1 Libgcrypt - The GNU Crypto Library 2 ------------------------------------ 3 Version 1.5 4 5 Copyright 2000, 2002, 2003, 2004, 2007, 2008, 2009, 6 2011 Free Software Foundation, Inc. 7 8 This file is free software; as a special exception the author gives 9 unlimited permission to copy and/or distribute it, with or without 10 modifications, as long as this notice is preserved. 11 12 This file is distributed in the hope that it will be useful, but 13 WITHOUT ANY WARRANTY, to the extent permitted by law; without even the 14 implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 15 16 17 18 Overview 19 -------- 20 21 Libgcrypt is a general purpose crypto library based on the code 22 used in GnuPG. Libgcrypt depends on the library `libgpg-error', 23 which must be installed correctly before Libgcrypt is to be built. 24 Libgcrypt is distributed under the LGPL, see the section "License" 25 below for details. 26 27 28 Build Instructions 29 ------------------ 30 31 The download canonical location for libgcrypt is: 32 33 ftp://ftp.gnupg.org/gcrypt/libgcrypt/ 34 35 To build libgcrypt you need libgpg-error: 36 37 ftp://ftp.gnupg.org/gcrypt/libgpg-error/ 38 39 You should get the latest versions of course. 40 41 After building and installing the libgpg-error package, you may 42 continue with Libgcrypt installation As with allmost all GNU 43 packages, you just have to do 44 45 ./configure 46 make 47 make check 48 make install 49 50 The "make check" is not required but a good idea to see whether 51 the library works as expected. The check takes some while and 52 prints some benchmarking results. Before doing "make install" you 53 probably need to become root. 54 55 To build libgcrypt for Microsoft Windows, you need to have the 56 mingw32 cross-building toolchain installed. Instead of running a 57 plain configure you use 58 59 ./autogen.sh --build-w32 60 make 61 make install 62 63 By default this command sequences expectsd a libgpg-error 64 installed below $HOME/w32root and installs libgcrypt to that 65 directory too. See the autogen.sh code for details. 66 67 The documentation is available as an Info file (gcrypt.info). To 68 build documentation in PDF, run this: 69 70 cd doc 71 make pdf 72 73 74 75 Mailing List 76 ------------ 77 78 You may want to join the developer's mailing list 79 gcrypt-devel@gnupg.org by sending mail with a subject of 80 "subscribe" to gcrypt-devel-request@gnupg.org. An archive of this 81 list is available at http://lists.gnupg.org . 82 83 84 Configure options 85 ----------------- 86 Here is a list of configure options which are sometimes useful 87 for installation. 88 89 --enable-m-guard 90 Enable the integrated malloc checking code. Please 91 note that this feature does not work on all CPUs 92 (e.g. SunOS 5.7 on UltraSparc-2) and might give 93 you a bus error. 94 95 --disable-asm 96 Do not use assembler modules. It is not possible 97 to use this on some CPU types. 98 99 --enable-ld-version-script 100 Libgcrypt tries to build a library where internal 101 symbols are not exported. This requires support 102 from ld and is currently enabled for a few OSes. 103 If you know that your ld supports the so called 104 ELF version scripts, you can use this option to 105 force its use. OTOH, if you get error message 106 from the linker, you probably want to use this 107 option to disable the use of version scripts. 108 Note, that you should never ever use an 109 undocumented symbol or one which is prefixed with 110 an underscore. 111 112 --enable-ciphers=list 113 --enable-pubkey-ciphers=list 114 --enable-digests=list 115 If not otherwise specified, all algorithms 116 included in the libgcrypt source tree are built. 117 An exception are algorithms, which depend on 118 features not provided by the system, like 64bit 119 data types. With these switches it is possible 120 to select exactly those algorithm modules, which 121 should be built. The algorithms are to be 122 separated by spaces, commas or colons. To view 123 the list used with the current build the program 124 tests/version may be used. 125 126 --disable-endian-check 127 Don't let configure test for the endianness but 128 try to use the OS provided macros at compile 129 time. This is helpful to create OS X fat binaries. 130 131 --enable-random-daemon 132 Include support for a global random daemon and 133 build the daemon. This is an experimental feature. 134 135 --enable-mpi-path=EXTRA_PATH 136 Prepend EXTRA_PATH to list of CPU specific 137 optimizations. For example, if you want to add 138 optimizations forn a Intel Pentium 4 compatible 139 CPU, you may use 140 --enable-mpi-path=pentium4/sse2:pentium4/mmx 141 Take care: The generated library may crash on 142 non-compatible CPUs. 143 144 --enable-random=NAME 145 Force the use of the random gathering module 146 NAME. Default is either to use /dev/random or 147 the auto mode. Possible values for NAME are: 148 egd - Use the module which accesses the 149 Entropy Gathering Daemon. See the webpages 150 for more information about it. 151 unix - Use the standard Unix module which does not 152 have a very good performance. 153 linux - Use the module which accesses /dev/random. 154 This is the first choice and the default one 155 for GNU/Linux or *BSD. 156 auto - Compile linux, egd and unix in and 157 automagically select at runtime. 158 159 --enable-hmac-binary-check 160 Include support to check the binary at runtime 161 against a HMAC checksum. This works only in FIPS 162 mode and on systems providing the dladdr function. 163 164 --disable-padlock-support 165 Disable support for the PadLock engine of VIA 166 processors. The default is to use PadLock if 167 available. Try this if you get problems with 168 assembler code. 169 170 --disable-aesni-support 171 Disable support for the AES-NI instructions of 172 newer Intel CPUs. The default is to use AES-NI 173 if available. Try this if you get problems with 174 assembler code. 175 176 --disable-O-flag-munging 177 Some code is too complex for some compilers while 178 in higher optimization modes, thus the compiler 179 invocation is modified to use a lower 180 optimization level. Usually this works very well 181 but on some platforms these rules break the 182 invocation. This option may be used to disable 183 the feature under the assumption that either good 184 CFLAGS are given or the compiler can grok the code. 185 186 187 188 189 Build Problems 190 -------------- 191 192 We can't check all assembler files, so if you have problems 193 assembling them (or the program crashes) use --disable-asm with 194 ./configure. If you opt to delete individual replacement files in 195 hopes of using the remaining ones, be aware that the configure 196 scripts may consider several subdirectories to get all available 197 assembler files; be sure to delete the correct ones. Never delete 198 udiv-qrnnd.S in any CPU directory, because there may be no C 199 substitute (in mpi/genereic). Don't forget to delete 200 "config.cache" and run "./config.status --recheck". We got a few 201 reports about problems using versions of gcc earlier than 2.96 202 along with a non-GNU assembler (as). If this applies to your 203 platform, you can either upgrade gcc to a more recent version, or 204 use the GNU assembler. 205 206 Some make tools are broken - the best solution is to use GNU's 207 make. Try gmake or grab the sources from a GNU archive and 208 install them. 209 210 Specific problems on some machines: 211 212 * IBM RS/6000 running AIX 213 214 Due to a change in gcc (since version 2.8) the MPI stuff may 215 not build. In this case try to run configure using: 216 CFLAGS="-g -O2 -mcpu=powerpc" ./configure 217 218 * SVR4.2 (ESIX V4.2 cc) 219 220 Due to problems with the ESIX as(1), you probably want to do: 221 CFLAGS="-O -K pentium" ./configure --disable-asm 222 223 * SunOS 4.1.4 224 225 ./configure ac_cv_sys_symbol_underscore=yes 226 227 * Sparc64 CPUs 228 229 We have reports about failures in the AES module when 230 compiling using gcc (e.g. version 4.1.2) and the option -O3; 231 using -O2 solves the problem. 232 233 234 License 235 ------- 236 237 The library is distributed under the terms of the GNU Lesser 238 General Public License (LGPL); see the file COPYING.LIB for the 239 actual terms. The helper programs (e.g. gcryptrnd and getrandom) 240 as well as the documentation are distributed under the terms of 241 the GNU General Public License (GPL); see the file COPYING for the 242 actual terms. 243 244 This library used to be available under the GPL - this was changed 245 with version 1.1.7 with the rationale that there are now many free 246 crypto libraries available and many of them come with capabilities 247 similar to Libcrypt. We decided that to foster the use of 248 cryptography in Free Software an LGPLed library would make more 249 sense because it avoids problems due to license incompatibilities 250 between some Free Software licenses and the GPL. 251 252 Please note that in many cases it is better for a library to be 253 licensed under the GPL, so that it provides an advantage for free 254 software projects. The Lesser GPL is so named because it does 255 less to protect the freedom of the users of the code that it 256 covers. See http://www.gnu.org/philosophy/why-not-lgpl.html for 257 more explanation. 258 259 260 Contact 261 ------- 262 263 See the file AUTHORS. 264 265 Commercial grade support for Libgcrypt is available; please see 266 http://www.gnupg.org/service.html . 267 268 269 This file is Free Software; as a special exception the authors gives 270 unlimited permission to copy and/or distribute it, with or without 271 modifications, as long as this notice is preserved. For conditions 272 of the whole package, please see the file COPYING. This file is 273 distributed in the hope that it will be useful, but WITHOUT ANY 274 WARRANTY, to the extent permitted by law; without even the implied 275 warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 276