I've given up trying to get around the fedora changes - I also found that the binary in the bitcoin master linux build works on my current Fedora 20
(but I'm dropping using fedora soon anyway and going with another linux distro - too many version updates for no reason and no LTS style version between all the updates, and I'm sick of fedora forcing you to do stuff because they want the average "I don't know linux" user to only do what they want them to do)
Topic: Bounty : OpenSSL with EC for Fedora/RH/CentOS : 3.6 BTC (Read 13659 times)
Im building version k on Fedora21. It builds ok but doesnt change the links or update anything in /lib like its supposed to when you do a "sudo make install". I had to pull k from fedora22 area. Version j, supplied for fedora21 just wont build. All sources of course coming from openssl.org. Only the RPM BUILD area has the proper links to change for /lib but Im getting a build error on EC, even though Ive changed the spec file as youve said to ENABLE it.
I moved the openssl version k source tarball to override the "hobbled" sources.There is no "USA" file. Im still getting an error when Im using the full sources.
Fedora is making this an ongoing nightmare. Debian distros ignore this fact completely and ship NON-free openssl by default, so this issue does not apply to them(but maybe it SHOULD?).
ERROR(using makefile modification, same as without it):
EXCEPTION: 9 key_error
CKey::CKey() : EC_KEY_new_by_curve_name failed
bitcoin in Runaway exception
I moved the openssl version k source tarball to override the "hobbled" sources.There is no "USA" file. Im still getting an error when Im using the full sources.
Fedora is making this an ongoing nightmare. Debian distros ignore this fact completely and ship NON-free openssl by default, so this issue does not apply to them(but maybe it SHOULD?).
ERROR(using makefile modification, same as without it):
EXCEPTION: 9 key_error
CKey::CKey() : EC_KEY_new_by_curve_name failed
bitcoin in Runaway exception
Well it was all OK up to 1.0.0k ... but then redhat changed the libraries around somewhere between 1.0.0k and 1.0.1e
Rather than sort that out and have to do more editing ...
... instead of building an RPM with a dynamic library, you can simply just build the full versions and link static:
get the latest official openssl
extract it
cd openssl-1.0.1e (or whatever version you grabbed)
./config
make
pwd <- remember this (*A)
Next get bitcoin whatever version
extract it
cd bitcoin-0.8.3-linux/src/src (or whatever version you grabbed)
cp makefile.unix makefile
vim makefile
add at the top:
DSSL = /home/whatever/openssl-1.0.1e <- this is (*A)
ISSL = $(DSSL)/include
OPENSSL_LIB_PATH = $(DSSL)
OPENSSL_INCLUDE_PATH = $(ISSL)
save it then:
make
(there is of course a bunch of other stuff required to compile bitcoind, but the point of this post is how to simply get around the EC restrictions)
Rather than sort that out and have to do more editing ...
... instead of building an RPM with a dynamic library, you can simply just build the full versions and link static:
get the latest official openssl
extract it
cd openssl-1.0.1e (or whatever version you grabbed)
./config
make
pwd <- remember this (*A)
Next get bitcoin whatever version
extract it
cd bitcoin-0.8.3-linux/src/src (or whatever version you grabbed)
cp makefile.unix makefile
vim makefile
add at the top:
DSSL = /home/whatever/openssl-1.0.1e <- this is (*A)
ISSL = $(DSSL)/include
OPENSSL_LIB_PATH = $(DSSL)
OPENSSL_INCLUDE_PATH = $(ISSL)
save it then:
make
(there is of course a bunch of other stuff required to compile bitcoind, but the point of this post is how to simply get around the EC restrictions)
I finally got CentOS 6.4 to rebuiild openssl with elliptic curves enables, as required by Bitcoin.
The primary issue is that the CentOS source package contains tarball openssl-1.0.0-usa.tar.bz2
The correct replacement tarball package from openssl.org would be this one http://www.openssl.org/source/openssl-1.0.0.tar.gz
Secondly, a patch from openssl.org is also needed: http://cvs.openssl.org/patchset?cn=19998
After the above two downloads, the spec file is edited to enable EC, point to the new source, and update the release number.
Detailed instructions how to do the build are here: https://bitcointalksearch.org/topic/m.2624466
The primary issue is that the CentOS source package contains tarball openssl-1.0.0-usa.tar.bz2
The correct replacement tarball package from openssl.org would be this one http://www.openssl.org/source/openssl-1.0.0.tar.gz
Secondly, a patch from openssl.org is also needed: http://cvs.openssl.org/patchset?cn=19998
After the above two downloads, the spec file is edited to enable EC, point to the new source, and update the release number.
Detailed instructions how to do the build are here: https://bitcointalksearch.org/topic/m.2624466
I followed Kano's instructions using a newly instantiated CentOS 6.4 server on the Amazon Cloud service.
There is a problem in step 6 where where you copy and rename http://www.openssl.org/source/openssl-1.0.0j.tar.gz
The patches in /rpmbuild/SOURCES are out of sync, because they still correlate to the original source from http://vault.centos.org/6.4/os/Source/SPackages/openssl-1.0.0-27.el6.src.rpm
My journey is documented here https://bitcointalksearch.org/topic/m.2568979
There is a problem in step 6 where where you copy and rename http://www.openssl.org/source/openssl-1.0.0j.tar.gz
The patches in /rpmbuild/SOURCES are out of sync, because they still correlate to the original source from http://vault.centos.org/6.4/os/Source/SPackages/openssl-1.0.0-27.el6.src.rpm
My journey is documented here https://bitcointalksearch.org/topic/m.2568979
I've been playing around more with building an openssl-ec RPM and RPMS for the alternate coins against it. I'm making some progress, but I need to find a place to host a repository when I'm finished.
I was able to compile vanitygen using this method:
cd /tmp
wget http://www.openssl.org/source/openssl-1.0.0j.tar.gz
unzip openssl-1.0.0j.tar.gz
tar -xvf openssl-1.0.0j.tar.gz
cd openssl-1.0.0.j
nano Makefile
#[Change the options]
OPTIONS= no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-shared no-store no-zlib no-zlib-dynamic static-engine enable-cms enable-md2 no-idea enable-ec enable-ecdh enable-ecdsa
make
make install
cd /vanitygen
nano Makefiile
#LIBS=-lpcre -lcrypto -lm -lpthread
#CFLAGS=-ggdb -O3 -Wall
LIBS=-L/tmp/openssl-1.0.0j -lpcre -lcrypto -lm -lpthread
CFLAGS=-ggdb -O3 -Wall -I/tmp/openssl-1.0.0j/include
OBJS=vanitygen.o pattern.o util.o
PROGS=vanitygen
PLATFORM=$(shell uname -s)
ifeq ($(PLATFORM),Darwin)
OPENCL_LIBS=-framework OpenCL
else
OPENCL_LIBS=-lOpenCL
endif
all: $(PROGS)
vanitygen: vanitygen.o pattern.o util.o
$(CC) $^ -o $@ $(CFLAGS) $(LIBS)
clean:
rm -f $(OBJS) $(PROGS) $(TESTS)
make
cd /tmp
wget http://www.openssl.org/source/openssl-1.0.0j.tar.gz
unzip openssl-1.0.0j.tar.gz
tar -xvf openssl-1.0.0j.tar.gz
cd openssl-1.0.0.j
nano Makefile
#[Change the options]
OPTIONS= no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-shared no-store no-zlib no-zlib-dynamic static-engine enable-cms enable-md2 no-idea enable-ec enable-ecdh enable-ecdsa
make
make install
cd /vanitygen
nano Makefiile
#LIBS=-lpcre -lcrypto -lm -lpthread
#CFLAGS=-ggdb -O3 -Wall
LIBS=-L/tmp/openssl-1.0.0j -lpcre -lcrypto -lm -lpthread
CFLAGS=-ggdb -O3 -Wall -I/tmp/openssl-1.0.0j/include
OBJS=vanitygen.o pattern.o util.o
PROGS=vanitygen
PLATFORM=$(shell uname -s)
ifeq ($(PLATFORM),Darwin)
OPENCL_LIBS=-framework OpenCL
else
OPENCL_LIBS=-lOpenCL
endif
all: $(PROGS)
vanitygen: vanitygen.o pattern.o util.o
$(CC) $^ -o $@ $(CFLAGS) $(LIBS)
clean:
rm -f $(OBJS) $(PROGS) $(TESTS)
make
Got a new Motherboard last week so I installed FC17
(FC16 and earlier seems impossible to get working with an AM3+ GB-970A-D3)
FC17 is 1.0.0j-2 so I made a 1.0.0j-3
All compiled, built and installed without errors.
(FC16 and earlier seems impossible to get working with an AM3+ GB-970A-D3)
FC17 is 1.0.0j-2 so I made a 1.0.0j-3
All compiled, built and installed without errors.
