OPENABE | C++库 依赖库: Openssl 1.1.1 Relic 0.5.0 Flex 2.5.37 Gtest 1.8.0 Gmp 6.0.0 bison 3.4 Commits on Mar 31, 2019 |
最开始参考github编译三个平台(Linux、Android、Windows)的客户端,陆续弄了超过两个星期才把三个端编译出来,从现在的角度来看,其实远不需要这么久,主要还是花在了交叉编译的摸索和解决编译问题上面;
1、开启ZML_LIB=with_openssl和-DBP_WITH_OPENSSL两个宏定义,可以减少OPENABE的对Relic、Gmp库的依赖,这样在Android和Windows的编译上面会减少很多时间,如果开启这两个宏定义,则OPENABE只需要依赖OPENSSL和Flex两个库;
2、Windows的编译不使用msys2工具链进行编译,单独创建OPENABE的LIB工程,导入代码然后编译,这样编译出来的库才能被其他WIndows的库使用;
3、Android端C++库的使用,会出现很多奇怪的编译连接错误,这个花了不少时间:
一般是编译的.a库时链接的c++标准模板库,与使用.a库时,链接的c++标准模板库类型不同导致的,谷歌官网上专门解释了各种类型的c++标准模板库,可以参考:https://developer.android.google.cn/ndk/guides/standalone_toolchain。
下面是两种c++模板库的使用
使用c++_static
(1)Application.mk的配置
APP_STL := c++_static
(2)NDK安装
$android_ndk_path/build/tools/make-standalone-toolchain.sh" \
--platform=$android_version \
--toolchain=arm-linux-androideabi-${android_ndk_version} \
--install-dir=$android_target_ndk_path \
--stl=libc++ \
--arch=arm
使用gnu++
(1)Application.mk的配置
#APP_STL := gnustl_static
APP_STL := gnustl_shared
APP_CPPFLAGS += -std=gnu++11
(2)NDK安装
${android_ndk_path}/build/tools/make-standalone-toolchain.sh" \
--platform=$android_version \
--toolchain=aarch64-linux-android-${android_ndk_version} \
--install-dir=$android_target_ndk_path \
--stl=gnustl
另外,需要修改src/Makefile文件,以适应Android端的编译:
ifndef ANDROID_CC
include ../Makefile.common
else
DEPS_INSTALL_ZROOT = $(ZROOT)/deps/root
OABE_LIB_ROOT = $(ZROOT)/root/lib
INCLUDE_ROOT = $(ZROOT)/root/include
# Include locations
# Dependencies (C/C++)
# Local includes (for generated headers from bison/flex)
CXXFLAGS = $(ANDROID_CXXFLAGS)
CCFLAGS = $(ANDROID_CCFLAGS)
#PTHREAD_LIB = -lpthread
# Other flags
#CXXFLAGS += -lpthread
# Warnings/errors, for now turn off one warning as this makes ztk unusable
#CXXFLAGS += -Wall
# Avoid integer overflow issues with these flags
# -Wtype-limits
#CXXFLAGS += -fstrict-overflow -Wsign-compare
# Add debug symbols (we must remove these in a production build)
#CXXFLAGS += -g -O2
SHFLAGS = -shared -fPIC
SHLIB = so
# Common includes (C/C++)
CCFLAGS += -I$(INCLUDE_ROOT) -I$(ZROOT)/src
#-std=gnu++11 -std=c++11 or -std=gnu++11
#CXXFLAGS += -I$(INCLUDE_ROOT) -I$(INCLUDE_ROOT) -std=c++11 -frtti -DANDROID_STL=c++_shared
CXXFLAGS += -I$(INCLUDE_ROOT) -I$(INCLUDE_ROOT) -std=c++11 -frtti -fPIC
# -shared
LDFLAGS = $(ANDROID_LIBS) -shared
CFLAGS += $(ANDROID_CCFLAGS) -fPIC
LDFLAGS += -L$(DEPS_INSTALL_ZROOT)/lib -L$(OABE_LIB_ROOT)
OPENSSL_ZML = -DSSL_LIB_INIT
# Zeutro Math library config: RELIC vs OPENSSL
#OPENSSL_ZML += -DBP_WITH_OPENSSL
CXXFLAGS += $(OPENSSL_ZML)
CCFLAGS += $(OPENSSL_ZML)
RELIC_LIB = -lrelic -lrelic_ec
GMP_LIB = -lgmp
SSL_LIB = -lssl
CRYPTO_LIB = -lcrypto
RELIC_G =
OLD_GPP = 1
ifeq ($(ZML_LIB), with_openssl)
# openssl-only build for math ops
OPENSSL_ZML += -DBP_WITH_OPENSSL
CXXFLAGS += $(OPENSSL_ZML)
CCFLAGS += -g -O2 $(OPENSSL_ZML)
else
# relic-only build for math ops
CXXFLAGS += $(OPENSSL_ZML)
CCFLAGS += -g -O2 $(OPENSSL_ZML) $(ADD_CFLAGS)
OABELDLIBS = $(RELIC_LIB)
OABELDSHLIBS = $(RELIC_LIB)
endif
#CCFLAGS += $(OPENSSL_ZML) $(ADD_CFLAGS)
#OABELDLIBS = $(RELIC_LIB)
#OABELDSHLIBS = $(RELIC_LIB)
# remaining deps
OABELDLIBS += $(SSL_LIB) $(CRYPTO_LIB)
OABELDSHLIBS += $(SSL_LIB) $(CRYPTO_LIB)
SHLIB_PATH = $(LDFLAGS)
endif
#PROGRAMS = test_libopenabe test_zml test_zml1 test_zml2 test_policy test_abe test_pke test_ske test_zsym test_keystore bench_libopenabe profile_libopenabe fuzz_policy fuzz_attrlist
PROGRAMS = test_libopenabe
在env脚本中增加ANDROID_CC的宏定义:
