OPENABE |
C++庫 依賴庫: Openssl 1.1.1 Relic 0.5.0 Flex 2.5.37 Gtest 1.8.0 Gmp 6.0.0 bison 3.4 Commits on Mar 31, 2019 |
最開始參考github編譯三個平臺(Linux、Android、Windows)的客戶端,陸續弄了超過兩個星期才把三個端編譯出來,從現在的角度來看,其實遠不需要這麼久,主要還是花在了交叉編譯的摸索和解決編譯問題上面;
1、開啓ZML_LIB=with_openssl和-DBP_WITH_OPENSSL兩個宏定義,可以減少OPENABE的對Relic、Gmp庫的依賴,這樣在Android和Windows的編譯上面會減少很多時間,如果開啓這兩個宏定義,則OPENABE只需要依賴OPENSSL和Flex兩個庫;
2、Windows的編譯不使用msys2工具鏈進行編譯,單獨創建OPENABE的LIB工程,導入代碼然後編譯,這樣編譯出來的庫才能被其他WIndows的庫使用;
3、Android端C++庫的使用,會出現很多奇怪的編譯連接錯誤,這個花了不少時間:
一般是編譯的.a庫時鏈接的c++標準模板庫,與使用.a庫時,鏈接的c++標準模板庫類型不同導致的,谷歌官網上專門解釋了各種類型的c++標準模板庫,可以參考:https://developer.android.google.cn/ndk/guides/standalone_toolchain。
下面是兩種c++模板庫的使用
使用c++_static
(1)Application.mk的配置
APP_STL := c++_static
(2)NDK安裝
$android_ndk_path/build/tools/make-standalone-toolchain.sh" \
--platform=$android_version \
--toolchain=arm-linux-androideabi-${android_ndk_version} \
--install-dir=$android_target_ndk_path \
--stl=libc++ \
--arch=arm
使用gnu++
(1)Application.mk的配置
#APP_STL := gnustl_static
APP_STL := gnustl_shared
APP_CPPFLAGS += -std=gnu++11
(2)NDK安裝
${android_ndk_path}/build/tools/make-standalone-toolchain.sh" \
--platform=$android_version \
--toolchain=aarch64-linux-android-${android_ndk_version} \
--install-dir=$android_target_ndk_path \
--stl=gnustl
另外,需要修改src/Makefile文件,以適應Android端的編譯:
ifndef ANDROID_CC
include ../Makefile.common
else
DEPS_INSTALL_ZROOT = $(ZROOT)/deps/root
OABE_LIB_ROOT = $(ZROOT)/root/lib
INCLUDE_ROOT = $(ZROOT)/root/include
# Include locations
# Dependencies (C/C++)
# Local includes (for generated headers from bison/flex)
CXXFLAGS = $(ANDROID_CXXFLAGS)
CCFLAGS = $(ANDROID_CCFLAGS)
#PTHREAD_LIB = -lpthread
# Other flags
#CXXFLAGS += -lpthread
# Warnings/errors, for now turn off one warning as this makes ztk unusable
#CXXFLAGS += -Wall
# Avoid integer overflow issues with these flags
# -Wtype-limits
#CXXFLAGS += -fstrict-overflow -Wsign-compare
# Add debug symbols (we must remove these in a production build)
#CXXFLAGS += -g -O2
SHFLAGS = -shared -fPIC
SHLIB = so
# Common includes (C/C++)
CCFLAGS += -I$(INCLUDE_ROOT) -I$(ZROOT)/src
#-std=gnu++11 -std=c++11 or -std=gnu++11
#CXXFLAGS += -I$(INCLUDE_ROOT) -I$(INCLUDE_ROOT) -std=c++11 -frtti -DANDROID_STL=c++_shared
CXXFLAGS += -I$(INCLUDE_ROOT) -I$(INCLUDE_ROOT) -std=c++11 -frtti -fPIC
# -shared
LDFLAGS = $(ANDROID_LIBS) -shared
CFLAGS += $(ANDROID_CCFLAGS) -fPIC
LDFLAGS += -L$(DEPS_INSTALL_ZROOT)/lib -L$(OABE_LIB_ROOT)
OPENSSL_ZML = -DSSL_LIB_INIT
# Zeutro Math library config: RELIC vs OPENSSL
#OPENSSL_ZML += -DBP_WITH_OPENSSL
CXXFLAGS += $(OPENSSL_ZML)
CCFLAGS += $(OPENSSL_ZML)
RELIC_LIB = -lrelic -lrelic_ec
GMP_LIB = -lgmp
SSL_LIB = -lssl
CRYPTO_LIB = -lcrypto
RELIC_G =
OLD_GPP = 1
ifeq ($(ZML_LIB), with_openssl)
# openssl-only build for math ops
OPENSSL_ZML += -DBP_WITH_OPENSSL
CXXFLAGS += $(OPENSSL_ZML)
CCFLAGS += -g -O2 $(OPENSSL_ZML)
else
# relic-only build for math ops
CXXFLAGS += $(OPENSSL_ZML)
CCFLAGS += -g -O2 $(OPENSSL_ZML) $(ADD_CFLAGS)
OABELDLIBS = $(RELIC_LIB)
OABELDSHLIBS = $(RELIC_LIB)
endif
#CCFLAGS += $(OPENSSL_ZML) $(ADD_CFLAGS)
#OABELDLIBS = $(RELIC_LIB)
#OABELDSHLIBS = $(RELIC_LIB)
# remaining deps
OABELDLIBS += $(SSL_LIB) $(CRYPTO_LIB)
OABELDSHLIBS += $(SSL_LIB) $(CRYPTO_LIB)
SHLIB_PATH = $(LDFLAGS)
endif
#PROGRAMS = test_libopenabe test_zml test_zml1 test_zml2 test_policy test_abe test_pke test_ske test_zsym test_keystore bench_libopenabe profile_libopenabe fuzz_policy fuzz_attrlist
PROGRAMS = test_libopenabe
在env腳本中增加ANDROID_CC的宏定義:
export ZML_LIB=with_openssl
# Setup environment for Android.
if [ $# -eq 2 ]; then
ANDROID_NDK_ROOT=$1
TOOLCHAIN=$2
export ANDROID_LIBS="-pie -L${ANDROID_NDK_ROOT}/sources/cxx-stl/gnu-libstdc++/4.9/libs/armeabi -llog -fexceptions -frtti -L${TOOLCHAIN}/sysroot/usr/lib "
export LDFLAGS="-pie -L${ANDROID_NDK_ROOT}/sources/cxx-stl/gnu-libstdc++/4.9/libs/armeabi -llog -fexceptions -frtti -L${TOOLCHAIN}/sysroot/usr/lib "
export CXX="${TOOLCHAIN}/bin/arm-linux-androideabi-g++"
export CC="${TOOLCHAIN}/bin/arm-linux-androideabi-gcc"
export ANDROID_CC="${TOOLCHAIN}/bin/arm-linux-androideabi-gcc"
export ANDROID_CXXFLAGS="-DANDROID=1 -I${ANDROID_NDK_ROOT}/sources/cxx-stl/gnu-libstdc++/4.9/include -I${ANDROID_NDK_ROOT}/sources/cxx-stl/gnu-libstdc++/4.9/libs/armeabi/include -I${ANDROID_NDK_ROOT}/sources/cxx-stl/system/include -I${ANDROID_NDK_ROOT}/platforms/android-14/arch-arm/usr/include -I${TOOLCHAIN}/sysroot/usr/include -D__ANDROID_API__=19 -fPIE -fPIC "
CXXFLAGS=" -DANDROID=1 -D__STDC_LIMIT_MACROS -D__STDC_CONSTANT_MACROS -I${ANDROID_NDK_ROOT}/sources/cxx-stl/gnu-libstdc++/4.9/include -I${ANDROID_NDK_ROOT}/sources/cxx-stl/gnu-libstdc++/4.9/libs/armeabi/include -I${ANDROID_NDK_ROOT}/sources/cxx-stl/system/include -I${ANDROID_NDK_ROOT}/platforms/android-14/arch-arm/usr/include -I${TOOLCHAIN}/sysroot/usr/include -D__ANDROID_API__=19 -fPIE -fPIC"
export ANDROID_CCFLAGS="-I${TOOLCHAIN}/sysroot/usr/include -D__ANDROID_API__=19 -fPIE -fPIC "
CCFLAGS="-I${TOOLCHAIN}/sysroot/usr/include -D__ANDROID_API__=19 -fPIE -fPIC "
export AR="${TOOLCHAIN}/bin/arm-linux-androideabi-ar"
export LD="${TOOLCHAIN}/bin/arm-linux-androideabi-ld"
export RANLIB="$TOOLCHAIN/bin/arm-linux-androideabi-ranlib"
fi
這裏面開啓的一些宏是用來解決特定的編譯錯誤,比方-D__ANDROID_API__=19 用來解決stderr找不到的問題,-fPIE -fPIC 解決鏈接生成so時出現textalign的錯誤;
OpenABE代碼的類圖關係和關鍵字段關係:
類圖:
MPK/MSK/密文/屬性私鑰中各字段的關係
MPK |
MSK |
屬性私鑰 |
密文 |
|
g1 |
alpha |
input (屬性列表) |
ABE 密文 對策略進行加密,並使用改策略對原文進行對稱加密使用的密鑰K進行保護 |
原文密文 |
g2 |
g2a |
K (g2^\alpha * (g2^{a})^t) |
M = r || K |
IV |
g1a |
|
L (g2^t) |
policy |
CT |
A(e(g1, g2)^\alpha) |
|
KX_attr1的hash值 KX_{attribute} = hash_to_G1(attribute)^t |
Cprime (g1^s) |
Tag |
k |
|
|
D[i] = g2^{ri} |
|
|
|
|
C[i] = g1a^{share_i} * hash_to_G1(attribute)^{-r} |
|
|
|
|
_ED(y = y XOR M) |
|