Someone else building OpenSSL rpms with ECDSA support here (64bit only thought it seems) ...
https://people.xiph.org/~greg/openssl/
https://people.xiph.org/~greg/openssl/
I managed to get it working on Centos now 
Heres how;
1. Followed kano's instructions from https://bitcointalksearch.org/topic/m.946289
I didnt want to install the newly built rpm for my whole system (repo protections, etc), so i then modified the vanitygen build to use the BUILD directory;
2. Edit Makefile as follows;
4. Copied to my homedir and chown'd to my user as my user owns the DISPLAY:0 session.
5. Ran the oclvanitygen with BUILD lib dir environment variable set (so as to load the right libcrypto.so)
)
Hope this helps anyone else
Heres how;
1. Followed kano's instructions from https://bitcointalksearch.org/topic/m.946289
I didnt want to install the newly built rpm for my whole system (repo protections, etc), so i then modified the vanitygen build to use the BUILD directory;
2. Edit Makefile as follows;
Code:
Change
LIBS=-lpcre -lcrypto -lm -lpthread
CFLAGS=-ggdb -O3 -Wall
To
LIBS=-L/usr/src/redhat/BUILD/openssl-1.0.0j -lpcre -lcrypto -lm -lpthread
CFLAGS=-ggdb -O3 -Wall -I/usr/src/redhat/BUILD/openssl-1.0.0j/include
3. Build the vanitygen/oclvanitygenLIBS=-lpcre -lcrypto -lm -lpthread
CFLAGS=-ggdb -O3 -Wall
To
LIBS=-L/usr/src/redhat/BUILD/openssl-1.0.0j -lpcre -lcrypto -lm -lpthread
CFLAGS=-ggdb -O3 -Wall -I/usr/src/redhat/BUILD/openssl-1.0.0j/include
Code:
make vanitygen && make oclvanitygen
As per the openssl build, I dont want to install it fully, so..4. Copied to my homedir and chown'd to my user as my user owns the DISPLAY:0 session.
5. Ran the oclvanitygen with BUILD lib dir environment variable set (so as to load the right libcrypto.so)
Code:
env LD_LIBRARY_PATH="/usr/src/redhat/BUILD/openssl-1.0.0j" ./oclvanitygen 1SomeName
which gave me a list of device numbersCode:
Available OpenCL platforms:
0: [Advanced Micro Devices, Inc.] AMD Accelerated Parallel Processing
0: [Advanced Micro Devices, Inc.] Cayman
1: [GenuineIntel] Intel(R) Pentium(R) D CPU 3.20GHz
6. Re-ran oclvanitygen with the OCL device number (-d 0: [Advanced Micro Devices, Inc.] AMD Accelerated Parallel Processing
0: [Advanced Micro Devices, Inc.] Cayman
1: [GenuineIntel] Intel(R) Pentium(R) D CPU 3.20GHz
Code:
env LD_LIBRARY_PATH="/usr/src/redhat/BUILD/openssl-1.0.0j" ./oclvanitygen -d 0 1SomeName
7. Watch as you realise that to find an 8 digit vanity address could take a long time on a single 6970.Hope this helps anyone else
has anyone managed to get this to work for Centos, it would appear that the security patches are all based on the fips version and if i edit to use the non fips source tarball, the patch hunks fail, so the rpm fails to build?
... and you can't build it using openssl-1.0.0j-1.fc16.src.rpm ?
in related news... I needed a vanity address so I ended up running vanitygen on wine on all my linux boxen. worked perfectly.
absolutely pounded this week... forced to sit in a cold noisy datacenter most of the week with no "me" time at my desk. Wife and kids leaving town this weekend... so... hopefully soon.
Sounds like heaven! I've always wanted a rack to myself with a desk inside. Office is always too warm and I like the sound of fans.
absolutely pounded this week... forced to sit in a cold noisy datacenter most of the week with no "me" time at my desk. Wife and kids leaving town this weekend... so... hopefully soon.
has anyone managed to get this to work for Centos, it would appear that the security patches are all based on the fips version and if i edit to use the non fips source tarball, the patch hunks fail, so the rpm fails to build?
I had no idea oclvanitygen was working. When I first used vanitygen, only the CPU mode worked. Will research, thanks for the info!
I'm trying to generate some 6~8 char longs for some months already ... it's really hard, but maybe I can get lucky ...
Months really? It shouldn't be taking that long.. Here, have a 9 char addy: 1FreenodeMrq7gKn91wR4meJKEbi9RNa8M(since the 1 counts as a character)
That was found along with one other less desirable one - less desirable because of the case mixture like 1FreEnoDe - because it was lucky in case-insensitive mode. Even if you require case-sensitivity, I recommend you run it in non-case-sensitive mode because then you will get several options and might get lucky.
Also, oclvanitygen running on a 5870 or similar hardware is much better and faster.
I'm trying to generate some 6~8 char longs for some months already ... it's really hard, but maybe I can get lucky ...
nice. some bitcoin waiting for that addy when I close the bitquestion bounty. 
I'll make myself a longer one some time in the future - 4 character ones are really quick (I've got 78 of them already)5 character ones are of course 58 times slower
So yeah it's nice to be able to play with vanitygen.
One thing to note (that's mentioned but probably should be highlighted in the bitcoind docs) is when you
bitcoind importprivkey 5blah
You need to wait for quite a while ... and if you "tail -f" the "debug.log" it's a major WTF is it doing?
nice. some bitcoin waiting for that addy when I close the bitquestion bounty.
Jump to: