(with vanitygen) 
Topic: Bounty : OpenSSL with EC for Fedora/RH/CentOS : 3.6 BTC - page 2. (Read 13695 times)
Updated my sig (with vanitygen)
(with vanitygen) 
From my reading about the issues with ECC now, I'd expect this problem to go away soon - as soon as RedHat legal gets off their asses and say something about it
The patent is already shown to not be valid in this case ... and even if for some stupid reason some typically zero intelligence judge did say the patent covers this, well it expires this year anyway from what I've read.
The patent is already shown to not be valid in this case ... and even if for some stupid reason some typically zero intelligence judge did say the patent covers this, well it expires this year anyway from what I've read.
Ok, sounds promising. This tiny little EC copyright issue has been a PITA getting bitcoin projects built cleanly on RH platforms ... way out of proportion to the issue.
PS: nice work with the package, btw.
Well it's all there - I'm not sure what else is wanted
To get through it and see it work. I just need some "alone time" which will probably happen tomorrow for me.
Can't wait to get my vanitygen on too!
Well it's all there - I'm not sure what else is wanted since it's a simple google to get:
e.g. how to sign an RPM: http://www.rpm.org/max-rpm/s1-rpm-pgp-signing-packages.html
and if you mean a Yum repo - that's just 'createrepo -q .' in the directory above the repo and create a whatever.repo to point to it
(just like the repos in /etc/yum.repos.d/
Anyway those 2 bits of info are straight forward, the trick was to simply notice that the redhat usa tar file could be replaced by the official tar file (with some changes to the spec file and enabling the needed cryptos) and then it compiles without problems.
I guess you could even enable idea, rc5 and mdc2 if anyone wanted them also
I've been running vanitygen last night and imported a generated address into my wallet and that imported without any errors.
e.g. how to sign an RPM: http://www.rpm.org/max-rpm/s1-rpm-pgp-signing-packages.html
and if you mean a Yum repo - that's just 'createrepo -q .' in the directory above the repo and create a whatever.repo to point to it
(just like the repos in /etc/yum.repos.d/
Anyway those 2 bits of info are straight forward, the trick was to simply notice that the redhat usa tar file could be replaced by the official tar file (with some changes to the spec file and enabling the needed cryptos) and then it compiles without problems.
I guess you could even enable idea, rc5 and mdc2 if anyone wanted them also
I've been running vanitygen last night and imported a generated address into my wallet and that imported without any errors.
We need this in several places for Fedora (other RH-derivative) uses ... I can probably contribute.
The patent is already shown to not be valid in this case ... and even if for some stupid reason some typically zero intelligence judge did say the patent covers this, well it expires this year anyway from what I've read.
That's great news! Even so, this will prove to be a very enlightening and educational experience for me as I've wanted to help maintain other packages too. This ECDSA thing has motivate me to finally learn how this stuff works.
Yeah if you really wanted to give out RPM's to other people you'd also (as mentioned above by wolfy) change the "Source:" file name from "openssl-%{version}-usa.tar.xz" to "openssl-%{version}.tar.gz" in the spec file, so you can simply just grab the file from
http://www.openssl.org/source/
and create a new src.rpm using that gz file instead of the RedHat 'usa' file
The differences between the two tar files are that all the files related to the "patent" issue are present but empty in the 'usa' file.
From my reading about the issues with ECC now, I'd expect this problem to go away soon - as soon as RedHat legal gets off their asses and say something about it
The patent is already shown to not be valid in this case ... and even if for some stupid reason some typically zero intelligence judge did say the patent covers this, well it expires this year anyway from what I've read.
http://www.openssl.org/source/
and create a new src.rpm using that gz file instead of the RedHat 'usa' file
The differences between the two tar files are that all the files related to the "patent" issue are present but empty in the 'usa' file.
From my reading about the issues with ECC now, I'd expect this problem to go away soon - as soon as RedHat legal gets off their asses and say something about it
The patent is already shown to not be valid in this case ... and even if for some stupid reason some typically zero intelligence judge did say the patent covers this, well it expires this year anyway from what I've read.
excellent work!
I had a discussion with a guy in #Fedora-dev who helped me out and gave me nearly the same instructions. I have been planning on giving it a go, but it's just been too busy.
Here's the overview of the discussion we had. We should compare notes and take it to the end - through setting up a repo. I may have some time to work on this today.
it's almost 3 AM over here so I will not be staying much longer
so let me tell you the basic stept
steps
1. yum install fedora-packager
2. decide what user you will use to build packages as. I use my normal user account
do not ever build as root
install mock
become the user you want to build as ( su - THATUSER)
run rpmdev-setuptree
download the openssl.src.rpm from fedora
rpm -i openssl.src.rpm ( this step will explode the src and allow you to later edit the spec )
download the original source
edit ~/rpmbuild/SPECS/openssl.spec
replace the file name in SOURCE0 with the name of the downloaded original
add a line in front of the %changelog section , using the same format as the existing ones
and put in there the new version and the comments that you seem fit for the changelog
ah, also, do not forget to edit the version and release fields from the top of the spec file, make them coincide with the name of the new source
save the spec file
run rpmbuild -bs ~/rpmbuild/SPECS/openssl.spec
this will create a new src.rpm
let's say it's called ~/rpmbuild/SRPMS/newopenssl.src.rpm
run mock -r fedora-16-x86_64 ~/rpmbuild/SRPMS/newopenssl.src.rpm
and come back to me with the issues that you face
ah
one more thing
you need to add the user that you will use to build to the group mock
after installing mock
otherwise mock will refuse to run
Ultimately I plan on hosting an openssl repository 'with signatures n shit' to make it even easier for people to use EC on Fedora.
I had a discussion with a guy in #Fedora-dev who helped me out and gave me nearly the same instructions. I have been planning on giving it a go, but it's just been too busy.
Here's the overview of the discussion we had. We should compare notes and take it to the end - through setting up a repo. I may have some time to work on this today.
Quote
Ultimately I plan on hosting an openssl repository 'with signatures n shit' to make it even easier for people to use EC on Fedora.
I wonder how popular this page will become now with Fedora people 
Since there really is no one who has written this, that is easy to find on the net, for the last 7+ years this issue has existed ...
Since there really is no one who has written this, that is easy to find on the net, for the last 7+ years this issue has existed ...
I wanted to do this today ... and googled ... and found nothing useful ... and googled more ... and found this page ... and since googling gave me no actual answers ...
I did it myself.
So in my ~/rpmbuild/RPMS/x86_64/ directory I did:
rpm -Uvh openssl-1.0.0j-2.fc16.x86_64.rpm openssl-devel-1.0.0j-2.fc16.x86_64.rpm
and now vanitygen builds (and runs) fine.
I did it myself.
Code:
Build openssl-1.0.0j with EC on fc16
------------------------------------
All this is run from root.
1) Find the correct SRC RPM
Update fc16 to the latest everything and get
openssl-1.0.0j-1.fc16.src.rpm
from any mirror
or later if there is a later version
(this was written 7-Jun-2012)
N.B. these details are specific for openssl-1.0.0j
but most developers should be able to adapt this to later versions
2) rpm -Uvh openssl-1.0.0j-1.fc16.src.rpm
3) cd ~/rpmbuild/SPECS
4) vim openssl.spec
look for "./Configure" at the start of a line
(in 1.0.0j-1.fc16 it is line 219)
about 3 lines down from that you will see:
enable-cms enable-md2 no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa \
change it to look like:
enable-cms enable-md2 no-idea no-mdc2 no-rc5 enable-ec enable-ecdh enable-ecdsa \
search for
Source1: hobble-openssl
(line 29) and change it (comment it out) to:
#Source1: hobble-openssl
search for
%{SOURCE1} > /dev/null
(line 133) and change it (comment it out) to:
#%{SOURCE1} > /dev/null
go back to the top and increase "Release:"
line 24 increment the "Release:" number
e.g. change
Release: 1%{?dist}
to
Release: 2%{?dist}
5) install rpm-build
yum install rpm-build
6) cd ~/rpmbuild/SOURCES/
in ~/rpmbuild/SOURCES/ there is a file called "openssl-1.0.0j-usa.tar.xz"
rename it to "openssl-1.0.0j-usa.tar.xz.orig" (or whatever else you like)
get a full replacement for the tar file, at http://www.openssl.org/source/
http://www.openssl.org/source/openssl-1.0.0j.tar.gz
and put it in the directory: ~/rpmbuild/SOURCES/
then rename it to "openssl-1.0.0j-usa.tar.xz"
7) cd ~/rpmbuild/SPECS
rpmbuild -bb openssl.spec
8) You now have the RPM files you need in ~/rpmbuild/RPMS/*/
FIN
I did this coz I wanted to build vanitygen (and it failed before I did this)------------------------------------
All this is run from root.
1) Find the correct SRC RPM
Update fc16 to the latest everything and get
openssl-1.0.0j-1.fc16.src.rpm
from any mirror
or later if there is a later version
(this was written 7-Jun-2012)
N.B. these details are specific for openssl-1.0.0j
but most developers should be able to adapt this to later versions
2) rpm -Uvh openssl-1.0.0j-1.fc16.src.rpm
3) cd ~/rpmbuild/SPECS
4) vim openssl.spec
look for "./Configure" at the start of a line
(in 1.0.0j-1.fc16 it is line 219)
about 3 lines down from that you will see:
enable-cms enable-md2 no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa \
change it to look like:
enable-cms enable-md2 no-idea no-mdc2 no-rc5 enable-ec enable-ecdh enable-ecdsa \
search for
Source1: hobble-openssl
(line 29) and change it (comment it out) to:
#Source1: hobble-openssl
search for
%{SOURCE1} > /dev/null
(line 133) and change it (comment it out) to:
#%{SOURCE1} > /dev/null
go back to the top and increase "Release:"
line 24 increment the "Release:" number
e.g. change
Release: 1%{?dist}
to
Release: 2%{?dist}
5) install rpm-build
yum install rpm-build
6) cd ~/rpmbuild/SOURCES/
in ~/rpmbuild/SOURCES/ there is a file called "openssl-1.0.0j-usa.tar.xz"
rename it to "openssl-1.0.0j-usa.tar.xz.orig" (or whatever else you like)
get a full replacement for the tar file, at http://www.openssl.org/source/
http://www.openssl.org/source/openssl-1.0.0j.tar.gz
and put it in the directory: ~/rpmbuild/SOURCES/
then rename it to "openssl-1.0.0j-usa.tar.xz"
7) cd ~/rpmbuild/SPECS
rpmbuild -bb openssl.spec
8) You now have the RPM files you need in ~/rpmbuild/RPMS/*/
FIN
So in my ~/rpmbuild/RPMS/x86_64/ directory I did:
rpm -Uvh openssl-1.0.0j-2.fc16.x86_64.rpm openssl-devel-1.0.0j-2.fc16.x86_64.rpm
and now vanitygen builds (and runs) fine.
http://bitquestion.com/question/8
Quote
I would like someone to explain exactly how to build OpenSSL with EC on Fedora and make it available in RPM format in a personal repository. This is specifically to help Fedora users more easily build Bitcoin applications.
I need the following documented or explained:
Build OpenSSL with EC
Create/configure/maintain a .spec file
Build the OpenSSL RPM so that it is compatible with the existing Fedora OpenSSL version.
Generate/publish a PGP key for use in authenticating releases
Creating a repository and publishing the rpm
I can build the current version of OpenSSL source code. I am currently stuck at interpreting what needs to be done with the .spec file downloaded from the Fedora repository (/fedora/linux/updates/16/SRPMS/openssl-1.0.0j-1.fc16.src.rpm)
I need the following documented or explained:
Build OpenSSL with EC
Create/configure/maintain a .spec file
Build the OpenSSL RPM so that it is compatible with the existing Fedora OpenSSL version.
Generate/publish a PGP key for use in authenticating releases
Creating a repository and publishing the rpm
I can build the current version of OpenSSL source code. I am currently stuck at interpreting what needs to be done with the .spec file downloaded from the Fedora repository (/fedora/linux/updates/16/SRPMS/openssl-1.0.0j-1.fc16.src.rpm)
Jump to: