| Libgcrypt - The GNU Crypto Library | |
| ------------------------------------ | |
| Version 1.4.6 | |
| Copyright 2000, 2002, 2003, 2004, 2007, 2008, | |
| 2009, 2010 Free Software Foundation, Inc. | |
| This file is free software; as a special exception the author gives | |
| unlimited permission to copy and/or distribute it, with or without | |
| modifications, as long as this notice is preserved. | |
| This file is distributed in the hope that it will be useful, but | |
| WITHOUT ANY WARRANTY, to the extent permitted by law; without even the | |
| implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | |
| Overview | |
| -------- | |
| Libgcrypt is a general purpose crypto library based on the code | |
| used in GnuPG. Libgcrypt depends on the library `libgpg-error', | |
| which must be installed correctly before Libgcrypt is to be built. | |
| Libgcrypt is distributed under the LGPL, see the section "License" | |
| below for details. | |
| Build Instructions | |
| ------------------ | |
| The download canonical location for libgcrypt is: | |
| ftp://ftp.gnupg.org/gcrypt/libgcrypt/ | |
| To build libgcrypt you need libgpg-error: | |
| ftp://ftp.gnupg.org/gcrypt/libgpg-error/ | |
| You should get the latest versions of course. | |
| After building and installing the libgpg-error package, you may | |
| continue with Libgcrypt installation As with allmost all GNU | |
| packages, you just have to do | |
| ./configure | |
| make | |
| make check | |
| make install | |
| The "make check" is not required but a good idea to see whether | |
| the library works as expected. The check takes some while and | |
| prints some benchmarking results. Before doing "make install" you | |
| probably need to become root. | |
| To build libgcrypt for Microsoft Windows, you need to have the | |
| mingw32 cross-building toolchain installed. Instead of running a | |
| plain configure you use | |
| ./autogen.sh --build-w32 | |
| make | |
| make install | |
| By default this command sequences expectsd a libgpg-error | |
| installed below $HOME/w32root and installs libgcrypt to that | |
| directory too. See the autogen.sh code for details. | |
| The documentation is available as an Info file (gcrypt.info). To | |
| build documentation in PDF, run this: | |
| cd doc | |
| make pdf | |
| Mailing List | |
| ------------ | |
| You may want to join the developer's mailing list | |
| gcrypt-devel@gnupg.org by sending mail with a subject of | |
| "subscribe" to gcrypt-devel-request@gnupg.org. An archive of this | |
| list is available at http://lists.gnupg.org . | |
| Configure options | |
| ----------------- | |
| Here is a list of configure options which are sometimes useful | |
| for installation. | |
| --enable-m-guard | |
| Enable the integrated malloc checking code. Please | |
| note that this feature does not work on all CPUs | |
| (e.g. SunOS 5.7 on UltraSparc-2) and might give | |
| you a bus error. | |
| --disable-asm | |
| Do not use assembler modules. It is not possible | |
| to use this on some CPU types. | |
| --enable-ld-version-script | |
| Libgcrypt tries to build a library where internal | |
| symbols are not exported. This requires support | |
| from ld and is currently enabled for a few OSes. | |
| If you know that your ld supports the so called | |
| ELF version scripts, you can use this option to | |
| force its use. OTOH, if you get error message | |
| from the linker, you probably want to use this | |
| option to disable the use of version scripts. | |
| Note, that you should never ever use an | |
| undocumented symbol or one which is prefixed with | |
| an underscore. | |
| --enable-ciphers=list | |
| --enable-pubkey-ciphers=list | |
| --enable-digests=list | |
| If not otherwise specified, all algorithms | |
| included in the libgcrypt source tree are built. | |
| An exception are algorithms, which depend on | |
| features not provided by the system, like 64bit | |
| data types. With these switches it is possible | |
| to select exactly those algorithm modules, which | |
| should be built. The algorithms are to be | |
| separated by spaces, commas or colons. To view | |
| the list used with the current build the program | |
| tests/version may be used. | |
| --disable-endian-check | |
| Don't let configure test for the endianness but | |
| try to use the OS provided macros at compile | |
| time. This is helpful to create OS X fat binaries. | |
| --enable-random-daemon | |
| Include support for a global random dawmon and | |
| build the daemon. This is an experimental feature. | |
| --enable-mpi-path=EXTRA_PATH | |
| Prepend EXTRA_PATH to list of CPU specific | |
| optimizations. For example, if you want to add | |
| optimizations forn a Intel Pentium 4 compatible | |
| CPU, you may use | |
| --enable-mpi-path=pentium4/sse2:pentium4/mmx | |
| Take care: The generated library may crash on | |
| non-compatible CPUs. | |
| --enable-random=NAME | |
| Force the use of the random gathering module | |
