0-parameter OpenFHE works fine for MySQL

Author: Dongfang Zhao

src/pke/CMakeLists.txt

@@ -121,7 +121,7 @@ if( BUILD_STATIC )
 	set(_pal_pke_compile_defs_static ${_compile_defs_static} PARENT_SCOPE)
 endif()
 
-# === MySQL UDF Plugin ===
+# === HPDIC MOD: MySQL UDF Plugin ===
 add_library(hpdic_hermes SHARED udf/hpdic_hermes.cpp)
 
 target_include_directories(hpdic_hermes PRIVATE

src/pke/udf/deploy_hermes_udf.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+set -e
+
+MYSQL_USER="hpdic"
+MYSQL_PASS="hpdic2023"
+
+PLUGIN_NAME="libhpdic_hermes.so"
+PLUGIN_DIR="/usr/lib/mysql/plugin"
+OPENFHE_PLUGIN_LIB_DIR="$(pwd)/../../../build/lib/mysqlplugin"
+OPENFHE_CORE_LIB_DIR="$(pwd)/../../../build/lib"
+
+SYSTEMD_OVERRIDE_DIR="/etc/systemd/system/mysql.service.d"
+SYSTEMD_OVERRIDE_FILE="${SYSTEMD_OVERRIDE_DIR}/openfhe-env.conf"
+
+echo "[*] Step 1: Copy shared object and OpenFHE libs into MySQL plugin directory..."
+sudo cp -v "${OPENFHE_PLUGIN_LIB_DIR}/${PLUGIN_NAME}" "${PLUGIN_DIR}"
+
+# Copy OpenFHE core libraries
+sudo cp -v ${OPENFHE_CORE_LIB_DIR}/libOPENFHE*.so* "${PLUGIN_DIR}"
+
+echo "[*] Step 2: Disable AppArmor for mysqld..."
+if [ -e /etc/apparmor.d/usr.sbin.mysqld ]; then
+    sudo ln -sf /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/ || true
+    sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld || echo "[!] Warning: AppArmor profile removal reported already removed."
+else
+    echo "  [✓] No AppArmor profile found for mysqld. Skipping."
+fi
+
+echo "[*] Step 3: Set LD_LIBRARY_PATH for MySQL via systemd override..."
+sudo mkdir -p "${SYSTEMD_OVERRIDE_DIR}"
+sudo tee "${SYSTEMD_OVERRIDE_FILE}" >/dev/null <<EOF
+[Service]
+Environment=LD_LIBRARY_PATH=${PLUGIN_DIR}
+EOF
+
+echo "[*] Step 4: Reload systemd and restart MySQL..."
+sudo systemctl daemon-reexec
+sudo systemctl daemon-reload
+sudo systemctl restart mysql
+
+echo "[*] Step 5: Register UDF in MySQL..."
+mysql -u "${MYSQL_USER}" -p"${MYSQL_PASS}" <<EOF
+DROP FUNCTION IF EXISTS hermes_udf;
+CREATE FUNCTION hermes_udf RETURNS INTEGER SONAME '${PLUGIN_NAME}';
+SELECT hermes_udf();
+EOF

src/pke/udf/hpdic_hermes_enc.cpp

@@ -0,0 +1,39 @@
+#include <mysql.h>
+#include <iostream>
+#include "openfhe.h"
+
+using namespace lbcrypto;
+
+extern "C" {
+
+bool hermes_udf_init(UDF_INIT* initid, UDF_ARGS* args, char* message) {
+    return 0;
+}
+
+void hermes_udf_deinit(UDF_INIT* initid) {}
+
+long long hermes_udf(UDF_INIT* initid, UDF_ARGS* args, char* is_null, char* error) {
+    // Step 1: Create BFV context
+    CCParams<CryptoContextBFVRNS> parameters;
+    parameters.SetPlaintextModulus(65537);  // Large enough for simple integers
+    parameters.SetMultiplicativeDepth(1);
+    CryptoContext<DCRTPoly> cc = GenCryptoContext(parameters);
+    cc->Enable(PKE);
+
+    // Step 2: Key generation
+    auto kp = cc->KeyGen();
+
+    // Step 3: Encrypt a constant
+    Plaintext pt = cc->MakePackedPlaintext(std::vector<int64_t>{123});
+    auto ct = cc->Encrypt(kp.publicKey, pt);
+
+    // Step 4: Decrypt
+    Plaintext result;
+    cc->Decrypt(kp.secretKey, ct, &result);
+    result->SetLength(1);
+
+    // Step 5: Return the first slot value to MySQL
+    return result->GetPackedValue()[0];
+}
+
+}

src/pke/udf/hpdic_hermes_eval.cpp

@@ -0,0 +1,58 @@
+#include <mysql.h>
+#include <iostream>
+#include "openfhe.h"
+
+using namespace lbcrypto;
+
+extern "C" {
+
+// MySQL plugin init function (can remain minimal)
+bool hermes_udf_init(UDF_INIT* initid, UDF_ARGS* args, char* message) {
+    return 0;
+}
+
+void hermes_udf_deinit(UDF_INIT* initid) {}
+
+// Main UDF function
+long long hermes_udf(UDF_INIT* initid, UDF_ARGS* args, char* is_null, char* error) {
+    // Step 1: CryptoContext setup
+    CCParams<CryptoContextBFVRNS> parameters;
+    parameters.SetPlaintextModulus(65537);
+    parameters.SetMultiplicativeDepth(2);
+    CryptoContext<DCRTPoly> cc = GenCryptoContext(parameters);
+    cc->Enable(PKE);
+    cc->Enable(LEVELEDSHE);
+
+    // Step 2: KeyGen
+    auto kp = cc->KeyGen();
+    cc->EvalMultKeyGen(kp.secretKey);
+
+    // Step 3: Encode and Encrypt input vectors
+    std::vector<int64_t> v1 = {3, 4, 5};
+    std::vector<int64_t> v2 = {6, 7, 8};
+    auto pt1 = cc->MakePackedPlaintext(v1);
+    auto pt2 = cc->MakePackedPlaintext(v2);
+    auto ct1 = cc->Encrypt(kp.publicKey, pt1);
+    auto ct2 = cc->Encrypt(kp.publicKey, pt2);
+
+    // Step 4: Homomorphic operations
+    auto ct_add = cc->EvalAdd(ct1, ct2);
+    auto ct_mul = cc->EvalMult(ct1, ct2);
+
+    // Step 5: Decrypt
+    Plaintext pt_add, pt_mul;
+    cc->Decrypt(kp.secretKey, ct_add, &pt_add);
+    cc->Decrypt(kp.secretKey, ct_mul, &pt_mul);
+
+    pt_add->SetLength(v1.size());
+    pt_mul->SetLength(v1.size());
+
+    // Optional: Print for logging (visible only in syslog or stderr)
+    std::cerr << "Addition result: " << pt_add << std::endl;
+    std::cerr << "Multiplication result: " << pt_mul << std::endl;
+
+    // Step 6: Return first slot of addition as example
+    return pt_add->GetPackedValue()[0];
+}
+
+}

src/pke/udf/hpdic_hermes.cpp renamed to src/pke/udf/hpdic_hermes_minimal.cpp

@@ -0,0 +1,44 @@
+#!/bin/bash
+set -e
+
+# Resolve current script directory
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+PROJECT_ROOT="$(realpath "${SCRIPT_DIR}/../../../")"
+BUILD_DIR="${PROJECT_ROOT}/build"
+UDF_CPP_PATH="${PROJECT_ROOT}/src/pke/udf/hpdic_hermes.cpp"
+DEPLOY_SCRIPT="${PROJECT_ROOT}/src/pke/udf/deploy_hermes_udf.sh"
+MYSQL_TEST_SQL="/tmp/hermes_udf_test.sql"
+MYSQL_USER="hpdic"
+MYSQL_PASS="hpdic2023"
+
+echo "[*] Project root: ${PROJECT_ROOT}"
+echo "[*] Build dir: ${BUILD_DIR}"
+echo "[*] UDF source: ${UDF_CPP_PATH}"
+
+# Step 0: Validate
+if [ ! -f "${UDF_CPP_PATH}" ]; then
+    echo "[!] Source file not found: ${UDF_CPP_PATH}"
+    exit 1
+fi
+
+# Step 1: Rebuild
+echo "[*] Rebuilding OpenFHE plugin..."
+cd "${BUILD_DIR}"
+make -j $(nproc)
+
+# Step 2: Re-deploy
+echo "[*] Deploying updated .so to MySQL plugin directory..."
+cd "${PROJECT_ROOT}/src/pke/udf"
+bash "${DEPLOY_SCRIPT}"
+
+# Step 3: Register UDF and test
+echo "[*] Registering UDF and executing test query..."
+
+cat <<EOF > ${MYSQL_TEST_SQL}
+DROP FUNCTION IF EXISTS hermes_udf;
+CREATE FUNCTION hermes_udf RETURNS INTEGER SONAME 'libhpdic_hermes.so';
+SELECT hermes_udf();
+EOF
+
+mysql -u "${MYSQL_USER}" -p"${MYSQL_PASS}" < "${MYSQL_TEST_SQL}"
+rm -f "${MYSQL_TEST_SQL}"

src/pke/udf/rebuild_and_test.sh

@@ -0,0 +1,2 @@
+DROP FUNCTION IF EXISTS hermes_udf;
+CREATE FUNCTION hermes_udf RETURNS STRING SONAME 'libhpdic_hermes.so';