Building instructions for Rhel7

[rob-baron]

I just wanted to leave a note saying that I compiled Obliv-C for Rhel7.

Basic outline:

1) Install a fairly complete Ocaml environment.  I used './ocamlbrew -v 4.05.0 -b /app/ocaml -x' to set
up the initial environment then 'opam switch 4.06.1' to use a more recent version of ocaml.

2) Had to build libgcrypt from source as the one that yum installs has elliptic curve functions
and types removed over possible patent concerns by redhat legal.

3) Added the these options '-std=c99 -D_POSIX_C_SOURCE=200112L -D_BSD_SOURCE' to
CFLAGS.

---- longer version ---- 1) Obliv-c requires C99 (the -std=c99 flag) Adding "-std=c99 -D_POSIX_C_SOURCE=200112L -D_BSD_SOURCE" to CFLAGS addressed the following errors:

   src/ext/oblivc/obliv_bits.c:233:35: error: dereferencing pointer to incomplete type
   for(iter=list;iter!=NULL && iter->ai_family!=AF_INET;iter=iter->ai_next);
                               ^
   src/ext/oblivc/obliv_bits.c:233:65: error: dereferencing pointer to incomplete type
   for(iter=list;iter!=NULL && iter->ai_family!=AF_INET;iter=iter->ai_next);

2) rebuilding libgcrypt:

  Got the following error with the default libgcrypt:

      src/ext/oblivc/ot.c:29:1: error: unknown type name 'gcry_mpi_point_t'
      static gcry_mpi_point_t DHg;           // The group generator of order q

      src/ext/oblivc/ot.c: In function 'dhRandomInitAux':
      src/ext/oblivc/ot.c:60:3: error: unknown type name 'gcry_ctx_t'
      gcry_ctx_t DHCurve;

      src/ext/oblivc/ot.c:62:3: warning: implicit declaration of function 'gcry_mpi_ec_new' [-Wimplicit-function-declaration]
       gcry_mpi_ec_new(&DHCurve,NULL,DHCurveName);

       src/ext/oblivc/ot.c:63:3: warning: implicit declaration of function 'gcry_mpi_ec_get_point' [-Wimplicit-function-declaration]
       DHg = gcry_mpi_ec_get_point("g",DHCurve,1);

      src/ext/oblivc/ot.c:64:3: warning: implicit declaration of function 'gcry_mpi_ec_get_mpi' [-Wimplicit-function-declaration]
      DHModQ = gcry_mpi_ec_get_mpi("n",DHCurve,1);

      src/ext/oblivc/ot.c:122:3: warning: implicit declaration of function 'dhDeserialize' [-Wimplicit-function-declaration]
      dhDeserialize(&x,buf);

      src/ext/oblivc/ot.c:214:3: warning: implicit declaration of function 'gcry_mpi_ec_mul' [-Wimplicit-function-declaration]
      gcry_mpi_ec_mul(s->gr,s->r,DHg,s->ctx);

It seems the libgcrypt that is shipped with Rhel7 and Fedora has the elliptical curve cipher and functions stripped from it to not violate patents. Obliv-C uses the underlying elliptical curve functions so we need to build libgcrypt from source. What follows are the basic steps I took to build libgcrypt.

1. but as libgcrypt and libgpg-error are built with more recent autoconf/automake tools: need to update autoconf and automake

   Using automake-1.15.tar.gz as automake-1.16.tar.gz does not build easily.

   Also update libtoolize:

2. Build the libgpg-error library (this also requires: 'yum install -y texi2html texinfo'):

   git clone https://github.com/gpg/libgpg-error.git
   cd libgpg-error 
   autoconf
   autoheader
   automake
   ./configure
   cd doc                     # this is kind weird that you have to do this 
   make stamp-vti      #    <----
   cd ..
   make
   make check 
   make install
   

3. Build the libgcrypt library

   git clone https://github.com/gpg/libgcrypt.git
   autoreconf --force --install
   automake
   ./configure
   make
   

4. Build Obliv-C setting libgcrypt/include to the .h files that libgcrypt installs.

   opam switch 4.06.1 eval opam config env git clone https://github.com/samee/obliv-c.git
   cd /app/obliv-c
   ./configure CFLAGS=' -I/libgcrpyt/include -O2 -std=c99 -D_POSIX_C_SOURCE=200112L -D_BSD_SOURCE '
   make CFLAGS=' -I/libgcrypt/include -O2 -std=c99 -D_POSIX_C_SOURCE=200112L -D_BSD_SOURCE ' \

5. To run be sure to set the LD_LIBRARY_PATH to point to the correct libgcrypt.

Also, I don't recommend replacing the shipped libgcrypt with the compiled version as this prevented the login from working on my development system.

[samee]

Thanks a lot. Since you seem to have the system already up and running, can you print out some of the error messages that led you to the fixes? That way someone searching for the messages can be led here.

And about elliptic curve, do you think it would be simpler if Obliv-C switched to curve 25519?

[rob-baron]

Considering the warnings/errors elliptical curve function definitions and the types not being there, I suspect that no elliptical curves will work with the shipped version of libgcrypt.