README.txt 4.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778
  1. /*
  2. * Copyright (C) 2006-2023 wolfSSL Inc.
  3. *
  4. * This file is part of wolfSSL.
  5. *
  6. * wolfSSL is free software; you can redistribute it and/or modify
  7. * it under the terms of the GNU General Public License as published by
  8. * the Free Software Foundation; either version 2 of the License, or
  9. * (at your option) any later version.
  10. *
  11. * wolfSSL is distributed in the hope that it will be useful,
  12. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14. * GNU General Public License for more details.
  15. *
  16. * You should have received a copy of the GNU General Public License
  17. * along with this program; if not, write to the Free Software
  18. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  19. */
  20. /*
  21. Created to use intel's IPP see their license for linking to intel's IPP library
  22. */
  23. ##BUILDING ON 64BIT MAC OSX
  24. Tested and developed on MAC OSX linking to IPP v9.0
  25. for me exporting the IPP library was needed. As an example it was
  26. export DYLD_LIBRARY_PATH="/opt/intel/ipp/lib"
  27. first go to the root wolfssl dir and run ./autogen.sh && ./configure it with desired settings then make. This is to set up the define options and wolfssl library for the user crypto to link to.
  28. Then go to the wolfssl/user-crypto directory and run ./autogen.sh && ./configure then make make install this creates a usercrypto library to use
  29. Finally go back to the root wolfssl directory and follow these build instructions
  30. building wolfSSL add CPPFLAGS=-I/opt/intel/ipp/include for finding the IPP include files
  31. An example build would be
  32. ./configure --with-user-crypto CPPFLAGS=-I/opt/intel/ipp/include --enable-lighty
  33. ##BUILDING IN 32BIT UBUNTU
  34. Tested on UBUNTU 32 bit linking to IPP v9.0
  35. for me exporting the IPP library. As an example it was
  36. export LD_LIBRARY_PATH="/opt/intel/ipp/lib/ia32_lin/:$LD_LIBRARY_PATH"
  37. first go to the root wolfssl dir and configure it with desired settings and make install. This is to set up the define options and wolfssl library for the user crypto to link to.
  38. For me on Ubuntu the IPP libraries had been installed into /opt/intel/ipp/lib/ia32_lin/ so the ./configure LDFLAGS=-L/opt/intel/ipp/lib/ia32_lin was needed to be looking at that directory.
  39. Run make && make install from the directory wolfssl_root/wolfssl/user-crypto/ this creates a usercrypto library to use
  40. Finally go back to the root wolfssl directory and follow these build instructions
  41. building wolfSSL add CPPFLAGS=-I/opt/intel/ipp/include for finding the IPP include files
  42. ./configure --with-user-crypto=root_wolfssl/wolfssl/user-crypto CPPFLAGS=-I/opt/intel/ipp/include (plus any desired additional flags)
  43. ##THINGS TO CHECK FOR IF NOT ABLE TO LINK WITH USERCRYPTO LIB
  44. Check that the path has been exported for the IPP library. If usercrypto is unable to use the function to init an RSA key then the link to it will fail in configure. Check for this by $DYLD_LIBRARY_PATH on mac or $LD_LIBRARY_PATH on ubuntu. If the directory for the Intel IPP libraries are not displayed than use "export DYLD_LIBRARY_PATH=path_to_ipp_libraries:$DYLD_LIBRARY_PATH".
  45. ##CREATING OWN RSA CRYPTO PLUGIN
  46. It is required to have a header file named user_rsa.h. This is what is looked for by wolfssl/wolfcrypt/rsa.h and should contain the user defined rsa key struct.
  47. It is required to have a library called usercrypto. This is linked to when configuring wolfSSL with the option --with-user-crypto
  48. It is required when compiled with RSA cert generation to have key struct elements named n and e containing the corresponding big numbers. And the three helper functions to work with the big numbers. These functions are called by wolfcrypt/src/asn.c when working with certificates.
  49. To view the needed functions look at wolfssl/wolfcrypt/rsa.h they will be extern functions surrounded by HAVE_USER_RSA define.
  50. Cert Generation for other sign and verify such as ECC are not yet supported.
  51. When building with openssl compatibility layer extra developent needs to be done, having the two functions SetRsaExernal and SetRsaInternal
  52. wolfSSL does not take responsibility for the strength of security of third party cryptography libraries plugged in by the user.