A DMP-mitigation ready, printf-modified fork of libSodium
libNa is derived directly from libSodium, with all printf(%s) statements systematically replaced by printf(%c).
This repository demonstrates secure build and deployment with Splitting Secret.
To build libNa from source with DMP mitigation:
-
Clone and enter this repository:
git clone https://github.com/dmp-mitigation/libNa.git cd libNa -
Set required environment variables:
DMP_LLVM: Path to your DMP_LLVM build directory.DMP_RT: Path to your DMP Runtime (DMP_RT) repository.
echo $DMP_LLVM # Should output the path to DMP_LLVM build directory echo $DMP_RT # Should output the path to DMP_RT repository
-
Build with Clang and DMP options:
env CC=$DMP_LLVM/bin/clang \ CFLAGS="-lstdc++ -mavx2 -Dsecure=1 -mllvm -smalloc -mllvm -smalloc-mem -mllvm -enable-secure-spill -I$DMP_RT/include/ -L$DMP_RT/lib -lslibc -lsmalloc -lssyscall -Wl,--rpath,$DMP_RT/lib" \ make
This project inherits the ISC License from the original libSodium.