aboutsummaryrefslogtreecommitdiffstats
path: root/doc/building.rst
diff options
context:
space:
mode:
Diffstat (limited to 'doc/building.rst')
-rw-r--r--doc/building.rst456
1 files changed, 456 insertions, 0 deletions
diff --git a/doc/building.rst b/doc/building.rst
new file mode 100644
index 000000000..cc6f0af5d
--- /dev/null
+++ b/doc/building.rst
@@ -0,0 +1,456 @@
+
+Building The Library
+=================================
+
+This document describes how to build Botan on Unix/POSIX and MS
+Windows systems. The POSIX oriented descriptions should apply to most
+common Unix systems (including MacOS X), along with POSIX-ish systems
+like BeOS, QNX, and Plan 9. Currently, systems other than Windows and
+POSIX (such as VMS, MacOS 9, OS/390, OS/400, ...) are not supported by
+the build system, primarily due to lack of access. Please contact the
+maintainer if you would like to build Botan on such a system.
+
+Botan's build is controlled by configure.py, which is a `Python
+<http://www.python.org>`_ script. Python 2.5 or later is required.
+
+For the impatient, this works for most systems::
+
+ $ ./configure.py [--prefix=/some/directory]
+ $ make
+ $ make check
+ $ make install
+
+Or using ``nmake``, if you're compiling on Windows with Visual C++. On
+platforms that do not understand the '#!' convention for beginning
+script files, or that have Python installed in an unusual spot, you
+might need to prefix the ``configure.py`` command with ``python`` or
+``/path/to/python``::
+
+ $ python ./configure.py [arguments]
+
+Configuring the Build
+---------------------------------
+
+The first step is to run ``configure.py``, which is a Python script
+that creates various directories, config files, and a Makefile for
+building everything. The script requires at least Python 2.5; any
+later version of Python 2.x should also work. Python 3.1 will also
+work but requires an extra step; see :ref:`configure_with_python3` for
+details.
+
+The script will attempt to guess what kind of system you are trying to
+compile for (and will print messages telling you what it guessed).
+You can override this process by passing the options ``--cc``,
+``--os``, and ``--cpu``.
+
+You can pass basically anything reasonable with ``--cpu``: the script
+knows about a large number of different architectures, their
+sub-models, and common aliases for them. You should only select the
+64-bit version of a CPU (such as "sparc64" or "mips64") if your
+operating system knows how to handle 64-bit object code - a 32-bit
+kernel on a 64-bit CPU will generally not like 64-bit code.
+
+By default the script tries to figure out what will work on your
+system, and use that. It will print a display at the end showing which
+algorithms have and have not been enabled. For instance on one system
+we might see lines like::
+
+ INFO: Skipping, by request only - bzip2 gnump openssl qt_mutex zlib
+ INFO: Skipping, incompatible CPU - aes_intel aes_ssse3 asm_x86_64 mp_asm64 mp_x86_64 sha1_x86_64
+ INFO: Skipping, incompatible OS - beos_stats cryptoapi_rng win32_crit_section win32_stats
+ INFO: Skipping, incompatible compiler - mp_msvc64 mp_x86_32_msvc
+
+The ones that are skipped because they are 'by request only' have to
+be explicitly asked for, because they rely on third party libraries
+which your system might not have or that you might not want the
+resulting binary to depend on. For instance to enable zlib support,
+add ``--with-zlib`` to your invocation of ``configure.py``.
+
+You can control which algorithms and modules are built using the
+options ``--enable-modules=MODS`` and ``--disable-modules=MODS``, for
+instance ``--enable-modules=zlib`` and ``--disable-modules=rc5,idea``.
+Modules not listed on the command line will simply be loaded if needed
+or if configured to load by default. If you use ``--no-autoload``,
+only the most core modules will be included; you can then explicitly
+enable things that you want to use with ``--enable-modules``. This is
+useful for creating a minimal build targeting to a specific
+application, especially in conjunction with the amalgamation option;
+see :ref:`amalgamation`.
+
+For instance::
+
+ $ ./configure.py --no-autoload --enable-modules=rsa,ecdsa,eme1,emsa1,emsa4
+
+will set up a build that only includes RSA, ECDSA, and some padding
+modes, along with their dependencies. A small subset of core features,
+including AES, SHA-2, HMAC, and the multiple precision integer
+library, are always loaded.
+
+The script tries to guess what kind of makefile to generate, and it
+almost always guesses correctly (basically, Visual C++ uses NMAKE with
+Windows commands, and everything else uses Unix make with POSIX
+commands). Just in case, you can override it with
+``--make-style=somestyle``. The styles Botan currently knows about are
+'unix' (normal Unix makefiles), and 'nmake', the make variant commonly
+used by Windows compilers. To add a new variant (eg, a build script
+for VMS), you will need to create a new template file in
+``src/build-data/makefile``.
+
+On Unix
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The basic build procedure on Unix and Unix-like systems is::
+
+ $ ./configure.py [--enable-modules=<list>] [--cc=CC]
+ $ make
+ # You may need to set your LD_LIBRARY_PATH or equivalent for ./check to run
+ $ make check # optional, but a good idea
+ $ make install
+
+On Unix systems the script will default to using GCC; use
+``--cc`` if you want something else. For instance use
+``--cc=icc`` for Intel C++ and ``--cc=clang`` for Clang.
+
+The ``make install`` target has a default directory in which it
+will install Botan (typically ``/usr/local``). You can override
+this by using the ``--prefix`` argument to
+``configure.py``, like so:
+
+``./configure.py --prefix=/opt <other arguments>``
+
+On some systems shared libraries might not be immediately visible to
+the runtime linker. For example, on Linux you may have to edit
+``/etc/ld.so.conf`` and run ``ldconfig`` (as root) in
+order for new shared libraries to be picked up by the linker. An
+alternative is to set your ``LD_LIBRARY_PATH`` shell variable
+to include the directory that the Botan libraries were installed into.
+
+On Mac OS X
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+In general the Unix instructions above should apply, however OS X does
+not support ``LD_LIBRARY_PATH``. Thomas Keller suggests instead
+running ``install_name_tool`` between building and running the
+self-test program::
+
+ $ VERSION=1.10.0 # or whatever the current version is
+ $ install_name_tool -change $(otool -X -D libbotan-$VERSION.dylib) \
+ $PWD/libbotan-$VERSION.dylib check
+
+Building Universal Binaries
+&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
+
+To build a universal binary for OS X, some simple modifications are
+required. First, create a CPU type for the target universalbinary,
+one that doesn't specify any special handlers. This is done by
+creating an empty file in src/build-data/arch::
+
+ $ touch src/build-data/arch/universalbinary.txt
+
+and then adding a special target for it in gcc, by adding the line::
+
+ universalbinary -> "-force_cpusubtype_ALL -mmacosx-version-min=10.4 -arch i386 -arch ppc"
+
+in the section marked `<mach_abi_linking>` in
+`src/build-data/cc/gcc.txt`. Then configure with::
+
+ $ ./configure.py --cpu=universalbinary [other options here]
+
+
+On MS Windows
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+If you don't want to deal with building botan on Windows, check the
+website; commonly prebuilt Windows binaries with installers are
+available, especially for stable versions.
+
+You need to have a copy of Python installed, and have both Python and
+your chosen compiler in your path. Open a command shell (or the SDK
+shell), and run::
+
+ > python configure.py --cc=msvc (or --cc=gcc for MinGW) [--cpu=CPU]
+ > nmake
+ > nmake check # optional, but recommended
+ > nmake install
+
+For Win95 pre OSR2, the ``cryptoapi_rng`` module will not work,
+because CryptoAPI didn't exist. And all versions of NT4 lack the
+ToolHelp32 interface, which is how ``win32_stats`` does its slow
+polls, so a version of the library built with that module will not
+load under NT4. Later versions of Windows support both methods, so
+this shouldn't be much of an issue anymore.
+
+By default the install target will be ``C:\botan``; you can modify
+this with the ``--prefix`` option.
+
+When building your applications, all you have to do is tell the
+compiler to look for both include files and library files in
+``C:\botan``, and it will find both. Or you can move them to a
+place where they will be in the default compiler search paths (consult
+your documentation and/or local expert for details).
+
+Other Build-Related Tasks
+----------------------------------------
+
+.. _building_docs:
+
+Building The Documentation
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+There are two documentation options available, Sphinx and Doxygen.
+Sphinx will be used if ``sphinx-build`` is detected in the PATH, or if
+``--with-sphinx`` is used at configure time. Doxygen is only enabled
+if ``--with-doxygen`` is used. Both are generated by the makefile
+target ``docs``.
+
+
+.. _amalgamation:
+
+The Amalgamation Build
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+You can also configure Botan to be built using only a single source
+file; this is quite convenient if you plan to embed the library into
+another application. To do so, run ``configure.py`` with whatever
+arguments you would ordinarily use, along with the option
+``--gen-amalgamation``. This will create two (rather large) files,
+``botan_all.h`` and ``botan_all.cpp``.
+
+Whenever you would have included a botan header, you can then include
+``botan_all.h``, and include ``botan_all.cpp`` along with the rest of
+the source files in your build. If you want to be able to easily
+switch between amalgamated and non-amalgamated versions (for instance
+to take advantage of prepackaged versions of botan on operating
+systems that support it), you can instead ignore ``botan_all.h`` and
+use the headers from ``build/include`` as normal.
+
+You can also build the library as normal but using the amalgamation
+instead of the individual source files using ``--via-amalgamation``.
+This is essentially a very simple form of link time optimization;
+because the entire library source is visible to the compiler, it has
+more opportunities for interprocedural optimizations.
+
+Modules Relying on Third Party Libraries
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+There are a fairly large number of modules included with Botan. Some
+of these are extremely useful, while others are only necessary in very
+unusual circumstances. Most are loaded (or not) automatically as
+necessary, but some require external libraries are thus must be
+enabled at build time; these include:
+
+ - ``--with-bzip2`` enables the filters providing bzip2 compression
+ and decompression. Requires the bzip2 development libraries to be
+ installed.
+
+ - ``--with-zlib`` enables the filters providing zlib compression
+ and decompression. Requires the zlib development libraries to be
+ installed.
+
+ - ``--with-gnump`` adds an alternative engine for public key
+ cryptography that uses the GNU MP library. GNU MP 4.1 or later is
+ required.
+
+ - ``--with-openssl`` adds an engine that uses OpenSSL for some public
+ key operations and ciphers/hashes. OpenSSL 0.9.7 or later is
+ required. Note that OpenSSL's versions are not always faster than
+ the versions built into botan.
+
+Multiple Builds
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+It may be useful to run multiple builds with different
+configurations. Specify ``--build-dir=<dir>`` to set up a build
+environment in a different directory.
+
+.. _configure_with_python3:
+
+Configuring the Build With Python 3.1
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The versions of Python beginning with 3 are (intentionally)
+incompatible with the (currently more common) 2.x series. If you want
+to use Python 3.1 to set up the build, you'll have to use the
+``2to3`` program (included in the Python distribution) on the
+script; this will convert the script to the Python 3.x dialect::
+
+ $ python ./configure.py
+ File "configure.py", line 860
+ except KeyError, e:
+ ^
+ SyntaxError: invalid syntax
+ $ # incompatible python version, let's fix it
+ $ 2to3 -w configure.py
+ [...]
+ RefactoringTool: Files that were modified:
+ RefactoringTool: configure.py
+ $ python ./configure.py
+ [...]
+
+Setting Distribution Info
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The build allows you to set some information about what distribution
+this build of the library comes from. It is particularly relevant to
+people packaging the library for wider distribution, to signify what
+distribution this build is from. Applications can test this value by
+checking the string value of the macro ``BOTAN_DISTRIBUTION_INFO``. It
+can be set using the ``--distribution-info`` flag to ``configure.py``,
+and otherwise defaults to "unspecified". For instance, a `Gentoo
+<http://www.gentoo.org>`_ ebuild might set it with
+``--distribution-info="Gentoo ${PVR}"`` where ``${PVR}`` is an ebuild
+variable automatically set to a combination of the library and ebuild
+versions.
+
+Local Configuration Settings
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+You may want to do something peculiar with the configuration; to
+support this there is a flag to ``configure.py`` called
+``--with-local-config=<file>``. The contents of the file are
+inserted into ``build/build.h`` which is (indirectly) included
+into every Botan header and source file.
+
+Configuration Parameters
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+There are some configuration parameters which you may want to tweak
+before building the library. These can be found in ``config.h``. This
+file is overwritten every time the configure script is run (and does
+not exist until after you run the script for the first time).
+
+Also included in ``build/build.h`` are macros which let applications
+check which features are included in the current version of the
+library. All of them begin with ``BOTAN_HAS_``. For example, if
+``BOTAN_HAS_BLOWFISH`` is defined, then an application can include
+``<botan/blowfish.h>`` and use the Blowfish class.
+
+``BOTAN_MP_WORD_BITS``: This macro controls the size of the words used
+for calculations with the MPI implementation in Botan. You can choose
+8, 16, 32, or 64. Normally this defaults to either 32 or 64, depending
+on the processor. Unless you are building for a 8 or 16-bit CPU, this
+isn't worth messing with.
