Skip to content

Commit

Permalink
Merge branch 'upstream/main'
Browse files Browse the repository at this point in the history
  • Loading branch information
@feventura
feventura committed Jan 11, 2024
2 parents 4b40af0 + eb80076 commit 659e826
Show file tree
Hide file tree
Showing 16 changed files with 114 additions and 125 deletions.
36 changes: 18 additions & 18 deletions .circleci/config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:
name: Clone and build liboqs (<< parameters.CMAKE_ARGS >>)
command: |
git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git &&
cd liboqs && mkdir build && cd build &&
cd liboqs && mkdir _build && cd _build &&
cmake -GNinja << parameters.CMAKE_ARGS >> -DCMAKE_INSTALL_PREFIX=$(pwd)/../../.local .. && ninja install &&
cd .. && cd .. && pwd
- when:
Expand All @@ -61,9 +61,9 @@ jobs:
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON"
fi
mkdir build && cd build && cmake -GNinja ${oqsprovider_cmake_args} -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd ..
mkdir _build && cd _build && cmake -GNinja ${oqsprovider_cmake_args} -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd ..
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
file build/lib/oqsprovider.a
file _build/lib/oqsprovider.a
fi
- when:
condition:
Expand All @@ -76,15 +76,15 @@ jobs:
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON"
fi
mkdir build && cd build && cmake -GNinja ${oqsprovider_cmake_args} -DUSE_ENCODING_LIB=ON -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd ..
mkdir _build && cd _build && cmake -GNinja ${oqsprovider_cmake_args} -DUSE_ENCODING_LIB=ON -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd ..
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
file build/lib/oqsprovider.a
file _build/lib/oqsprovider.a
fi
- run:
name: Run tests
command: |
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
ctest --test-dir build/
ctest --test-dir _build/
else
./scripts/runtests.sh -V
fi
Expand All @@ -107,15 +107,15 @@ jobs:
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON"
fi
rm -rf build && mkdir build && cd build && cmake -GNinja ${oqsprovider_cmake_args} -DNOPUBKEY_IN_PRIVKEY=ON -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja
rm -rf _build && mkdir _build && cd _build && cmake -GNinja ${oqsprovider_cmake_args} -DNOPUBKEY_IN_PRIVKEY=ON -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
file build/lib/oqsprovider.a
file _build/lib/oqsprovider.a
fi
- run:
name: Run tests (-DNOPUBKEY_IN_PRIVKEY=ON)
command: |
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
ctest --test-dir build/
ctest --test-dir _build/
else
./scripts/runtests.sh -V
fi
Expand Down Expand Up @@ -159,7 +159,7 @@ jobs:
name: Clone and build liboqs
command: |
git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git &&
export LIBOQS_INSTALLPATH=$(pwd)/.local && cd liboqs && mkdir build && cd build &&
export LIBOQS_INSTALLPATH=$(pwd)/.local && cd liboqs && mkdir _build && cd _build &&
export OPENSSL_INSTALL="$(brew --prefix << parameters.OPENSSL_PREINSTALL >> || echo "")"
cmake -GNinja -DOPENSSL_ROOT_DIR="${OPENSSL_INSTALL}" -DCMAKE_INSTALL_PREFIX=$LIBOQS_INSTALLPATH << parameters.CMAKE_ARGS >> .. && ninja install &&
cd .. && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$LIBOQS_INSTALLPATH/lib" >> "$BASH_ENV"
Expand All @@ -180,9 +180,9 @@ jobs:
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON"
fi
export OPENSSL_INSTALL=$(pwd)/.local && mkdir build && cd build && cmake -GNinja -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local ${oqsprovider_cmake_args} .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV"
export OPENSSL_INSTALL=$(pwd)/.local && mkdir _build && cd _build && cmake -GNinja -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local ${oqsprovider_cmake_args} .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV"
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
file build/lib/oqsprovider.a
file _build/lib/oqsprovider.a
fi
- when:
condition:
Expand All @@ -196,15 +196,15 @@ jobs:
oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON"
fi
export OPENSSL_INSTALL="$(brew --prefix << parameters.OPENSSL_PREINSTALL >>)"
mkdir build && cd build && liboqs_DIR=`pwd`/../.local cmake -GNinja -DOPENSSL_ROOT_DIR="${OPENSSL_INSTALL}" ${oqsprovider_cmake_args} .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV" && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$OPENSSL_INSTALL/lib" >> "$BASH_ENV"
mkdir _build && cd _build && liboqs_DIR=`pwd`/../.local cmake -GNinja -DOPENSSL_ROOT_DIR="${OPENSSL_INSTALL}" ${oqsprovider_cmake_args} .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV" && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$OPENSSL_INSTALL/lib" >> "$BASH_ENV"
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
file build/lib/oqsprovider.a
file _build/lib/oqsprovider.a
fi
- run:
name: Run tests
command: |
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
ctest --test-dir build/ --output-on-failure
ctest --test-dir _build/ --output-on-failure
else
./scripts/runtests.sh -V
fi
Expand All @@ -215,15 +215,15 @@ jobs:
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
oqsprovider_cmake_args="${oqsprovider_cmake_args} -DOQS_PROVIDER_BUILD_STATIC=ON"
fi
rm -rf build && mkdir build && cd build && cmake -GNinja -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local ${oqsprovider_cmake_args} .. && ninja
rm -rf _build && mkdir _build && cd _build && cmake -GNinja -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local ${oqsprovider_cmake_args} .. && ninja
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
file build/lib/oqsprovider.a
file _build/lib/oqsprovider.a
fi
- run:
name: Run tests
command: |
if << parameters.OQS_PROVIDER_BUILD_STATIC >> ; then
ctest --test-dir build/ --output-on-failure
ctest --test-dir _build/ --output-on-failure
else
./scripts/runtests.sh -V
fi
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/linux.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
- name: Full build
run: OQSPROV_CMAKE_PARAMS=${{ matrix.cmake-params}} ./scripts/fullbuild.sh
- name: Enable sibling oqsprovider for testing
run: cd build/lib && ln -s oqsprovider.so oqsprovider2.so
run: cd _build/lib && ln -s oqsprovider.so oqsprovider2.so
- name: Test
run: ./scripts/runtests.sh -V

Expand All @@ -50,9 +50,9 @@ jobs:
- name: Checkout code
uses: actions/checkout@v2
- name: Full build
run: OPENSSL_BRANCH=${{ matrix.ossl-branch }} ./scripts/fullbuild.sh
run: OPENSSL_BRANCH=${{ matrix.ossl-branch }} LIBOQS_BRANCH=main ./scripts/fullbuild.sh
- name: Enable sibling oqsprovider for testing
run: cd build/lib && ln -s oqsprovider.so oqsprovider2.so
run: cd _build/lib && ln -s oqsprovider.so oqsprovider2.so
- name: Test
run: ./scripts/runtests.sh -V
- name: Verify nothing changes on re-generate code
Expand All @@ -68,12 +68,12 @@ jobs:
! git status | grep modified
- name: Build .deb install package
run: cpack
working-directory: build
working-directory: _build
- name: Retain .deb installer
uses: actions/upload-artifact@v3
with:
name: oqsprovider-x64
path: build/*.deb
path: _build/*.deb

asan_linux_intel:
name: "Security checks"
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/macos.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,17 +57,17 @@ jobs:
key: ${{ runner.os }}-openssl32
- name: build liboqs
run: |
cmake -DOPENSSL_ROOT_DIR=../.localopenssl32 -DCMAKE_INSTALL_PREFIX=../.localliboqs ${{ matrix.params.oqsconfig }} -S . -B build
cmake --build build
cmake --install build
cmake -DOPENSSL_ROOT_DIR=../.localopenssl32 -DCMAKE_INSTALL_PREFIX=../.localliboqs ${{ matrix.params.oqsconfig }} -S . -B _build
cmake --build _build
cmake --install _build
working-directory: liboqs
- name: build oqs-provider
run: liboqs_DIR=.localliboqs cmake -DOPENSSL_ROOT_DIR=.localopenssl32 -S . -B build && cmake --build build
run: liboqs_DIR=.localliboqs cmake -DOPENSSL_ROOT_DIR=.localopenssl32 -S . -B _build && cmake --build _build
- name: Check Openssl providers
run: OPENSSL_MODULES=build/lib .localopenssl32/bin/openssl list -providers -provider oqsprovider -provider default
run: OPENSSL_MODULES=_build/lib .localopenssl32/bin/openssl list -providers -provider oqsprovider -provider default
- name: Run tests
run: PATH=../.localopenssl32/bin:$PATH ctest -V
working-directory: build
working-directory: _build
# Try brew install of head: If error message below appears, build and test passed successfully
- name: brew install test
run: brew install --HEAD --formula -s oqsprovider.rb 2>&1 | grep "Empty installation"
Expand All @@ -76,4 +76,4 @@ jobs:
uses: actions/upload-artifact@v3
with:
name: oqs-provider-${{matrix.os}}-x64
path: build/lib/oqsprovider.dylib
path: _build/lib/oqsprovider.dylib
6 changes: 3 additions & 3 deletions .github/workflows/standalone.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ on:
branches: [ '*' ]
pull_request:
branches: [ "main" ]

jobs:

macos_intel:
Expand All @@ -18,9 +18,9 @@ jobs:
- name: Checkout oqsprovider code
uses: actions/checkout@v2
- name: Build oqsprovider
run: cmake -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl@3 -S . -B build && cmake --build build
run: cmake -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl@3 -S . -B _build && cmake --build _build
- name: Test oqsprovider
run: ctest --parallel 5 --test-dir build
run: ctest --parallel 5 --test-dir _build

linux_intel:
runs-on: ubuntu-latest
Expand Down
48 changes: 25 additions & 23 deletions .github/workflows/windows.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,8 +58,8 @@ jobs:
which cmake
cmake --version
gcc --version
mkdir build
cd build
mkdir _build
cd _build
cmake -GNinja -DOPENSSL_ROOT_DIR=/opt/openssl32 -DCMAKE_INSTALL_PREFIX="${{ env.IP }}" ${{ matrix.platform.oqsconfig }} -DCMAKE_C_COMPILER=gcc ..
ninja
ninja install
Expand All @@ -79,17 +79,17 @@ jobs:
c:\cygwin\opt\openssl32
key: ${{ runner.os }}-cygwinopenssl32
- name: build oqs-provider
run: bash -c "git config --global --add safe.directory $(cygpath -u $PWD) && liboqs_DIR='${{ env.IP }}' cmake -GNinja -DCMAKE_C_COMPILER=gcc -DOPENSSL_ROOT_DIR=/opt/openssl32 -S . -B build && cd build && ninja && cd .."
run: bash -c "git config --global --add safe.directory $(cygpath -u $PWD) && liboqs_DIR='${{ env.IP }}' cmake -GNinja -DCMAKE_C_COMPILER=gcc -DOPENSSL_ROOT_DIR=/opt/openssl32 -S . -B _build && cd _build && ninja && cd .."
- name: Check Openssl providers
run: bash -c "OPENSSL_MODULES=build/lib /opt/openssl32/bin/openssl list -providers -provider oqsprovider -provider default"
run: bash -c "OPENSSL_MODULES=_build/lib /opt/openssl32/bin/openssl list -providers -provider oqsprovider -provider default"
- name: Run tests
run: bash -c "echo $PATH && PATH=/opt/openssl32/bin:/usr/bin ctest -V"
working-directory: build
working-directory: _build
- name: Retain oqsprovider.dll
uses: actions/upload-artifact@v3
with:
name: oqs-provider-cygwin
path: D:/a/oqs-provider/oqs-provider/build/bin/oqsprovider.dll
path: D:/a/oqs-provider/oqs-provider/_build/bin/oqsprovider.dll

msvc:
# Run a job for each of the specified target architectures:
Expand Down Expand Up @@ -125,6 +125,7 @@ jobs:
with:
set-safe-directory: true
repository: open-quantum-safe/liboqs
ref: main
path: liboqs
- uses: ilammy/msvc-dev-cmd@v1
with:
Expand All @@ -139,10 +140,10 @@ jobs:
if: steps.cache-openssl32.outputs.cache-hit != 'true'
# OQS_USE_OPENSSL=OFF by default on Win32
# if cmake --build fails, try explicit
# cd build && msbuild ALL_BUILD.vcxproj -p:Configuration=Release
# fails: cmake -DCMAKE_C_FLAGS="/wd5105" -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_INSTALL_PREFIX="c:\liboqs" ${{ matrix.platform.oqsconfig }} -S . -B build
# cd build && msbuild ALL_BUILD.vcxproj -p:Configuration=Release && cd ..
# cmake --install build
# cd _build && msbuild ALL_BUILD.vcxproj -p:Configuration=Release
# fails: cmake -DCMAKE_C_FLAGS="/wd5105" -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_INSTALL_PREFIX="c:\liboqs" ${{ matrix.platform.oqsconfig }} -S . -B _build
# cd _build && msbuild ALL_BUILD.vcxproj -p:Configuration=Release && cd ..
# cmake --install _build
- name: build liboqs
run: |
cmake --version
Expand All @@ -154,7 +155,7 @@ jobs:
working-directory: liboqs
- name: prepare the OpenSSL build directory
if: steps.cache-openssl32.outputs.cache-hit != 'true'
run: mkdir build
run: mkdir _build
working-directory: openssl
- name: OpenSSL config
if: steps.cache-openssl32.outputs.cache-hit != 'true'
Expand Down Expand Up @@ -187,17 +188,17 @@ jobs:
key: ${{ runner.os }}-msvcopenssl32
- name: build oqs-provider
run: |
cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B build
cd build
cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B _build
cd _build
ninja
- name: Run tests
run: |
ctest -V --test-dir build
ctest -V --test-dir _build
- name: Retain oqsprovider.dll
uses: actions/upload-artifact@v3
with:
name: oqs-provider-msvc
path: D:/a/oqs-provider/oqs-provider/build/lib/oqsprovider.dll
path: D:/a/oqs-provider/oqs-provider/_build/lib/oqsprovider.dll

msvc_native:
# Run a job for each of the specified target architectures:
Expand All @@ -210,7 +211,7 @@ jobs:
- arch: win64
oqsconfig: -DOQS_ALGS_ENABLED=STD
osslconfig: no-shared no-fips VC-WIN64A
toolchain:
toolchain:
- .CMake/toolchain_windows_amd64.cmake
msarch:
- x64
Expand All @@ -237,6 +238,7 @@ jobs:
with:
set-safe-directory: true
repository: open-quantum-safe/liboqs
ref: main
path: liboqs
- uses: ilammy/msvc-dev-cmd@v1
with:
Expand All @@ -258,12 +260,12 @@ jobs:
run: |
cmake --version
cmake -B build --toolchain ${{ matrix.toolchain }} .
cmake --build build
cmake --build build
cmake --build build --target INSTALL
working-directory: liboqs
- name: prepare the OpenSSL build directory
if: steps.cache-openssl32n.outputs.cache-hit != 'true'
run: mkdir build
run: mkdir _build
working-directory: openssl
- name: OpenSSL config
if: steps.cache-openssl32n.outputs.cache-hit != 'true'
Expand Down Expand Up @@ -292,14 +294,14 @@ jobs:
key: ${{ runner.os }}-msvcopenssl32n
- name: build oqs-provider
run: |
cmake -DCMAKE_BUILD_TYPE=${{ matrix.type }} -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32n" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B build
cmake --build build --config=${{ matrix.type }}
cmake -DCMAKE_BUILD_TYPE=${{ matrix.type }} -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32n" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B _build
cmake --build _build --config=${{ matrix.type }}
- name: Run tests
run: |
ctest --test-dir build -C ${{ matrix.type }}
ctest --test-dir _build -C ${{ matrix.type }}
- name: Retain oqsprovider.dll
uses: actions/upload-artifact@v3
with:
name: oqs-provider-msvc
path: D:/a/oqs-provider/oqs-provider/build/lib/oqsprovider.dll

path: D:/a/oqs-provider/oqs-provider/_build/lib/oqsprovider.dll
4 changes: 2 additions & 2 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
# checked out OSSL variants
openssl*/*
openssl*/*
openssl
# checked out liboqs
liboqs
# installed SW
.local
# build directory
build
_build
# generated from openssl src:
test/ssltestlib.c
test/ssltestlib.h
Expand Down
2 changes: 1 addition & 1 deletion ALGORITHMS.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ can be used to successfully confirm interoperability between the oqs-provider
and the Cloudflare infrastructure using this hybrid classic/quantum-safe algorithm:

```
OQS_CODEPOINT_X25519_KYBER512=65072 ./openssl/apps/openssl s_client -groups x25519_kyber512 -connect cloudflare.com:443 -provider-path build/oqsprov -provider oqsprovider -provider default
OQS_CODEPOINT_X25519_KYBER512=65072 ./openssl/apps/openssl s_client -groups x25519_kyber512 -connect cloudflare.com:443 -provider-path _build/oqsprov -provider oqsprovider -provider default
```

# OIDs
Expand Down
2 changes: 0 additions & 2 deletions GOVERNANCE.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,12 +59,10 @@ Current Maintainers and Committers are to be documented below by way of referenc
### Maintainers

@baentsch
@dstebila

### Committers

@baentsch
@bhess
@dstebila
@thb-sb
@christianpaquin
Loading

0 comments on commit 659e826

Please sign in to comment.