export ZML_LIB=with_openssl
# Setup environment for Android.
if [ $# -eq 2 ]; then
ANDROID_NDK_ROOT=$1
TOOLCHAIN=$2
export ANDROID_LIBS="-pie -L${ANDROID_NDK_ROOT}/sources/cxx-stl/gnu-libstdc++/4.9/libs/armeabi -llog -fexceptions -frtti -L${TOOLCHAIN}/sysroot/usr/lib "
export LDFLAGS="-pie -L${ANDROID_NDK_ROOT}/sources/cxx-stl/gnu-libstdc++/4.9/libs/armeabi -llog -fexceptions -frtti -L${TOOLCHAIN}/sysroot/usr/lib "
export CXX="${TOOLCHAIN}/bin/arm-linux-androideabi-g++"
export CC="${TOOLCHAIN}/bin/arm-linux-androideabi-gcc"
export ANDROID_CC="${TOOLCHAIN}/bin/arm-linux-androideabi-gcc"
export ANDROID_CXXFLAGS="-DANDROID=1 -I${ANDROID_NDK_ROOT}/sources/cxx-stl/gnu-libstdc++/4.9/include -I${ANDROID_NDK_ROOT}/sources/cxx-stl/gnu-libstdc++/4.9/libs/armeabi/include -I${ANDROID_NDK_ROOT}/sources/cxx-stl/system/include -I${ANDROID_NDK_ROOT}/platforms/android-14/arch-arm/usr/include -I${TOOLCHAIN}/sysroot/usr/include -D__ANDROID_API__=19 -fPIE -fPIC "
CXXFLAGS=" -DANDROID=1 -D__STDC_LIMIT_MACROS -D__STDC_CONSTANT_MACROS -I${ANDROID_NDK_ROOT}/sources/cxx-stl/gnu-libstdc++/4.9/include -I${ANDROID_NDK_ROOT}/sources/cxx-stl/gnu-libstdc++/4.9/libs/armeabi/include -I${ANDROID_NDK_ROOT}/sources/cxx-stl/system/include -I${ANDROID_NDK_ROOT}/platforms/android-14/arch-arm/usr/include -I${TOOLCHAIN}/sysroot/usr/include -D__ANDROID_API__=19 -fPIE -fPIC"
export ANDROID_CCFLAGS="-I${TOOLCHAIN}/sysroot/usr/include -D__ANDROID_API__=19 -fPIE -fPIC "
CCFLAGS="-I${TOOLCHAIN}/sysroot/usr/include -D__ANDROID_API__=19 -fPIE -fPIC "
export AR="${TOOLCHAIN}/bin/arm-linux-androideabi-ar"
export LD="${TOOLCHAIN}/bin/arm-linux-androideabi-ld"
export RANLIB="$TOOLCHAIN/bin/arm-linux-androideabi-ranlib"
fi
这里面开启的一些宏是用来解决特定的编译错误,比方-D__ANDROID_API__=19 用来解决stderr找不到的问题,-fPIE -fPIC 解决链接生成so时出现textalign的错误;
OpenABE代码的类图关系和关键字段关系:
类图:
MPK/MSK/密文/属性私钥中各字段的关系
MPK | MSK | 属性私钥 | 密文 | |
g1 | alpha | input (属性列表) | ABE 密文 对策略进行加密,并使用改策略对原文进行对称加密使用的密钥K进行保护 | 原文密文 |
g2 | g2a | K (g2^\alpha * (g2^{a})^t) | M = r || K | IV |
g1a |
| L (g2^t) | policy | CT |
A(e(g1, g2)^\alpha) |
| KX_attr1的hash值 KX_{attribute} = hash_to_G1(attribute)^t | Cprime (g1^s) | Tag |
k |
|
| D[i] = g2^{ri} |
|
|
|
| C[i] = g1a^{share_i} * hash_to_G1(attribute)^{-r} |
|
|
|
| _ED(y = y XOR M) |
|