| NAME. Default is either to use /dev/random or | |
| the auto mode. Possible values for NAME are: | |
| egd - Use the module which accesses the | |
| Entropy Gathering Daemon. See the webpages | |
| for more information about it. | |
| unix - Use the standard Unix module which does not | |
| have a very good performance. | |
| linux - Use the module which accesses /dev/random. | |
| This is the first choice and the default one | |
| for GNU/Linux or *BSD. | |
| auto - Compile linux, egd and unix in and | |
| automagically select at runtime. | |
| --enable-hmac-binary-check | |
| Include support to check the binary at runtime | |
| against a HMAC checksum. This works only in FIPS | |
| mode and on systems providing the dladdr function. | |
| --disable-padlock-support | |
| Disable support for the PadLock engine of VIA | |
| processors. The default is to use PadLock if | |
| available. Try this if you get problems with | |
| assembler code. | |
| --disable-O-flag-munging | |
| Some code is too complex for some compilers while | |
| in higher optimization modes, thus the compiler | |
| invocation is modified to use a lower | |
| optimization level. Usually this works very well | |
| but on some platforms these rules break the | |
| invocation. This option may be used to disable | |
| the feature under the assumption that either good | |
| CFLAGS are given or the compiler can grok the code. | |
| Build Problems | |
| -------------- | |
| We can't check all assembler files, so if you have problems | |
| assembling them (or the program crashes) use --disable-asm with | |
| ./configure. If you opt to delete individual replacement files in | |
| hopes of using the remaining ones, be aware that the configure | |
| scripts may consider several subdirectories to get all available | |
| assembler files; be sure to delete the correct ones. Never delete | |
| udiv-qrnnd.S in any CPU directory, because there may be no C | |
| substitute (in mpi/genereic). Don't forget to delete | |
| "config.cache" and run "./config.status --recheck". We got a few | |
| reports about problems using versions of gcc earlier than 2.96 | |
| along with a non-GNU assembler (as). If this applies to your | |
| platform, you can either upgrade gcc to a more recent version, or | |
| use the GNU assembler. | |
| Some make tools are broken - the best solution is to use GNU's | |
| make. Try gmake or grab the sources from a GNU archive and | |
| install them. | |
| Specific problems on some machines: | |
| * IBM RS/6000 running AIX | |
| Due to a change in gcc (since version 2.8) the MPI stuff may | |
| not build. In this case try to run configure using: | |
| CFLAGS="-g -O2 -mcpu=powerpc" ./configure | |
| * SVR4.2 (ESIX V4.2 cc) | |
| Due to problems with the ESIX as(1), you probably want to do: | |
| CFLAGS="-O -K pentium" ./configure --disable-asm | |
| * SunOS 4.1.4 | |
| ./configure ac_cv_sys_symbol_underscore=yes | |
| * Sparc64 CPUs | |
| We have reports about failures in the AES module when | |
| compiling using gcc (e.g. version 4.1.2) and the option -O3; | |
| using -O2 solves the problem. | |
| License | |
| ------- | |
| The library is distributed under the terms of the GNU Lesser | |
| General Public License (LGPL); see the file COPYING.LIB for the | |
| actual terms. The helper programs (e.g. gcryptrnd and getrandom) | |
| as well as the documentation are distributed under the terms of | |
| the GNU General Public License (GPL); see the file COPYING for the | |
| actual terms. | |
| This library used to be available under the GPL - this was changed | |
| with version 1.1.7 with the rationale that there are now many free | |
| crypto libraries available and many of them come with capabilities | |
| similar to Libcrypt. We decided that to foster the use of | |
| cryptography in Free Software an LGPLed library would make more | |
| sense because it avoids problems due to license incompatibilities | |
| between some Free Software licenses and the GPL. | |
| Please note that in many cases it is better for a library to be | |
| licensed under the GPL, so that it provides an advantage for free | |
| software projects. The Lesser GPL is so named because it does | |
| less to protect the freedom of the users of the code that it | |
| covers. See http://www.gnu.org/philosophy/why-not-lgpl.html for | |
| more explanation. | |
| Contact | |
| ------- | |
| See the file AUTHORS. | |
| Commercial grade support for Libgcrypt is available; please see | |
| http://www.gnupg.org/service.html . | |
| This file is Free Software; as a special exception the authors gives | |
| unlimited permission to copy and/or distribute it, with or without | |
| modifications, as long as this notice is preserved. For conditions | |
| of the whole package, please see the file COPYING. This file is | |
| distributed in the hope that it will be useful, but WITHOUT ANY | |
| WARRANTY, to the extent permitted by law; without even the implied | |
| warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | |