Buildinging the envoy.tls.key_providers.qat and envoy.tls.key_providers.cryptomb plugins #503
Description
Hello. I'm having trouble building two plugins using envoy-openssl:
envoy.tls.key_providers.qat (//contrib/qat/private_key_providers/source:config)
envoy.tls.key_providers.cryptomb (//contrib/cryptomb/private_key_providers/source:config)
The project builds without using these plugins.
- To build the envoy.tls.key_providers.qat plugin (//contrib/qat/private_key_providers/source:config), I use the command:
bazel build --jobs=1 --config=clang --define=wasm=disabled --compilation_mode=dbg //contrib/qat/private_key_providers/source:config
and I get the following errors:
ERRORS
bazel build --jobs=1 --config=clang --define=wasm=disabled --compilation_mode=dbg //contrib/qat/private_key_providers/source:config
ERROR: /workspaces/proxy/envoy/contrib/qat/private_key_providers/source/BUILD:23:17: Compiling contrib/qat/private_key_providers/source/qat.cc failed: (Exit 1): clang-14 failed: error executing command (from target //contrib/qat/private_key_providers/source:qat_private_key_provider_lib) /usr/lib/llvm/bin/clang-14 -U_FORTIFY_SOURCE -fstack-protector -Wall -Wthread-safety -Wself-assign -Wunused-but-set-parameter -Wno-free-nonheap-object -fcolor-diagnostics -fno-omit-frame-pointer -g ... (remaining 218 arguments skipped)
contrib/qat/private_key_providers/source/qat.cc:184:44: error: use of undeclared identifier 'BN_num_bytes'; did you mean 'BN_num_bits'?
fb->dataLenInBytes = static_cast<Cpa32U>(BN_num_bytes(bn));
^~~~~~~~~~~~
BN_num_bits
bazel-out/k8-dbg/bin/bssl-compat/bssl-compat/include/openssl/bn.h:214:25: note: 'BN_num_bits' declared here
OPENSSL_EXPORT unsigned BN_num_bits(const BIGNUM *bn);
^
contrib/qat/private_key_providers/source/qat.cc:198:7: error: use of undeclared identifier 'BN_bn2bin'
if (BN_bn2bin(bn, fb->pData) == 0) {
^
2 errors generated.
Target //contrib/qat/private_key_providers/source:config failed to build
Use --verbose_failures to see the command lines of failed build steps.
INFO: Elapsed time: 331.304s, Critical Path: 322.24s
INFO: 607 processes: 4 internal, 603 linux-sandbox.
ERROR: /workspaces/proxy/envoy/contrib/qat/private_key_providers/source/BUILD:23:17: Compiling contrib/qat/private_key_providers/source/qat_private_key_provider.cc failed: (Exit 1): clang-14 failed: error executing command (from target //contrib/qat/private_key_providers/source:qat_private_key_provider_lib) /usr/lib/llvm/bin/clang-14 -U_FORTIFY_SOURCE -fstack-protector -Wall -Wthread-safety -Wself-assign -Wunused-but-set-parameter -Wno-free-nonheap-object -fcolor-diagnostics -fno-omit-frame-pointer -g ... (remaining 218 arguments skipped)
Use --sandbox_debug to see verbose messages from the sandbox and retain the sandbox build root for debugging
contrib/qat/private_key_providers/source/qat_private_key_provider.cc:125:10: error: use of undeclared identifier 'RSA_padding_add_PKCS1_PSS_mgf1'; did you mean 'ossl_RSA_padding_add_PKCS1_PSS_mgf1'?
if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa, msg, hash, md, nullptr, -1)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ossl_RSA_padding_add_PKCS1_PSS_mgf1
bazel-out/k8-dbg/bin/bssl-compat/bssl-compat/include/ossl/openssl/rsa.h:438:5: note: 'ossl_RSA_padding_add_PKCS1_PSS_mgf1' declared here
int ossl_RSA_padding_add_PKCS1_PSS_mgf1(ossl_RSA *rsa, unsigned char *EM,
^
1 error generated.
Target //contrib/qat/private_key_providers/source:config failed to build
Use --verbose_failures to see the command lines of failed build steps.
INFO: Elapsed time: 9.972s, Critical Path: 9.70s
INFO: 2 processes: 2 internal.
FAILED: Build did NOT complete successfully
- To build the envoy.tls.key_providers.cryptomb plugin (//contrib/cryptomb/private_key_providers/source:config), I use the following command:
bazel build --config=clang --define=wasm=disabled --compilation_mode=dbg //contrib/cryptomb/private_key_providers/source:config
I get "implicit declaration of function" errors when building the ipp-crypto library (libcrypto_mb.a). Here's the detailed output:
ERROR
bazel build --config=clang --define=wasm=disabled --compilation_mode=dbg //contrib/cryptomb/private_key_providers/source:config"
INFO: Analyzed target //contrib/cryptomb/private_key_providers/source:config (1 packages loaded, 13 targets configured).
INFO: Found 1 target...
ERROR: /workspaces/proxy/envoy/contrib/cryptomb/private_key_providers/source/BUILD:17:12: Foreign Cc - CMake: Building ipp-crypto failed: (Exit 1): bash failed: error executing command (from target //contrib/cryptomb/private_key_providers/source:ipp-crypto) /bin/bash -c bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto_foreign_cc/wrapper_build_script.sh
Use --sandbox_debug to see verbose messages from the sandbox and retain the sandbox build root for debugging
rules_foreign_cc: Build failed!
rules_foreign_cc: Keeping temp build directory and dependencies directory for debug.
rules_foreign_cc: Please note that the directories inside a sandbox are still cleaned unless you specify --sandbox_debug Bazel command line flag.
rules_foreign_cc: Printing build logs:
_____ BEGIN BUILD LOGS _____
Bazel external C/C++ Rules. Building library ipp-crypto
Environment:______________
BAZEL_LINKLIBS=-l%:libstdc++.a
EXT_BUILD_ROOT=/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy
INSTALLDIR=/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto
LLVM_CONFIG=/usr/lib/llvm/bin/llvm-config
BAZEL_LINKOPTS=-lm
CC=clang
Clang_DIR=/usr/lib/llvm/lib/cmake/clang/
BAZEL_COMPILER=clang
PWD=/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy
BUILD_TMPDIR=/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto.build_tmpdir
TMPDIR=/tmp
EXT_BUILD_DEPS=/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto.ext_build_deps
CXX=clang++
SHLVL=3
BUILD_LOG=bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto_foreign_cc/CMake.log
BUILD_SCRIPT=bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto_foreign_cc/build_script.sh
BUILD_WRAPPER_SCRIPT=bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto_foreign_cc/wrapper_build_script.sh
BORINGSSL_OPENSSL_INCLUDES=envoy/bssl-compat/third_party/boringssl/src/include
PATH=/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy:/usr/lib/llvm/bin:/vscode/vscode-server/bin/linux-x64/1e3c50d64110be466c0b4a45222e81d2c9352888/bin/remote-cli:/usr/lib/llvm/bin:/usr/local/go/bin:/gobin:/usr/local/google-cloud-sdk/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
LLVM_DIR=/usr/lib/llvm/lib/cmake/llvm/
_=/usr/bin/env
__________________________
+ /home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/external/cmake-3.23.2-linux-x86_64/bin/cmake -DCMAKE_AR=/usr/bin/ar '-DCMAKE_SHARED_LINKER_FLAGS=-shared -Wl,--gdb-index -fuse-ld=/usr/lib/llvm/bin/ld.lld -Wl,-no-as-needed -Wl,-z,relro,-z,now -B/usr/lib/llvm/bin -lm -l:libstdc++.a -fuse-ld=lld -L/usr/lib/llvm/lib -Wl,-rpath,/usr/lib/llvm/lib' '-DCMAKE_EXE_LINKER_FLAGS=-Wl,--gdb-index -fuse-ld=/usr/lib/llvm/bin/ld.lld -Wl,-no-as-needed -Wl,-z,relro,-z,now -B/usr/lib/llvm/bin -lm -l:libstdc++.a -fuse-ld=lld -L/usr/lib/llvm/lib -Wl,-rpath,/usr/lib/llvm/lib' -DBORINGSSL=on -DDYNAMIC_LIB=off -DMB_STANDALONE=off -DOPENSSL_ROOT_DIR=/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto.ext_build_deps/bssl-compat -DOPENSSL_LIBRARIES=/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto.ext_build_deps/bssl-compat/lib -DCMAKE_BUILD_TYPE=Bazel -DCMAKE_INSTALL_PREFIX=/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto -DCMAKE_PREFIX_PATH=/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto.ext_build_deps -DCMAKE_RANLIB= -DCMAKE_MAKE_PROGRAM=/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/external/ninja_1.12.1_linux/ninja -G Ninja /home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/external/com_github_intel_ipp_crypto_crypto_mb_fips/sources/ippcp/crypto_mb
-- The C compiler identification is Clang 14.0.0
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Check for working C compiler: /usr/lib/llvm/bin/clang-14 - skipped
-- Detecting C compile features
-- Detecting C compile features - done
-- CMAKE_BUILD_TYPE is not set to Debug explicitly, defaulting to Release
CMake Warning (dev) at CMakeLists.txt:67 (set):
Cannot set "MBX_INTERFACE_VERSION": current scope has no parent.
