && cd curl-8.1.2
+	tar -zxf curl-8.4.0.tar.gz && cd curl-8.4.0
 	```
 3. Issue the command to configure the curl with openssl and nghttp2:
 	```
@@ -142,7 +142,7 @@ Issue the following command from the terminal:
 	```
 	 Your output should point to the openssl version which you installed.
     ```
-    curl 8.1.2 (x86_64-pc-linux-gnu) libcurl/8.1.2 OpenSSL/3.0.8 zlib/1.2.11
+    curl 8.4.0 (x86_64-pc-linux-gnu) libcurl/8.4.0 OpenSSL/3.0.12 zlib/1.2.11
     ```
 Alternatively, execute  [Installation-Script](../utils/install_openssl_curl.sh) which can be used for both installation and uninstallation of OpenSSL and Curl.
 > ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl to /opt/ by default. To provide different path, modify these variables in the script 
@@ -153,15 +153,15 @@ Alternatively, execute  [Installation-Script](../utils/install_openssl_curl.sh)
 
 * Command to install OpenSSL and Curl
 	```
-	sudo ./install_openssl_curl.sh -i -v 3.0.8
+	sudo ./install_openssl_curl.sh -i -v 3.0.12
 	```
 
 * Command to uninstall OpenSSL
 	```
-	sudo ./install_openssl_curl.sh -u -v 3.0.8
+	sudo ./install_openssl_curl.sh -u -v 3.0.12
 	```
 
-Note 1: If you are using no_proxy environment variable to exclude proxying for any FDO server IP addresses along with curl 8.1.2 in your setup, ensure to use CIDR notation (https://datatracker.ietf.org/doc/html/rfc1519) as given in below examples.
+Note 1: If you are using no_proxy environment variable to exclude proxying for any FDO server IP addresses along with curl 8.4.0 in your setup, ensure to use CIDR notation (https://datatracker.ietf.org/doc/html/rfc1519) as given in below examples.
 
 Single IP address example: no_proxy="10.60.132.45/32"
 Two IP addresses example: no_proxy="10.60.132.45/32,10.60.132.46/32"
diff --git a/docs/linux.md b/docs/linux.md
index e102225d..5c10d2df 100644
--- a/docs/linux.md
+++ b/docs/linux.md
@@ -2,18 +2,18 @@
 
 
 # Linux* OS
-The development and execution OS used was `Ubuntu* OS version 20.04 or 22.04 / RHEL* OS version 8.4 or 8.6 / Debian 11.4` on x86. Follow these steps to compile and execute FIDO Device Onboard (FDO).
+The development and execution OS used was `Ubuntu* OS version [20.04|22.04] / RHEL* OS version [8.4|8.6|8.8] / Debian 11.4` on x86. Follow these steps to compile and execute FIDO Device Onboard (FDO).
 
-The FDO Client SDK execution depends on OpenSSL* toolkit 3.0.8 version. Users must install or upgrade the toolkit before compilation if the toolkit is not available by default in the environment.
+The FDO Client SDK execution depends on OpenSSL* toolkit 3.0.12 version. Users must install or upgrade the toolkit before compilation if the toolkit is not available by default in the environment.
 
 ## 1. Packages Requirements when Building Binaries:
-* For Ubuntu* OS version 20.04 or 22.04 / Debian 11.4:
+* For Ubuntu* OS version [20.04|22.04] / Debian 11.4:
 ```shell
 sudo apt-get install build-essential python-setuptools clang-format dos2unix ruby \
   libglib2.0-dev libpcap-dev autoconf libtool libproxy-dev doxygen cmake mercurial nghttp2 libnghttp2-dev
 ```
 
-* For RHEL* OS version 8.4 or 8.6:
+* For RHEL* OS version [8.4|8.6|8.8]:
 ```shell
 sudo subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms
 sudo yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
@@ -24,9 +24,9 @@ sudo yum -y install gcc gcc-c++ python3-setuptools git-clang-format dos2unix rub
 ```
 ## 2. Packages Requirements when Executing Binaries:
 
-OpenSSL* toolkit version 3.0.8
+OpenSSL* toolkit version 3.0.12
 GCC version > 7.5
-Curl version 8.1.2
+Curl version 8.4.0
 
 Following steps will replace the existing versions of OpenSSL and Curl from the system. If you want to keep the existing versions then use [Installation-Script](../utils/install_openssl_curl.sh) script to install Openssl and Curl at a different location.
 > ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl at /opt/ by default. To provide different path, modify these variables in the script 
@@ -37,7 +37,7 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
 
 * Command to install OpenSSL and Curl
 	```
-	sudo ./install_openssl_curl.sh -i -v 3.0.8
+	sudo ./install_openssl_curl.sh -i -v 3.0.12
 	```
 
 #### Steps to remove the older OpenSSL and curl packages
@@ -55,15 +55,15 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
 	sudo yum remove libcurl-devel openssl-devel
 	```
  
-#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.8
+#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.12
 
 1. Pull the tarball:
 	```
-	wget https://www.openssl.org/source/openssl-3.0.8.tar.gz
+	wget https://www.openssl.org/source/openssl-3.0.12.tar.gz
 	```
 2. Unpack the tarball with:
 	```
-	tar -zxf openssl-3.0.8.tar.gz && cd openssl-3.0.8
+	tar -zxf openssl-3.0.12.tar.gz && cd openssl-3.0.12
 	```
 3. Issue the command:
 	```
@@ -103,20 +103,20 @@ Issue the following command from the terminal:
 	```
 	  Your output should be as follows:
 	```
-	OpenSSL* 3.0.8  7 Feb 2023
+	OpenSSL* 3.0.12  24 Oct 2023
 	```
 
-#### Steps to install curl version 8.1.2 configured with openssl
+#### Steps to install curl version 8.4.0 configured with openssl
 
 After installing openssl, proceed with the installation of curl.
 
 1. Pull the tarball:
 	```
-	wget https://curl.se/download/curl-8.1.2.tar.gz
+	wget https://curl.se/download/curl-8.4.0.tar.gz
 	```
 2. Unpack the tarball with:
 	```
-	tar -zxf curl-8.1.2.tar.gz && cd curl-8.1.2
+	tar -zxf curl-8.4.0.tar.gz && cd curl-8.4.0
 	```
 3. Issue the command to configure the curl with openssl and nghttp2:
 	```
@@ -139,9 +139,9 @@ Issue the following command from the terminal:
 	```
 	 Your output should point to the openssl version which you installed.
     ```
-    curl 8.1.2 (x86_64-pc-linux-gnu) libcurl/8.1.2 OpenSSL/3.0.8 zlib/1.2.11
+    curl 8.4.0 (x86_64-pc-linux-gnu) libcurl/8.4.0 OpenSSL/3.0.12 zlib/1.2.11
     ```
-Note 1: If you are using no_proxy environment variable to exclude proxying for any FDO server IP addresses along with curl 8.1.2 in your setup, ensure to use CIDR notation (https://datatracker.ietf.org/doc/html/rfc1519) as given in below examples.
+Note 1: If you are using no_proxy environment variable to exclude proxying for any FDO server IP addresses along with curl 8.4.0 in your setup, ensure to use CIDR notation (https://datatracker.ietf.org/doc/html/rfc1519) as given in below examples.
 
 Single IP address example: no_proxy="10.60.132.45/32"
 Two IP addresses example: no_proxy="10.60.132.45/32,10.60.132.46/32"
diff --git a/docs/tpm.md b/docs/tpm.md
index 4d9143ed..ea6a3618 100644
--- a/docs/tpm.md
+++ b/docs/tpm.md
@@ -8,19 +8,19 @@
 
 # Linux* TPM* Implementation
 
-`Ubuntu* OS version 20.04 or 22.04 / RHEL* OS version 8.4 or 8.6 / Debian 11.4` on x86 was used as a development and execution OS. Follow these steps to compile and execute FIDO Device Onboard (FDO).
+`Ubuntu* OS version 20.04 or 22.04 / RHEL* OS version [8.4|8.6|8.8] / Debian 11.4` on x86 was used as a development and execution OS. Follow these steps to compile and execute FIDO Device Onboard (FDO).
 
-The FDO Client SDK execution depends on OpenSSL* toolkit 3.0.8 version. Users must install or upgrade the toolkit before compilation if the toolkit is not available by default in the environment.
+The FDO Client SDK execution depends on OpenSSL* toolkit 3.0.12 version. Users must install or upgrade the toolkit before compilation if the toolkit is not available by default in the environment.
 
 ## 1. Packages Requirements when Building Binaries with TPM* 2.0:
 
-* For Ubuntu* OS version 20.04 or 22.04 / Debian 11.4:
+* For Ubuntu* OS version [20.04|22.04] / Debian 11.4:
 ```shell
 sudo apt-get install build-essential python-setuptools clang-format dos2unix ruby \
   libglib2.0-dev libpcap-dev autoconf libtool libproxy-dev doxygen cmake mercurial nghttp2 libnghttp2-dev
 ```
 
-* For RHEL* OS version 8.4 or 8.6:
+* For RHEL* OS version [8.4|8.6|8.8]:
 ```shell
 sudo subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms
 sudo yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
@@ -30,10 +30,10 @@ sudo yum -y install gcc gcc-c++ python3-setuptools git-clang-format dos2unix rub
   glib2-devel libpcap-devel autoconf libtool libproxy-devel mozjs52-devel doxygen cmake make mercurial nghttp2 libnghttp2-devel
 ```
 
-OpenSSL* toolkit version 3.0.8.
-Curl version 8.1.2
+OpenSSL* toolkit version 3.0.12.
+Curl version 8.4.0
 
-#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.8
+#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.12
 
 Following steps will replace the existing versions of OpenSSL and Curl from the system. If you want to keep the existing versions then use [Installation-Script](../utils/install_openssl_curl.sh) script to install Openssl and Curl at a different location.
 > ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl at /opt/ by default. To provide different path, modify these variables in the script 
@@ -44,7 +44,7 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
 
 * Command to install OpenSSL and Curl
 	```
-	sudo ./install_openssl_curl.sh -i -v 3.0.8
+	sudo ./install_openssl_curl.sh -i -v 3.0.12
 	```
 
 1. If libssl-dev, curl and libcurl are installed, uninstall it:
@@ -61,11 +61,11 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
 	```
 2. Pull the tarball:
 	```
-	wget https://www.openssl.org/source/openssl-3.0.8.tar.gz
+	wget https://www.openssl.org/source/openssl-3.0.12.tar.gz
 	```
 3. Unpack the tarball with:
 	```
-	tar -zxf openssl-3.0.8.tar.gz && cd openssl-3.0.8
+	tar -zxf openssl-3.0.12.tar.gz && cd openssl-3.0.12
 	```
 4. Issue the command:
 	```
@@ -104,20 +104,20 @@ Issue the following command from the terminal:
 	```
 	  Your output should be as follows:
 	```
-	OpenSSL* 3.0.8  7 Feb 2023
+	OpenSSL* 3.0.12  24 Oct 2023
 	```
 
-#### Steps to install curl version 8.1.2 configured with openssl
+#### Steps to install curl version 8.4.0 configured with openssl
 
 After installing openssl, proceed with the installation of curl.
 
 1. Pull the tarball:
 	```
-	wget https://curl.se/download/curl-8.1.2.tar.gz
+	wget https://curl.se/download/curl-8.4.0.tar.gz
 	```
 2. Unpack the tarball with:
 	```
-	tar -zxf curl-8.1.2.tar.gz && cd curl-8.1.2
+	tar -zxf curl-8.4.0.tar.gz && cd curl-8.4.0
 	```
 3. Issue the command to configure the curl with openssl and nghttp2:
 	```
@@ -140,10 +140,10 @@ Issue the following command from the terminal:
 	```
 	 Your output should point to the openssl version which you installed.
     ```
-    curl 8.1.2 (x86_64-pc-linux-gnu) libcurl/8.1.2 OpenSSL/3.0.8 zlib/1.2.11
+    curl 8.4.0 (x86_64-pc-linux-gnu) libcurl/8.4.0 OpenSSL/3.0.12 zlib/1.2.11
     ```
 
-Note 1: If you are using no_proxy environment variable to exclude proxying for any FDO server IP addresses, it may not work with curl 8.1.2. Workaround for this is to ensure the no_proxy IP is specified in CIDR notation (https://datatracker.ietf.org/doc/html/rfc1519)
+Note 1: If you are using no_proxy environment variable to exclude proxying for any FDO server IP addresses, it may not work with curl 8.4.0. Workaround for this is to ensure the no_proxy IP is specified in CIDR notation (https://datatracker.ietf.org/doc/html/rfc1519)
 
 Single IP address example: no_proxy="10.60.132.45/32"
 Two IP addresses example: no_proxy="10.60.132.45/32,10.60.132.46/32"
@@ -434,12 +434,12 @@ Use the tpm2_evictcontrol command to delete the content or clear TPM* from the B
   ```
 
 - OpenSSL* Toolkit Library Linking Related Error While Building FDO Client SDK.<br />
-  There is a dependency on the OpenSSL* toolkit version 3.0.8 for building and running the FDO Client SDK.
+  There is a dependency on the OpenSSL* toolkit version 3.0.12 for building and running the FDO Client SDK.
   Check the version of the OpenSSL* toolkit installed in your machine with the command
 
   ```shell
   openssl version
   ```
-  If the OpenSSL* toolkit version in your machine is earlier than version 3.0.8, follow the steps given in section 1 to update the OpenSSL* version to 3.0.8.
+  If the OpenSSL* toolkit version in your machine is earlier than version 3.0.12, follow the steps given in section 1 to update the OpenSSL* version to 3.0.12.
 
 
diff --git a/utils/install_openssl_curl.sh b/utils/install_openssl_curl.sh
index eb4752ef..9ad258b6 100644
--- a/utils/install_openssl_curl.sh
+++ b/utils/install_openssl_curl.sh
@@ -1,7 +1,7 @@
 OPENSSL_ROOT=/opt/openssl
 CURL_ROOT=/opt/curl
-CURL_VER="8.1.2"
-CURL_LINK="https://curl.se/download/curl-8.1.2.tar.gz --no-check-certificate"
+CURL_VER="8.4.0"
+CURL_LINK="https://curl.se/download/curl-8.4.0.tar.gz --no-check-certificate"
 
 PARENT_DIR=`pwd`
 cd $PARENT_DIR