+
+``BOTAN_DEFAULT_BUFFER_SIZE``: This constant is used as the size of
+buffers throughout Botan. The default should be fine for most
+purposes, reduce if you are very concerned about runtime memory usage.
+
+Building Applications
+----------------------------------------
+
+Unix
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Botan usually links in several different system libraries (such as
+``librt`` and ``libz``), depending on which modules are
+configured at compile time. In many environments, particularly ones
+using static libraries, an application has to link against the same
+libraries as Botan for the linking step to succeed. But how does it
+figure out what libraries it *is* linked against?
+
+The answer is to ask the ``botan-config`` script. This
+basically solves the same problem all the other ``*-config``
+scripts solve, and in basically the same manner.
+
+There are 4 options:
+
+``--prefix[=DIR]``: If no argument, print the prefix where Botan
+is installed (such as ``/opt`` or ``/usr/local``). If an
+argument is specified, other options given with the same command will
+execute as if Botan as actually installed at ``DIR`` and not
+where it really is; or at least where ``botan-config`` thinks
+it really is. I should mention that it
+
+``--version``: Print the Botan version number.
+
+``--cflags``: Print options that should be passed to the compiler
+whenever a C++ file is compiled. Typically this is used for setting
+include paths.
+
+``--libs``: Print options for which libraries to link to (this includes
+``-lbotan``).
+
+Your ``Makefile`` can run ``botan-config`` and get the
+options necessary for getting your application to compile and link,
+regardless of whatever crazy libraries Botan might be linked against.
+
+Botan also by default installs a file for ``pkg-config``,
+namespaced by the major and minor versions. So it can be used,
+for instance, as::
+
+ $ pkg-config botan-1.10 --modversion
+ 1.10.0
+ $ pkg-config botan-1.10 --cflags
+ -I/usr/local/include
+ $ pkg-config botan-1.10 --libs
+ -L/usr/local/lib -lbotan -lm -lbz2 -lpthread -lrt
+
+MS Windows
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+No special help exists for building applications on Windows. However,
+given that typically Windows software is distributed as binaries, this
+is less of a problem - only the developer needs to worry about it. As
+long as they can remember where they installed Botan, they just have
+to set the appropriate flags in their Makefile/project file.
+
+Language Wrappers
+----------------------------------------
+
+Building the Python wrappers
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The Python wrappers for Botan use Boost.Python, so you must have Boost
+installed. To build the wrappers, pass the flag
+``--with-boost-python`` to ``configure.py``. This will create a second
+makefile, ``Makefile.python``, with instructions for building the
+Python module. After building the library, execute::
+
+ $ make -f Makefile.python
+
+to build the module. Currently only Unix systems are supported, and
+the Makefile assumes that the version of Python you want to build
+against is the same one you used to run ``configure.py``.
+
+To install the module, use the ``install`` target.
+
+See :doc:`Python Bindings <python>` for more information about the
+binding.
+
+Building the Perl XS wrappers
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+To build the Perl XS wrappers, change your directory to
+``src/wrap/perl-xs`` and run ``perl Makefile.PL``, then run
+``make`` to build the module and ``make test`` to run the test
+suite::
+
+ $ perl Makefile.PL
+ Checking if your kit is complete...
+ Looks good
+ Writing Makefile for Botan
+ $ make
+ cp Botan.pm blib/lib/Botan.pm
+ AutoSplitting blib/lib/Botan.pm (blib/lib/auto/Botan)
+ /usr/bin/perl5.8.8 /usr/lib64/perl5/5.8.8/ExtUtils/xsubpp [...]
+ g++ -c -Wno-write-strings -fexceptions -g [...]
+ Running Mkbootstrap for Botan ()
+ chmod 644 Botan.bs
+ rm -f blib/arch/auto/Botan/Botan.so
+ g++ -shared Botan.o -o blib/arch/auto/Botan/Botan.so \
+ -lbotan -lbz2 -lpthread -lrt -lz \
+
+ chmod 755 blib/arch/auto/Botan/Botan.so
+ cp Botan.bs blib/arch/auto/Botan/Botan.bs
+ chmod 644 blib/arch/auto/Botan/Botan.bs
+ Manifying blib/man3/Botan.3pm
+ $ make test
+ PERL_DL_NONLAZY=1 /usr/bin/perl5.8.8 [...]
+ t/base64......ok
+ t/filt........ok
+ t/hex.........ok
+ t/oid.........ok
+ t/pipe........ok
+ t/x509cert....ok
+ All tests successful.
+ Files=6, Tests=83, 0 wallclock secs ( 0.08 cusr + 0.02 csys = 0.10 CPU)