Libgcrypt - The GNU Crypto Library

		   ------------------------------------

                             Version 1.6

       Copyright (C) 1989,1991-2015 Free Software Foundation, Inc.

       Copyright (C) 2012-2015 g10 Code GmbH

       Copyright (C) 2013-2015 Jussi Kivilinna

    Libgcrypt is free software.  See the file AUTHORS for full copying

    notices, and LICENSES for notices about contributions that require

    these additional notices to be distributed.

    Overview

    --------

    Libgcrypt is a general purpose crypto library based on the code

    used in GnuPG.  Libgcrypt depends on the library `libgpg-error',

    which must be installed correctly before Libgcrypt is to be built.

    Libgcrypt is distributed under the LGPL, see the section "License"

    below for details.

    Build Instructions

    ------------------

    The download canonical location for libgcrypt is:

      ftp://ftp.gnupg.org/gcrypt/libgcrypt/

    To build libgcrypt you need libgpg-error:

      ftp://ftp.gnupg.org/gcrypt/libgpg-error/

    You should get the latest versions of course.

    After building and installing the libgpg-error package, you may

    continue with Libgcrypt installation as with allmost all GNU

    packages, you just have to do

       ./configure

       make

       make check

       make install

    The "make check" is not required but a good idea to see whether

    the library works as expected.  The check takes some while and

    prints some benchmarking results.  Before doing "make install" you

    probably need to become root.

    To build libgcrypt for Microsoft Windows, you need to have the

    mingw32 cross-building toolchain installed.  Instead of running a

    plain configure you use

      ./autogen.sh --build-w32

      make

      make install

    By default this command sequences expectsd a libgpg-error

    installed below $HOME/w32root and installs libgcrypt to that

    directory too.  See the autogen.sh code for details.

    The documentation is available as an Info file (gcrypt.info).  To

    build documentation in PDF, run this:

      cd doc

      make pdf

    Mailing List

    ------------

    You may want to join the developer's mailing list

    gcrypt-devel@gnupg.org by sending mail with a subject of

    "subscribe" to gcrypt-devel-request@gnupg.org.  An archive of this

    list is available at http://lists.gnupg.org .

    Configure options

    -----------------

    Here is a list of configure options which are sometimes useful

    for installation.

     --enable-large-data-tests

                     With this option a "make check" will take really

                     long due to extra checks for the hash algorithms.

     --enable-m-guard

                     Enable the integrated malloc checking code. Please

                     note that this feature does not work on all CPUs

                     (e.g. SunOS 5.7 on UltraSparc-2) and might give

                     you a bus error.

     --disable-asm

                     Do not use assembler modules.  It is not possible

                     to use this on some CPU types.

     --enable-ld-version-script

                     Libgcrypt tries to build a library where internal

                     symbols are not exported.  This requires support

                     from ld and is currently enabled for a few OSes.

                     If you know that your ld supports the so called

                     ELF version scripts, you can use this option to

                     force its use.  OTOH, if you get error message

                     from the linker, you probably want to use this

                     option to disable the use of version scripts.

                     Note, that you should never ever use an

                     undocumented symbol or one which is prefixed with

                     an underscore.

     --enable-ciphers=list

     --enable-pubkey-ciphers=list

     --enable-digests=list

                     If not otherwise specified, all algorithms

                     included in the libgcrypt source tree are built.

		     An exception are algorithms, which depend on

		     features not provided by the system, like 64bit

		     data types.  With these switches it is possible

                     to select exactly those algorithm modules, which

		     should be built.  The algorithms are to be

                     separated by spaces, commas or colons.  To view

                     the list used with the current build the program

                     tests/version may be used.

     --disable-endian-check

                     Don't let configure test for the endianness but

                     try to use the OS provided macros at compile

                     time.  This is helpful to create OS X fat binaries.

     --enable-random-daemon

                     Include support for a global random daemon and

                     build the daemon.  This is an experimental feature.

     --enable-mpi-path=EXTRA_PATH

                     Prepend EXTRA_PATH to list of CPU specific

                     optimizations.  For example, if you want to add

                     optimizations forn a Intel Pentium 4 compatible

                     CPU, you may use

                        --enable-mpi-path=pentium4/sse2:pentium4/mmx

                     Take care: The generated library may crash on

                     non-compatible CPUs.

     --enable-random=NAME

                     Force the use of the random gathering module

		     NAME.  Default is either to use /dev/random or

		     the auto mode.  Possible values for NAME are:

		       egd - Use the module which accesses the

			     Entropy Gathering Daemon. See the webpages

			     for more information about it.

		      unix - Use the standard Unix module which does not

			     have a very good performance.

		     linux - Use the module which accesses /dev/random.

			     This is the first choice and the default one

			     for GNU/Linux or *BSD.

                      auto - Compile linux, egd and unix in and

                             automagically select at runtime.

     --enable-hmac-binary-check

                     Include support to check the binary at runtime

                     against a HMAC checksum.  This works only in FIPS

                     mode and on systems providing the dladdr function.

     --disable-padlock-support

                     Disable support for the PadLock engine of VIA

                     processors.  The default is to use PadLock if

                     available.  Try this if you get problems with

                     assembler code.

     --disable-aesni-support

                     Disable support for the AES-NI instructions of

                     newer Intel CPUs.  The default is to use AES-NI

                     if available.  Try this if you get problems with

                     assembler code.

     --disable-O-flag-munging

                     Some code is too complex for some compilers while

                     in higher optimization modes, thus the compiler

                     invocation is modified to use a lower

                     optimization level.  Usually this works very well

                     but on some platforms these rules break the

                     invocation.  This option may be used to disable

                     the feature under the assumption that either good

                     CFLAGS are given or the compiler can grok the code.

    Build Problems

    --------------

    We can't check all assembler files, so if you have problems

    assembling them (or the program crashes) use --disable-asm with

    ./configure.  If you opt to delete individual replacement files in

    hopes of using the remaining ones, be aware that the configure

    scripts may consider several subdirectories to get all available

    assembler files; be sure to delete the correct ones.  Never delete

    udiv-qrnnd.S in any CPU directory, because there may be no C

    substitute (in mpi/genereic).  Don't forget to delete

    "config.cache" and run "./config.status --recheck".  We got a few

    reports about problems using versions of gcc earlier than 2.96

    along with a non-GNU assembler (as).  If this applies to your

    platform, you can either upgrade gcc to a more recent version, or

    use the GNU assembler.

    Some make tools are broken - the best solution is to use GNU's

    make.  Try gmake or grab the sources from a GNU archive and

    install them.

    Specific problems on some machines:

      * IBM RS/6000 running AIX

	Due to a change in gcc (since version 2.8) the MPI stuff may

	not build. In this case try to run configure using:

	    CFLAGS="-g -O2 -mcpu=powerpc" ./configure

      * SVR4.2 (ESIX V4.2 cc)

        Due to problems with the ESIX as(1), you probably want to do:

            CFLAGS="-O -K pentium" ./configure --disable-asm

      * SunOS 4.1.4

         ./configure ac_cv_sys_symbol_underscore=yes

      * Sparc64 CPUs

        We have reports about failures in the AES module when

        compiling using gcc (e.g. version 4.1.2) and the option -O3;

        using -O2 solves the problem.

    License

    -------

    The library is distributed under the terms of the GNU Lesser

    General Public License (LGPL); see the file COPYING.LIB for the

    actual terms.  The helper programs (e.g. gcryptrnd and getrandom)

    as well as the documentation are distributed under the terms of

    the GNU General Public License (GPL); see the file COPYING for the

    actual terms.  The file LICENSES has notices about contributions

    that require these additional notices are distributed.

    This library used to be available under the GPL - this was changed

    with version 1.1.7 with the rationale that there are now many free

    crypto libraries available and many of them come with capabilities

    similar to Libcrypt.  We decided that to foster the use of

    cryptography in Free Software an LGPLed library would make more

    sense because it avoids problems due to license incompatibilities

    between some Free Software licenses and the GPL.

    Please note that in many cases it is better for a library to be

    licensed under the GPL, so that it provides an advantage for free

    software projects.  The Lesser GPL is so named because it does

    less to protect the freedom of the users of the code that it

    covers.  See http://www.gnu.org/philosophy/why-not-lgpl.html for

    more explanation.

    Contact

    -------

    See the file AUTHORS.

    Commercial grade support for Libgcrypt is available; please see

    http://www.gnupg.org/service.html .

    Commercial grade support for Libgcrypt is available; for a listing

    of offers see http://www.gnupg.org/service.html .  The driving

    force behind the development of Libgcrypt is the company of its

    principal author, Werner Koch.  Maintenance and improvement of

    Libgcrypt takes up a lot resources.  To allow him to continue his

    work, he asks to either purchase a support contract, engage them

    for custom enhancements, or to donate money.  See http://g10code.com .

  This file is Free Software; as a special exception the authors gives

  unlimited permission to copy and/or distribute it, with or without

  modifications, as long as this notice is preserved. For conditions

  of the whole package, please see the file COPYING.  This file is

  distributed in the hope that it will be useful, but WITHOUT ANY

  WARRANTY, to the extent permitted by law; without even the implied

  warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.