openabe icon indicating copy to clipboard operation
openabe copied to clipboard

Published 20 hours ago verified publisher icon zeutro

Build with BP_WITH_OPENSSL fails - missing bp.h

Open mouse07410 opened this issue 4 years ago • 4 comments

OpenSSL-1.1.1 and 3.0 (and 1.0.2 - I checked) do not have bp.h header file.

src/include/openabe/zml/zelement.h tries to include bp.h. which fails:

/Applications/Xcode.app/Contents/Developer/usr/bin/make -C src
CXX11FLAGS: -std=c++11 -I/Users/ur20980/src/openabe-mouse/deps/root/include -I/Users/ur20980/src/openabe-mouse/src -I/Users/ur20980/src/openabe-mouse/root/include -std=c++11 -I/opt/local/include -stdlib=libc++ -DGTEST_USE_OWN_TR1_TUPLE=1 -Wno-deprecated -pthread -Wall -fstrict-overflow -Wsign-compare -g -O2  -DSSL_LIB_INIT -DBP_WITH_OPENSSL 
mkdir -p /Users/ur20980/src/openabe-mouse/root/include/openabe
cp -r include/openabe/* /Users/ur20980/src/openabe-mouse/root/include/openabe
clang++ -I/Users/ur20980/src/openabe-mouse/deps/root/include -I/Users/ur20980/src/openabe-mouse/src -I/Users/ur20980/src/openabe-mouse/root/include -std=c++11 -I/opt/local/include -stdlib=libc++ -DGTEST_USE_OWN_TR1_TUPLE=1 -Wno-deprecated -pthread -Wall -fstrict-overflow -Wsign-compare -g -O2  -DSSL_LIB_INIT -DBP_WITH_OPENSSL -c zobject.cpp
In file included from zobject.cpp:39:
In file included from /Users/ur20980/src/openabe-mouse/root/include/openabe/openabe.h:120:
/Users/ur20980/src/openabe-mouse/root/include/openabe/zml/zelement.h:43:10: fatal error: 'openssl/bp.h' file not found
#include <openssl/bp.h>
         ^~~~~~~~~~~~~~
1 error generated.
make[1]: *** [zobject.o] Error 1

How to trigger this bug:

$ . ./env
$ export ZML_LIB="with_openssl"
$ make
. . . . .
[ observe the above error message ]

Seems the same as #15, only with more details. ;-)

@jakinyele any help here? Is ZML_LIB="with_openssl" deprecated? Because I don't see how this can even compile, and OpenSSL stopped providing openssl/bp.h header file (and the rest of support) way before v1.0.2. So, this must be a really old relict.

mouse07410 avatar Sep 23 '20 02:09 mouse07410

Oh, great point Uri @mouse07410! Yeah, you'll have to compile with https://github.com/zeutro/openssl (fork of v1.0.2 I vaguely recall). This fork includes a somewhat slower implementation of BN-254 (compared to RELIC).

jakinyele avatar Sep 23 '20 22:09 jakinyele

Yeah, you'll have to compile with https://github.com/zeutro/openssl (fork of v1.0.2 I vaguely recall)

@jakinyele I see, thank you. In fact, based on deps/openssl/download_openssl.sh, it appears to be OpenSSL-1.1.1:

 # openssl with BP support
if [[ $CMD == "with-bp" ]]; then
   LINK=https://github.com/zeutro/openssl
   VERSION=1.1.1-dev-bp
   echo "Clone github repo @ ${LINK}"
   git clone -b patch ${LINK} openssl-${VERSION}.git
   cd openssl-${VERSION}.git
else
   LINK=https://github.com/openssl/openssl
   VERSION=1.1.1-dev
   echo "Clone github repo @ ${LINK}"
   git clone ${LINK} openssl-${VERSION}.git
   cd openssl-${VERSION}.git
   git reset --hard ${COMMIT}
fi

It would be great if you could update README.md and clarify the build parameters. Especially, what dependencies must be pulled and re-built by openabe, and what could be installed outside of it.

Would you consider "packaging" your BP implementation, so that instead of pulling your entire OpenSSL fork (which I do not want to do), I could just pull the BP stuff and compile it against my already-installed OpenSSL?

mouse07410 avatar Sep 24 '20 02:09 mouse07410

@mouse07410 right, v1.1.1 and will update the README. I think we could repackage the BP implementation as a source code patch of OpenSSL v1.1.1 so you can recompile against your already-installed OpenSSL version. Will see if this approach could work with other versions as well.

jakinyele avatar Sep 24 '20 17:09 jakinyele

. . . repackage the BP implementation as a source code patch of OpenSSL . . .

Thank you!

Might I suggest that the ideal solution would be repackaging as an add-on rather than a patch that requires OpenSSL source code modification?

Will see if this approach could work with other versions as well

IMHO, the only two versions worth worrying about are the current stable 1.1.1, and the upcoming 3.0.

Update

Clarification: I mean - if I have a binary installation of OpenSSL (say, 1.1.1), I'd like to be able to compile your source BP package against it (linking against libcrypto.so, or libcrypto.dylib), as a part of openabe build. My main point is that I would prefer not to have to deal with or modify OpenSSL sources. Compiling openabe and BP form sources is perfectly OK, IMHO.

mouse07410 avatar Sep 24 '20 18:09 mouse07410