This warning is for project developers. Use -Wno-dev to suppress it.
CMake Warning (dev) at CMakeLists.txt:68 (set):
Cannot set "MB_PUBLIC_HEADERS": current scope has no parent.
This warning is for project developers. Use -Wno-dev to suppress it.
CMake Warning (dev) at CMakeLists.txt:69 (set):
Cannot set "MB_DYN_LIB_TARGET": current scope has no parent.
This warning is for project developers. Use -Wno-dev to suppress it.
CMake Warning (dev) at CMakeLists.txt:70 (set):
Cannot set "MB_STATIC_LIB_TARGET": current scope has no parent.
This warning is for project developers. Use -Wno-dev to suppress it.
-- Found OpenSSL: /usr/lib/x86_64-linux-gnu/libcrypto.so (found version "")
-- Configuring done
-- Generating done
-- Build files have been written to: /home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto.build_tmpdir
+ /home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/external/cmake-3.23.2-linux-x86_64/bin/cmake --build . --config Debug
[1/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_amm52x20_mb8.c.o
[2/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_amm52x30_mb8.c.o
[3/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_amm52x10_mb8.c.o
[4/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_amm52x40_mb8.c.o
[5/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_ahmm52x20_mb8.c.o
[6/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_ams5x52x10_diagonal_mb8.c.o
[7/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_amm52x60_mb8.c.o
[8/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_ahmr52x20_mb8.c.o
[9/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_extract_amm52x20_mb8.c.o
[10/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_amm52x79_mb8.c.o
[11/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_ams52x10_diagonal_mb8.c.o
[12/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_exp52x20_65537_mb8.c.o
[13/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_exp52x10_mb8.c.o
[14/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_div_104_by_52.c.o
[15/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_ams5x52x20_diagonal_mb8.c.o
[16/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_ams52x20_diagonal_mb8.c.o
[17/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_exp52x60_65537_mb8.c.o
[18/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_ams52x30_diagonal_mb8.c.o
[19/140] Building C object src/CMakeFiles/crypto_mb_s.dir/common/ifma_version.c.o
[20/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_exp52x40_65537_mb8.c.o
[21/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_exp52x79_65537_mb8.c.o
[22/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_exp52x20_mb8.c.o
[23/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_method.c.o
[24/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_exp52x60_mb8.c.o
[25/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/AMS4x52x20_diagonal_stitched_with_extract_mb8.c.o
[26/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_exp52x79_mb8.c.o
[27/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_rsa_ssl_prv2_mb8.c.o
[28/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_ams52x40_diagonal_mb8.c.o
[29/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_rsa_ssl_prv2_layer_mb8.c.o
[30/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_rsa_layer_mb8.c.o
[31/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_exp52x40_mb8.c.o
[32/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_rsa_ssl_prv5_layer_mb8.c.o
[33/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_exp52x30_mb8.c.o
[34/140] Building C object src/CMakeFiles/crypto_mb_s.dir/common/ifma_cvt52.c.o
FAILED: src/CMakeFiles/crypto_mb_s.dir/common/ifma_cvt52.c.o
/usr/lib/llvm/bin/clang-14 -DSIMD_LEN=512 -DUSE_AMS_5x -I/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/external/com_github_intel_ipp_crypto_crypto_mb_fips/sources/ippcp/crypto_mb/include -I/usr/include/X11 -isystem /home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto.ext_build_deps/bssl-compat/include -falign-functions=32 -std=c99 -Wno-pointer-to-int-cast -O3 -DNDEBUG -fvisibility=hidden -march=icelake-server -mavx512dq -mavx512ifma -mavx512f -mavx512vbmi2 -mavx512cd -mavx512bw -mbmi2 -Wformat -Wformat-security -Werror=format-security -fcf-protection=full -D_FORTIFY_SOURCE=2 -fstack-protector -fpic -fPIC -Wall -Werror -MD -MT src/CMakeFiles/crypto_mb_s.dir/common/ifma_cvt52.c.o -MF src/CMakeFiles/crypto_mb_s.dir/common/ifma_cvt52.c.o.d -o src/CMakeFiles/crypto_mb_s.dir/common/ifma_cvt52.c.o -c /home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/external/com_github_intel_ipp_crypto_crypto_mb_fips/sources/ippcp/crypto_mb/src/common/ifma_cvt52.c
/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/external/com_github_intel_ipp_crypto_crypto_mb_fips/sources/ippcp/crypto_mb/src/common/ifma_cvt52.c:24:12: error: implicit declaration of function 'BN_bn2le_padded' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
return BN_bn2le_padded(to, tolen, a);
^
/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/external/com_github_intel_ipp_crypto_crypto_mb_fips/sources/ippcp/crypto_mb/src/common/ifma_cvt52.c:196:24: error: implicit declaration of function 'BN_num_bytes' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
byteLens[i] = BN_num_bytes(bn[i]);
^
/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/external/com_github_intel_ipp_crypto_crypto_mb_fips/sources/ippcp/crypto_mb/src/common/ifma_cvt52.c:196:24: note: did you mean 'BN_num_bits'?
/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto.ext_build_deps/bssl-compat/include/openssl/bn.h:214:25: note: 'BN_num_bits' declared here
OPENSSL_EXPORT unsigned BN_num_bits(const BIGNUM *bn);
^
2 errors generated.
[35/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_rsa_mb8.c.o
[36/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_rsa_ssl_pub65537_mb8.c.o
FAILED: src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_rsa_ssl_pub65537_mb8.c.o
/usr/lib/llvm/bin/clang-14 -DSIMD_LEN=512 -DUSE_AMS_5x -I/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/external/com_github_intel_ipp_crypto_crypto_mb_fips/sources/ippcp/crypto_mb/include -I/usr/include/X11 -isystem /home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto.ext_build_deps/bssl-compat/include -falign-functions=32 -std=c99 -Wno-pointer-to-int-cast -O3 -DNDEBUG -fvisibility=hidden -march=icelake-server -mavx512dq -mavx512ifma -mavx512f -mavx512vbmi2 -mavx512cd -mavx512bw -mbmi2 -Wformat -Wformat-security -Werror=format-security -fcf-protection=full -D_FORTIFY_SOURCE=2 -fstack-protector -fpic -fPIC -Wall -Werror -MD -MT src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_rsa_ssl_pub65537_mb8.c.o -MF src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_rsa_ssl_pub65537_mb8.c.o.d -o src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_rsa_ssl_pub65537_mb8.c.o -c /home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/external/com_github_intel_ipp_crypto_crypto_mb_fips/sources/ippcp/crypto_mb/src/rsa/ifma_rsa_ssl_pub65537_mb8.c
/home/envoyuser/.cache/bazel/_bazel_envoyuser/88b5332b57666b0bcac8f052a051c00c/sandbox/linux-sandbox/1951/execroot/envoy/external/com_github_intel_ipp_crypto_crypto_mb_fips/sources/ippcp/crypto_mb/src/rsa/ifma_rsa_ssl_pub65537_mb8.c:70:11: error: implicit declaration of function 'BN_is_word' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
if(!BN_is_word(e, expected_pub_exp)) {
^
1 error generated.
[37/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_ams5x52x40_diagonal_mb8.c.o
[38/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_rsa_ssl_prv5_mb8.c.o
[39/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_arith_m256.c.o
[40/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_arith_n256.c.o
[41/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_rsa_ssl_pub_layer_mb8.c.o
[42/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/ifma_other52x_mb8.c.o
[43/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_arith_n384.c.o
[44/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_arith_p521.c.o
[45/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_ecdh_p256.c.o
[46/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_arith_p384.c.o
[47/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_ecdh_p384.c.o
[48/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_arith_n521.c.o
[49/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_ams52x60_diagonal_mb8.c.o
[50/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_ecdh_p521.c.o
[51/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_ecpoint_p256.c.o
[52/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_arith_p256.c.o
[53/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_ecdsa_p384.c.o
[54/140] Building C object src/CMakeFiles/crypto_mb_s.dir/x25519/ifma_x25519.c.o
[55/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_ecdsa_p521.c.o
[56/140] Building C object src/CMakeFiles/crypto_mb_s.dir/ecnist/ifma_ecdsa_p256.c.o
[57/140] Building C object src/CMakeFiles/crypto_mb_s.dir/rsa/avx512_primitives/ifma_ams52x79_diagonal_mb8.c.o
ninja: build stopped: subcommand failed.
_____ END BUILD LOGS _____
rules_foreign_cc: Build wrapper script location: bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto_foreign_cc/wrapper_build_script.sh
rules_foreign_cc: Build script location: bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto_foreign_cc/build_script.sh
rules_foreign_cc: Build log location: bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto_foreign_cc/CMake.log
Target //contrib/cryptomb/private_key_providers/source:config failed to build
Use --verbose_failures to see the command lines of failed build steps.
ERROR: /workspaces/proxy/envoy/contrib/cryptomb/private_key_providers/source/BUILD:116:27 Middleman _middlemen/_S_Scontrib_Scryptomb_Sprivate_Ukey_Uproviders_Ssource_Cconfig-cc_library-compile failed: (Exit 1): bash failed: error executing command (from target //contrib/cryptomb/private_key_providers/source:ipp-crypto) /bin/bash -c bazel-out/k8-dbg/bin/contrib/cryptomb/private_key_providers/source/ipp-crypto_foreign_cc/wrapper_build_script.sh
Use --sandbox_debug to see verbose messages from the sandbox and retain the sandbox build root for debugging
INFO: Elapsed time: 4.864s, Critical Path: 4.48s
INFO: 3 processes: 3 internal.
FAILED: Build did NOT complete successfully
when I pass the path to the openssl header files (which are located in the envoy/bssl-compat/third_party/boringssl/src/include directory),
OPENSSL_INCLUDE_DIR value:
envoy_cmake(
name = "ipp-crypto",
cache_entries = {
"BORINGSSL": "on",
"DYNAMIC_LIB": "off",
"MB_STANDALONE": "off",
"OPENSSL_INCLUDE_DIR": "$$EXT_BUILD_ROOT$$/../../../../../external/envoy/bssl-compat/third_party/boringssl/src/include",
},
...
the build continues, but eventually crashes with the errors "use of undeclared identifier" and "no member named 'Free' in 'bssl::internal::DeleterImpl<ossl_bignum_ctx>'":
ERRORS
bazel build --config=clang --define=wasm=disabled --compilation_mode=dbg //contrib/cryptomb/private_key_providers/source:config
INFO: Build option --action_env has changed, discarding analysis cache.
INFO: Analyzed target //contrib/cryptomb/private_key_providers/source:config (368 packages loaded, 42361 targets configured).
INFO: Found 1 target...
ERROR: /workspaces/proxy/envoy/contrib/cryptomb/private_key_providers/source/BUILD:74:17: Compiling contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.cc failed: (Exit 1): clang-14 failed: error executing command (from target //contrib/cryptomb/private_key_providers/source:cryptomb_private_key_provider_lib) /usr/lib/llvm/bin/clang-14 -U_FORTIFY_SOURCE -fstack-protector -Wall -Wthread-safety -Wself-assign -Wunused-but-set-parameter -Wno-free-nonheap-object -fcolor-diagnostics -fno-omit-frame-pointer -g ... (remaining 218 arguments skipped)
Use --sandbox_debug to see verbose messages from the sandbox and retain the sandbox build root for debugging
contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.cc:49:34: error: use of undeclared identifier 'BN_CTX_new'
ctx_ = bssl::UniquePtr<BN_CTX>(BN_CTX_new());
^
contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.cc:53:3: error: use of undeclared identifier 'BN_CTX_start'
BN_CTX_start(ctx_.get());
^
contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.cc:54:8: error: use of undeclared identifier 'BN_CTX_get'
k_ = BN_CTX_get(ctx_.get());
^
contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.cc:59:10: error: use of undeclared identifier 'BN_rand_range'
if (!BN_rand_range(k_, order)) {
^
contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.cc:62:12: error: use of undeclared identifier 'BN_is_zero'
} while (BN_is_zero(k_));
^
contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.cc:224:8: error: use of undeclared identifier 'CBB_init_fixed'
if (!CBB_init_fixed(&cbb, out, mb_ctx->sig_len_) || !ECDSA_SIG_marshal(&cbb, sig) ||
^
contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.cc:224:56: error: use of undeclared identifier 'ECDSA_SIG_marshal'
if (!CBB_init_fixed(&cbb, out, mb_ctx->sig_len_) || !ECDSA_SIG_marshal(&cbb, sig) ||
^
contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.cc:288:10: error: use of undeclared identifier 'RSA_padding_add_PKCS1_PSS_mgf1'; did you mean 'ossl_RSA_padding_add_PKCS1_PSS_mgf1'?
if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa.get(), msg, hash, md, nullptr, -1)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ossl_RSA_padding_add_PKCS1_PSS_mgf1
bazel-out/k8-dbg/bin/bssl-compat/bssl-compat/include/ossl/openssl/rsa.h:438:5: note: 'ossl_RSA_padding_add_PKCS1_PSS_mgf1' declared here
int ossl_RSA_padding_add_PKCS1_PSS_mgf1(ossl_RSA *rsa, unsigned char *EM,
^
contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.cc:629:5: error: use of undeclared identifier 'BN_CTX_end'
BN_CTX_end(mb_ctx->ctx_.get());
^
contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.cc:743:12: error: variable has incomplete type 'BIGNUM' (aka 'ossl_bignum_st')
BIGNUM e_check;
^
bazel-out/k8-dbg/bin/bssl-compat/bssl-compat/include/ossl/openssl/types.h:87:16: note: forward declaration of 'ossl_bignum_st'
typedef struct ossl_bignum_st ossl_BIGNUM;
^
In file included from contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.cc:1:
In file included from ./contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.h:5:
In file included from ./envoy/ssl/private_key/private_key.h:11:
In file included from bazel-out/k8-dbg/bin/bssl-compat/bssl-compat/include/openssl/ssl.h:145:
bazel-out/k8-dbg/bin/bssl-compat/bssl-compat/include/openssl/base.h:550:21: error: no member named 'Free' in 'bssl::internal::DeleterImpl<ossl_bignum_ctx>'
DeleterImpl<T>::Free(ptr);
^
/usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/unique_ptr.h:361:4: note: in instantiation of function template specialization 'bssl::internal::Deleter::operator()<ossl_bignum_ctx>' requested here
get_deleter()(std::move(__ptr));
^
./contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.h:60:3: note: in instantiation of member function 'std::unique_ptr<ossl_bignum_ctx, bssl::internal::Deleter>::~unique_ptr' requested here
CryptoMbEcdsaContext(bssl::UniquePtr<EC_KEY> ec_key, Event::Dispatcher& dispatcher,
^
In file included from contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.cc:1:
In file included from ./contrib/cryptomb/private_key_providers/source/cryptomb_private_key_provider.h:3:
In file included from ./envoy/api/api.h:3:
In file included from /usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/memory:76:
/usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/unique_ptr.h:182:4: error: no matching function for call to object of type 'bssl::internal::Deleter'
_M_deleter()(__old_p);
^~~~~~~~~~~~
/usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/unique_ptr.h:167:2: note: in instantiation of member function 'std::__uniq_ptr_impl<ossl_bignum_ctx, bssl::internal::Deleter>::reset' requested here
reset(__u.release());
^
/usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/unique_ptr.h:212:61: note: in instantiation of member function 'std::__uniq_ptr_impl<ossl_bignum_ctx, bssl::internal::Deleter>::operator=' requested here
__uniq_ptr_data& operator=(__uniq_ptr_data&&) = default;
^
bazel-out/k8-dbg/bin/bssl-compat/bssl-compat/include/openssl/base.h:541:8: note: candidate template ignored: substitution failure [with T = ossl_bignum_ctx]
void operator()(T *ptr) {
^
12 errors generated.
Target //contrib/cryptomb/private_key_providers/source:config failed to build
Use --verbose_failures to see the command lines of failed build steps.
INFO: Elapsed time: 412.513s, Critical Path: 406.18s
INFO: 607 processes: 3 internal, 604 linux-sandbox.
FAILED: Build did NOT complete successfully
Can anyone tell me what commands or parameters I need to use to compile these plugins?
Version of envoy-openssl: 1.32.13
The libbssl-compat.a library was successfully built.