-
Notifications
You must be signed in to change notification settings - Fork 79
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: PI <[email protected]>
- Loading branch information
Showing
3 changed files
with
60 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
FROM ubuntu:latest AS build | ||
|
||
ARG CURL_VERSION=8.9.1 | ||
ARG QUICHE_VERSION=0.22.0 | ||
|
||
RUN apt update && apt install cmake gcc ninja-build libunwind-dev pkg-config build-essential cargo git wget -y && cd /root && \ | ||
# Clone BoringSSL&liboqs | ||
git clone --branch master https://github.com/open-quantum-safe/boringssl.git bssl && git clone --branch main --single-branch --depth 1 https://github.com/open-quantum-safe/liboqs.git && \ | ||
# Build liboqs | ||
cd liboqs && mkdir build && cd build && cmake -G"Ninja" -DCMAKE_INSTALL_PREFIX=../../bssl/oqs -DOQS_USE_OPENSSL=OFF .. && ninja && ninja install && \ | ||
# Build BoringSSL | ||
cd /root/bssl && mkdir build && cd build && cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=1 .. && ninja && ninja install && cp -rp ../install/include /usr/local/include/bssl && cp -rp ../install/lib /usr/local/lib/bssl && \ | ||
# Build quiche | ||
cd /root && git clone --recursive -b ${QUICHE_VERSION} https://github.com/cloudflare/quiche && cd quiche/quiche/deps && rm -R boringssl && ln -s /root/bssl boringssl && cd /root/quiche && cargo build --package quiche --release --features ffi,pkg-config-meta,qlog && cp -p target/release/libquiche.so /usr/local/lib/bssl/libquiche.so.0 && \ | ||
# Build curl | ||
cd /root && wget https://curl.se/download/curl-${CURL_VERSION}.tar.gz && tar -zxf curl-${CURL_VERSION}.tar.gz && rm -R curl-${CURL_VERSION}.tar.gz && mv curl-${CURL_VERSION} curl && cd curl && LIBS=-lpthread ./configure LDFLAGS="-Wl,-rpath,/usr/local/lib/bssl" --with-openssl=/root/bssl/install --with-quiche=/root/quiche/target/release --prefix="/usr/local/curl" && make && make install | ||
|
||
|
||
FROM ubuntu:latest | ||
|
||
COPY --from=build /usr/local/include/bssl /usr/local/include/bssl | ||
COPY --from=build /usr/local/lib/bssl /usr/local/lib/bssl | ||
COPY --from=build /usr/local/curl /usr/local/curl | ||
|
||
RUN ln -s /usr/local/curl/bin/curl /usr/local/bin/curl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
# cURL with OQS-BoringSSL for QUIC | ||
|
||
This Docker setup provides a curl instance configured to use OQS-BoringSSL, which supports QUIC with quantum-safe algorithms. For more information on the supported quantum-safe algorithms and how to enable additional algorithms, please refer to the following resources: | ||
|
||
- [Supported Algorithms](https://github.com/open-quantum-safe/boringssl?tab=readme-ov-file#supported-algorithms) | ||
- [Using LibOQS Algorithms Not in the Fork](https://github.com/open-quantum-safe/boringssl/wiki/Using-liboqs-algorithms-not-in-the-fork) | ||
|
||
## Setup Instructions | ||
|
||
### Step 1: Build the Docker Image | ||
|
||
Build the Docker image using the provided Dockerfile: | ||
|
||
```bash | ||
docker build -t curl-quic -f Dockerfile-QUIC . | ||
``` | ||
|
||
### Step 2: Start the Docker Container | ||
|
||
To start the container from the Docker image, use the following command: | ||
|
||
```bash | ||
docker run -it --name curl-quic-instance curl-quic | ||
``` | ||
|
||
### Step 3: Use cURL Inside the Container | ||
|
||
Once inside the container, you can use the following command to make HTTP/3 requests: | ||
|
||
```bash | ||
curl --http3-only https://example.com -curves kex | ||
``` | ||
|
||
In this command, `kex` represents the key exchange algorithm, such as `mlkem768`. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters