Beyond Linux® From Scratch - Version 2012-01-16

Chapter 4. Security

nettle-2.4

Introduction to nettle

The nettle package is a low-level cryptographic library that is designed to fit easily in many contexts.

This package is known to build and work properly using an LFS-7.0 platform.

Package Information

User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/nettle

Installation of nettle

Install nettle by running the following commands: 

./configure --prefix=/usr &&
make

To test the results, issue: make check.

Now, as the root user: 

make install &&
install -v -m755 -d /usr/share/doc/nettle-2.4 &&
install -v -m644 nettle.html /usr/share/doc/nettle-2.4

Command Explanations

--enable-shared: This switch will ensure that shared, as well as static, libraries will be built. If you have linked the packages which use these libraries (gnutls and glib-networking, perhaps others) to the shared libraries, and ever have to rebuild libnettle to fix a vulnerability, you will not have to recompile those other applications.

Contents

Installed Programs: nettle-hash, nettle-lfib-stream, pkcs1-conv, and sexp-conv
Installed Library: libhogweed.a and libnettle.a : optionally, libhogweed.so and libnettle.so
Installed Directories: /usr/include/nettle

Short Descriptions

nettle-hash

calulates a hash value using a specified algorithm.

nettle-lfib-stream

outputs a sequence of pseudorandom (non-cryptographic) bytes, using Knuth's lagged fibonacci generator. The stream is useful for testing, but should not be used to generate cryptographic keys or anything else that needs real randomness.

pkcs1-conv

converts private and public RSA keys from PKCS #1 format to sexp format.

sexp-conv

converts an s-expression to a different encoding.

Last updated on 2012-01-04 20:05:25 +0000