Gaming Linux® From Scratch - Version #815840

Chapter 8. Basic X11 Software

Nettle-4.0

Introduction to Nettle

The Nettle package contains a low-level cryptographic library that is designed to fit easily in many contexts.

Installation of Nettle

Install Nettle by running the following commands: 

./configure --prefix=/usr --disable-static &&
make

Now, as the root user: 

make install &&
chmod -v 755 /usr/lib/lib{hogweed,nettle}.so

If you want to, install the documentation as the root user: 

install -vdm755 /usr/share/doc/nettle-4.0 &&
install -vDm644 nettle.{html,pdf} -t /usr/share/doc/nettle-4.0/

lib32 Installation of Nettle

Install lib32-Nettle by running the following commands: 

make distclean &&
CC="gcc -m32" CXX="g++ -m32"         \
CFLAGS+=" -I/usr/include/m32"        \
CXXFLAGS+=" -I/usr/include/m32"      \
PKG_CONFIG_PATH=/usr/lib32/pkgconfig \
./configure --prefix=/usr            \
            --libdir=/usr/lib32      \
            --host=i686-pc-linux-gnu \
            --disable-static &&

make

Now as the root user: 

make DESTDIR=$PWD/DESTDIR install     &&
cp -vr DESTDIR/usr/lib32/* /usr/lib32 &&
rm -rf DESTDIR                        &&
ldconfig                              &&
chmod -v 755 /usr/lib32/lib{hogweed,nettle}.so

Command Explanations

Note

Run ./configure --help for a full list of options.

--disable-static: This switch prevents installation of static versions of the libraries.

Contents

Installed Programs: nettle-hash, nettle-lfib-stream, nettle-pbkdf2, pkcs1-conv, and sexp-conv
Installed Libraries: libhogweed and libnettle
Installed Directory: /usr/include/nettle and /usr/share/doc/nettle-4.0

Short Descriptions

nettle-hash

calculates a hash value using a specified algorithm

nettle-lfib-stream

outputs a sequence of pseudorandom (non-cryptographic) bytes, using Knuth's lagged fibonacci generator. The stream is useful for testing, but should not be used to generate cryptographic keys or anything else that needs real randomness

nettle-pbkdf2

is a password-based key derivation function that takes a password or a passphrase as input and returns a strengthened password, which is protected against pre-computation attacks by using salting and other expensive computations.

pkcs1-conv

converts private and public RSA keys from PKCS #1 format to sexp format

sexp-conv

converts an s-expression to a different encoding