Closed BeStrongok closed 2 years ago
Every instance should output a line saying Signature (should match the other side)
. Does the string that follows match between party 1 and 2?
yes, it does, follows Signature (should match the other side)
the error log of party 1 is:
terminate called after throwing an instance of 'boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector
MP-SPDZ uses the OpenSSL defaults for the choice of algorithms, which does not seem to include SM2. You probably need to add the desired algorithm using the following function (or similar): https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set1_sigalgs_list.html
The ctx
handle is accessible via native_handle()
of ssl_ctx
objects: https://github.com/data61/MP-SPDZ/blob/1460c9b5748c7cb7779cb79b2d3de792106be1f2/Networking/ssl_sockets.h#L26
thank you for your reply!!
I use these commands to generate the key and self-signed certification of partners:
openssl ecparam -genkey -name SM2 -out $ssl_dir/P$i.key openssl req -new -subj "/CN=P$i" -nodes -out $ssl_dir/ca$i.csr -key $ssl_dir/P$i.key -config ./Scripts/zz.cnf openssl x509 -req -days 3650 -extfile ./Scripts/v3-ca.ext -signkey $ssl_dir/P$i.key -in $ssl_dir/ca$i.csr -out $ssl_dir/P$i.pem
when i run shamir-party.x, something wrong:
Using security parameter 40 Client-side handshake with P1 failed. Make sure both sides have the necessary certificate (Player-Data/P2.pem in the default configuration on their side and Player-Data/P1.pem on ours), and run
c_rehashon its location. The certificates should be the same on every host. Also make sure that it's still valid. Certificates generated with
Scripts/setup-ssl.shexpire after a month. See also https://mp-spdz.readthedocs.io/en/latest/troubleshooting.html#handshake-failures
is there any way to fix it? thanks!