277 строки
11 KiB
Plaintext
277 строки
11 KiB
Plaintext
Libgcrypt - The GNU Crypto Library
|
|
------------------------------------
|
|
Version 1.9
|
|
|
|
Copyright (C) 1989,1991-2018 Free Software Foundation, Inc.
|
|
Copyright (C) 2012-2021 g10 Code GmbH
|
|
Copyright (C) 2013-2021 Jussi Kivilinna
|
|
|
|
Libgcrypt is free software. See the file AUTHORS for full copying
|
|
notices, and LICENSES for notices about contributions that require
|
|
these additional notices to be distributed.
|
|
|
|
|
|
Overview
|
|
--------
|
|
|
|
Libgcrypt is a general purpose crypto library based on the code
|
|
used in GnuPG. Libgcrypt depends on the library `libgpg-error',
|
|
which must be installed correctly before Libgcrypt is to be built.
|
|
Libgcrypt is distributed under the LGPL, see the section "License"
|
|
below for details.
|
|
|
|
|
|
Build Instructions
|
|
------------------
|
|
|
|
The download canonical location for libgcrypt is:
|
|
|
|
ftp://ftp.gnupg.org/gcrypt/libgcrypt/
|
|
or
|
|
https://gnupg.org/ftp/gcrypt/libgcrypt/
|
|
|
|
To build libgcrypt you need libgpg-error:
|
|
|
|
ftp://ftp.gnupg.org/gcrypt/libgpg-error/
|
|
or
|
|
https://gnupg.org/ftp/gcrypt/libgpg-error/
|
|
|
|
You should get the latest versions of course.
|
|
|
|
After building and installing the libgpg-error package, you may
|
|
continue with Libgcrypt installation as with allmost all GNU
|
|
packages, you just have to do
|
|
|
|
./configure
|
|
make
|
|
make check
|
|
make install
|
|
|
|
The "make check" is not required but a good idea to see whether
|
|
the library works as expected. The check takes some while and
|
|
prints some benchmarking results. Before doing "make install" you
|
|
probably need to become root.
|
|
|
|
To build libgcrypt for Microsoft Windows, you need to have the
|
|
mingw32 cross-building toolchain installed. Instead of running a
|
|
plain configure you use
|
|
|
|
./autogen.sh --build-w32
|
|
make
|
|
make install
|
|
|
|
By default this command sequences expectsd a libgpg-error
|
|
installed below $HOME/w32root and installs libgcrypt to that
|
|
directory too. See the autogen.sh code for details.
|
|
|
|
The documentation is available as an Info file (gcrypt.info). To
|
|
build documentation in PDF, run this:
|
|
|
|
cd doc
|
|
make pdf
|
|
|
|
|
|
|
|
Mailing List
|
|
------------
|
|
|
|
You may want to join the developer's mailing list
|
|
gcrypt-devel@gnupg.org by sending mail with a subject of
|
|
"subscribe" to gcrypt-devel-request@gnupg.org. An archive of this
|
|
list is available at https://lists.gnupg.org .
|
|
|
|
|
|
Configure options
|
|
-----------------
|
|
Here is a list of configure options which are sometimes useful
|
|
for installation.
|
|
|
|
--enable-large-data-tests
|
|
With this option a "make check" will take really
|
|
long due to extra checks for the hash algorithms.
|
|
|
|
--enable-m-guard
|
|
Enable the integrated malloc checking code. Please
|
|
note that this feature does not work on all CPUs
|
|
(e.g. SunOS 5.7 on UltraSparc-2) and might give
|
|
you a bus error.
|
|
|
|
--disable-asm
|
|
Do not use assembler modules. It is not possible
|
|
to use this on some CPU types.
|
|
|
|
--enable-ld-version-script
|
|
Libgcrypt tries to build a library where internal
|
|
symbols are not exported. This requires support
|
|
from ld and is currently enabled for a few OSes.
|
|
If you know that your ld supports the so called
|
|
ELF version scripts, you can use this option to
|
|
force its use. OTOH, if you get error message
|
|
from the linker, you probably want to use this
|
|
option to disable the use of version scripts.
|
|
Note, that you should never ever use an
|
|
undocumented symbol or one which is prefixed with
|
|
an underscore.
|
|
|
|
--enable-ciphers=list
|
|
--enable-pubkey-ciphers=list
|
|
--enable-digests=list
|
|
If not otherwise specified, all algorithms
|
|
included in the libgcrypt source tree are built.
|
|
An exception are algorithms, which depend on
|
|
features not provided by the system, like 64bit
|
|
data types. With these switches it is possible
|
|
to select exactly those algorithm modules, which
|
|
should be built. The algorithms are to be
|
|
separated by spaces, commas or colons. To view
|
|
the list used with the current build the program
|
|
tests/version may be used.
|
|
|
|
--disable-endian-check
|
|
Don't let configure test for the endianness but
|
|
try to use the OS provided macros at compile
|
|
time. This is helpful to create OS X fat binaries.
|
|
|
|
--enable-random-daemon
|
|
Include support for a global random daemon and
|
|
build the daemon. This is an experimental feature.
|
|
|
|
--enable-mpi-path=EXTRA_PATH
|
|
Prepend EXTRA_PATH to list of CPU specific
|
|
optimizations. For example, if you want to add
|
|
optimizations forn a Intel Pentium 4 compatible
|
|
CPU, you may use
|
|
--enable-mpi-path=pentium4/sse2:pentium4/mmx
|
|
Take care: The generated library may crash on
|
|
non-compatible CPUs.
|
|
|
|
--enable-random=NAME
|
|
Force the use of the random gathering module
|
|
NAME. Default is either to use /dev/random or
|
|
the auto mode. Possible values for NAME are:
|
|
egd - Use the module which accesses the
|
|
Entropy Gathering Daemon. See the webpages
|
|
for more information about it.
|
|
unix - Use the standard Unix module which does not
|
|
have a very good performance.
|
|
linux - Use the module which accesses /dev/random.
|
|
This is the first choice and the default one
|
|
for GNU/Linux or *BSD.
|
|
auto - Compile linux, egd and unix in and
|
|
automagically select at runtime.
|
|
|
|
--enable-hmac-binary-check
|
|
Include support to check the binary at runtime
|
|
against a HMAC checksum. This works only in FIPS
|
|
mode and on systems providing the dladdr function.
|
|
|
|
--disable-padlock-support
|
|
Disable support for the PadLock engine of VIA
|
|
processors. The default is to use PadLock if
|
|
available. Try this if you get problems with
|
|
assembler code.
|
|
|
|
--disable-aesni-support
|
|
Disable support for the AES-NI instructions of
|
|
newer Intel CPUs. The default is to use AES-NI
|
|
if available. Try this if you get problems with
|
|
assembler code.
|
|
|
|
--disable-O-flag-munging
|
|
Some code is too complex for some compilers while
|
|
in higher optimization modes, thus the compiler
|
|
invocation is modified to use a lower
|
|
optimization level. Usually this works very well
|
|
but on some platforms these rules break the
|
|
invocation. This option may be used to disable
|
|
the feature under the assumption that either good
|
|
CFLAGS are given or the compiler can grok the code.
|
|
|
|
|
|
|
|
|
|
Build Problems
|
|
--------------
|
|
|
|
If you have a problem with a a certain release, please first check
|
|
the Release-info URL given in the NEWS file.
|
|
|
|
We can't check all assembler files, so if you have problems
|
|
assembling them (or the program crashes) use --disable-asm with
|
|
./configure. If you opt to delete individual replacement files in
|
|
hopes of using the remaining ones, be aware that the configure
|
|
scripts may consider several subdirectories to get all available
|
|
assembler files; be sure to delete the correct ones. Never delete
|
|
udiv-qrnnd.S in any CPU directory, because there may be no C
|
|
substitute (in mpi/genereic). Don't forget to delete
|
|
"config.cache" and run "./config.status --recheck". We got a few
|
|
reports about problems using versions of gcc earlier than 2.96
|
|
along with a non-GNU assembler (as). If this applies to your
|
|
platform, you can either upgrade gcc to a more recent version, or
|
|
use the GNU assembler.
|
|
|
|
Some make tools are broken - the best solution is to use GNU's
|
|
make. Try gmake or grab the sources from a GNU archive and
|
|
install them.
|
|
|
|
Specific problems on some machines:
|
|
|
|
* IBM RS/6000 running AIX
|
|
|
|
Due to a change in gcc (since version 2.8) the MPI stuff may
|
|
not build. In this case try to run configure using:
|
|
CFLAGS="-g -O2 -mcpu=powerpc" ./configure
|
|
|
|
* SVR4.2 (ESIX V4.2 cc)
|
|
|
|
Due to problems with the ESIX as(1), you probably want to do:
|
|
CFLAGS="-O -K pentium" ./configure --disable-asm
|
|
|
|
* SunOS 4.1.4
|
|
|
|
./configure ac_cv_sys_symbol_underscore=yes
|
|
|
|
* Sparc64 CPUs
|
|
|
|
We have reports about failures in the AES module when
|
|
compiling using gcc (e.g. version 4.1.2) and the option -O3;
|
|
using -O2 solves the problem.
|
|
|
|
|
|
License
|
|
-------
|
|
|
|
The library is distributed under the terms of the GNU Lesser
|
|
General Public License (LGPL); see the file COPYING.LIB for the
|
|
actual terms.
|
|
|
|
The helper programs as well as the documentation are distributed
|
|
under the terms of the GNU General Public License (GPL); see the
|
|
file COPYING for the actual terms.
|
|
|
|
The file LICENSES has notices about contributions that require
|
|
that these additional notices are distributed.
|
|
|
|
|
|
Contact
|
|
-------
|
|
|
|
See the file AUTHORS.
|
|
|
|
Commercial grade support for Libgcrypt is available; for a listing
|
|
of offers see https://www.gnupg.org/service.html .
|
|
|
|
Since 2001 maintenance and development of Libgcrypt is done by g10
|
|
Code GmbH and mostly financed by donations. g10 Code currently
|
|
employs 3 full-time developers and two contractors. They all work
|
|
on GnuPG and closely related software like Libgcrypt. Please
|
|
visit https://gnupg.org/donate/ to see how you can help.
|
|
|
|
This file is Free Software; as a special exception the authors gives
|
|
unlimited permission to copy and/or distribute it, with or without
|
|
modifications, as long as this notice is preserved. For conditions
|
|
of the whole package, please see the file COPYING. This file is
|
|
distributed in the hope that it will be useful, but WITHOUT ANY
|
|
WARRANTY, to the extent permitted by law; without even the implied
|
|
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|