diff --git a/.circleci/config.yml b/.circleci/config.yml index 3bff4ec1..ac55e942 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -105,6 +105,7 @@ jobs: docker tag oqs-nginx-img $TARGETNAME/nginx:latest && docker push $TARGETNAME/nginx:latest +# Not actively maintained: ubuntu_x64_openlitespeed: description: Building and pushing OQS-openlitespeed demo Docker images docker: @@ -143,6 +144,7 @@ jobs: docker tag oqs-openlitespeed $TARGETNAME/openlitespeed:latest && docker push $TARGETNAME/openlitespeed:latest +# Not actively maintained: ubuntu_x64_quic: description: Building and pushing OQS-QUIC-nginx and OQS-msquic demo Docker images docker: @@ -246,6 +248,7 @@ jobs: docker tag oqs-httpd-img $TARGETNAME/httpd:latest && docker push $TARGETNAME/httpd:latest +# Not actively maintained: ubuntu_x64_haproxy: description: Building OQS-based HAproxy docker image docker: @@ -284,6 +287,7 @@ jobs: docker tag oqs-haproxy-img $TARGETNAME/haproxy:latest && docker push $TARGETNAME/haproxy:latest +# Not actively maintained: ubuntu_x64_openvpn: description: Building OQS-based OpenVPN docker image docker: @@ -321,6 +325,7 @@ jobs: docker tag oqs-openvpn $TARGETNAME/openvpn:latest && docker push $TARGETNAME/openvpn:latest +# Not actively maintained: ubuntu_x64_mosquitto: description: Building OQS-based Mosquitto docker image docker: @@ -363,6 +368,7 @@ jobs: docker tag oqs-mosquitto $TARGETNAME/mosquitto:latest && docker push $TARGETNAME/mosquitto:latest +# Not actively maintained: ubuntu_x64_wireshark: description: Building OQS-based wireshark docker image docker: @@ -393,6 +399,7 @@ jobs: command: | docker push $TARGETNAME/wireshark +# Not actively maintained: ubuntu_x64_ngtcp2: description: Building OQS-based ngtcp2 docker image docker: @@ -439,6 +446,7 @@ jobs: docker push $TARGETNAME/ngtcp2-server:latest && docker push $TARGETNAME/ngtcp2-client:latest +# Not actively maintained: ubuntu_x64_openssh: description: A template for building and pushing OQS demo Docker images on Ubuntu that do not use OQS-OpenSSL, but rather liboqs in another form @@ -471,6 +479,7 @@ jobs: docker tag oqs-openssh-img $TARGETNAME/openssh:latest && docker push $TARGETNAME/openssh:latest +# Not actively maintained: ubuntu_x64_envoy: description: Building and pushing OQS-enabled envoy docker: @@ -525,6 +534,7 @@ jobs: docker tag envoy-oqs $TARGETNAME/envoy:latest && docker push $TARGETNAME/envoy:latest +# Not actively maintained: ubuntu_x64_h2load: description: Building and pushing OQS-h2load demo Docker images docker: @@ -576,22 +586,22 @@ workflows: context: openquantumsafe #- ubuntu_x64_haproxy: # context: openquantumsafe - - ubuntu_x64_openvpn: - context: openquantumsafe + #- ubuntu_x64_openvpn: + # context: openquantumsafe #- ubuntu_x64_mosquitto: # context: openquantumsafe - - ubuntu_x64_ngtcp2: - context: openquantumsafe - - ubuntu_x64_openssh: - context: openquantumsafe + #- ubuntu_x64_ngtcp2: + # context: openquantumsafe + #- ubuntu_x64_openssh: + # context: openquantumsafe # Disabled in CI as failing to conclude test properly as per # https://github.com/open-quantum-safe/oqs-demos/pull/167#issuecomment-1383673300 # - ubuntu_x64_openlitespeed: # context: openquantumsafe - - ubuntu_x64_wireshark: - context: openquantumsafe + #- ubuntu_x64_wireshark: + # context: openquantumsafe # Disable as it takes too long on OQS CCI plan #- ubuntu_x64_envoy: # context: openquantumsafe - - ubuntu_x64_h2load: - context: openquantumsafe + #- ubuntu_x64_h2load: + # context: openquantumsafe diff --git a/README.md b/README.md index 2811d7f8..3186ae02 100644 --- a/README.md +++ b/README.md @@ -10,31 +10,32 @@ A repository of instructions (with associated patches and scripts) to enable, th In most cases, Dockerfiles encode the instructions for ease-of-use: Just do `docker build -t .`. For more detailed usage instructions (parameters, algorithms, etc.) refer to the README for each package. Pre-built Docker images may also be available. -Currently supported packages: - -| | **Build instructions** | **Pre-built Docker image or binary files** | -| ---------------- | -------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | -| **curl** | [Github: oqs-demos/curl](curl) | [Dockerhub: openquantumsafe/curl](https://hub.docker.com/repository/docker/openquantumsafe/curl) | -| **Apache httpd** | [Github: oqs-demos/httpd](httpd) | [Dockerhub: openquantumsafe/httpd](https://hub.docker.com/repository/docker/openquantumsafe/httpd) | -| **nginx** | [Github: oqs-demos/nginx](nginx) | [Dockerhub: openquantumsafe/nginx](https://hub.docker.com/repository/docker/openquantumsafe/nginx) | -| **Chromium** | [Github: oqs-demos/chromium](chromium) (limited support) | - | -| **OpenSSH** | [Github: oqs-demos/openssh](openssh) | [Dockerhub: openquantumsafe/openssh](https://hub.docker.com/repository/docker/openquantumsafe/openssh) | -| **Wireshark** | [Github: oqs-demos/wireshark](wireshark) | [Dockerhub: openquantumsafe/wireshark](https://hub.docker.com/repository/docker/openquantumsafe/wireshark) | -| **Epiphany** | [Github: oqs-demos/epiphany](epiphany) | [Dockerhub: openquantumsafe/epiphany](https://hub.docker.com/repository/docker/openquantumsafe/epiphany) | -| **OpenVPN** | [Github: oqs-demos/openvpn](openvpn) | [Dockerhub: openquantumsafe/openvpn](https://hub.docker.com/repository/docker/openquantumsafe/openvpn) | -| **ngtcp2** | [Github: oqs-demos/ngtcp2](ngtcp2) | Dockerhub: [Server: openquantumsafe/ngtcp2-server](https://hub.docker.com/repository/docker/openquantumsafe/ngtcp2-server), [Client: openquantumsafe/ngtcp2-client](https://hub.docker.com/repository/docker/openquantumsafe/ngtcp2-client) | -| **OpenLiteSpeed** | [Github: oqs-demos/openlitespeed](openlitespeed) | [ Dockerhub: openquantumsafe/openlitespeed](https://hub.docker.com/repository/docker/openquantumsafe/openlitespeed) | -| **h2load** | [Github: oqs-demos/h2load](h2load) | [ Dockerhub: openquantumsafe/h2load](https://hub.docker.com/repository/docker/openquantumsafe/h2load) | - - - -You can use the openssl (s_client), curl and GNOME Web/epiphany clients with all algorithm combinations available at the Open Quantum Safe TLS/X.509 interoperability test server at https://test.openquantumsafe.org (set up using `oqs-provider v0.5.2` and `liboqs v0.9.0`). Chromium and [oqs-boringssl](https://github.com/open-quantum-safe/boringssl) are no longer maintained to the same set of algorithms, so are not to be expected to (inter)operate fully with the test server. +As the level of interest in providing and maintaining these integrations for public consumption has fallen, the packages are tagged with the github monikers of the persons willing to keep supporting them or the term "unsupported". If that tag is listed, no CI and github support for the integration is available and the code shall be seen as a snapshot that once worked only. + +We are explicitly soliciting contributors to maintain those integrations labelled "unsupported". + +Currently available integrations at their respective support level: + +| | **Build instructions** | **Pre-built Docker image or binary files** | Support? | +| ---------------- | -------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | -------- | +| **curl** | [Github: oqs-demos/curl](curl) | [Dockerhub: openquantumsafe/curl](https://hub.docker.com/repository/docker/openquantumsafe/curl) | @baentsch +| **Apache httpd** | [Github: oqs-demos/httpd](httpd) | [Dockerhub: openquantumsafe/httpd](https://hub.docker.com/repository/docker/openquantumsafe/httpd) | @baentsch +| **nginx** | [Github: oqs-demos/nginx](nginx) | [Dockerhub: openquantumsafe/nginx](https://hub.docker.com/repository/docker/openquantumsafe/nginx) | @baentsch, @bhess +| **Chromium** | [Github: oqs-demos/chromium](chromium) (limited support) | - | @pi-314159 | +| **OpenSSH** | [Github: oqs-demos/openssh](openssh) | [Dockerhub: openquantumsafe/openssh](https://hub.docker.com/repository/docker/openquantumsafe/openssh) | unsupported +| **Wireshark** | [Github: oqs-demos/wireshark](wireshark) | [Dockerhub: openquantumsafe/wireshark](https://hub.docker.com/repository/docker/openquantumsafe/wireshark) | unsupported +| **Epiphany** | [Github: oqs-demos/epiphany](epiphany) | [Dockerhub: openquantumsafe/epiphany](https://hub.docker.com/repository/docker/openquantumsafe/epiphany) | unsupported +| **OpenVPN** | [Github: oqs-demos/openvpn](openvpn) | [Dockerhub: openquantumsafe/openvpn](https://hub.docker.com/repository/docker/openquantumsafe/openvpn) | unsupported +| **ngtcp2** | [Github: oqs-demos/ngtcp2](ngtcp2) | Dockerhub: [Server: openquantumsafe/ngtcp2-server](https://hub.docker.com/repository/docker/openquantumsafe/ngtcp2-server), [Client: openquantumsafe/ngtcp2-client](https://hub.docker.com/repository/docker/openquantumsafe/ngtcp2-client) | unsupported +| **OpenLiteSpeed** | [Github: oqs-demos/openlitespeed](openlitespeed) | [ Dockerhub: openquantumsafe/openlitespeed](https://hub.docker.com/repository/docker/openquantumsafe/openlitespeed) | unsupported +| **h2load** | [Github: oqs-demos/h2load](h2load) | [ Dockerhub: openquantumsafe/h2load](https://hub.docker.com/repository/docker/openquantumsafe/h2load) | unsupported +| **QUIC** | [Github: oqs-demos/quic](quic) | Dockerhub: [Server: openquantumsafe/nginx-quic](https://hub.docker.com/repository/docker/openquantumsafe/nginx-quic), [Client: openquantumsafe/msquic](https://hub.docker.com/repository/docker/openquantumsafe/msquic-reach) | unsupported +| **HAproxy** | [Github: oqs-demos/haproxy](haproxy) | [Dockerhub: openquantumsafe/haproxy](https://hub.docker.com/repository/docker/openquantumsafe/haproxy) | unsupported +| **Mosquitto** | [Github: oqs-demos/mosquitto](mosquitto) | [Dockerhub: openquantumsafe/mosquitto](https://hub.docker.com/repository/docker/openquantumsafe/mosquitto) | unsupported +| **Envoy** | [Github: oqs-demos/envoy](envoy) | [ Dockerhub: openquantumsafe/envoy](https://hub.docker.com/repository/docker/openquantumsafe/envoy) | unsupported +| **Unbound** | [Github: oqs-demos/unbound](unbound) | [ Dockerhub: openquantumsafe/unbound](https://hub.docker.com/repository/docker/openquantumsafe/unbound) | unsupported + +It should be possible to use the openssl (s_client), curl and GNOME Web/epiphany clients with all algorithm combinations available at the Open Quantum Safe TLS/X.509 interoperability test server at https://test.openquantumsafe.org (set up using `oqs-provider v0.6.0` and `liboqs v0.10.0`) but no guarantees are given for software not explicitly labelled with the name of a person offering support for it. Also Chromium and [oqs-boringssl](https://github.com/open-quantum-safe/boringssl) are no longer maintained to the same set of algorithms, so are not to be expected to (inter)operate fully with the test server. ## Contributing @@ -46,8 +47,6 @@ All modifications to this repository are released under the same terms as [liboq ## Team -The Open Quantum Safe project is led by [Douglas Stebila](https://www.douglas.stebila.ca/research/) and [Michele Mosca](http://faculty.iqc.uwaterloo.ca/mmosca/)at the University of Waterloo. - ## Contributors to oqs-demos include: Christian Paquin (Microsoft Research) @@ -66,8 +65,7 @@ The Open Quantum Safe project is led by [Douglas Stebila](https://www.douglas.st ## Acknowledgments -Financial support for the development of Open Quantum Safe has been provided by Amazon Web Services and the Canadian Centre for Cyber Security. +Most effort in this project has been provided by individual contributors working in their own time and out of personal interest to see how PQ crypto integrates into existing software stacks. -We'd like to make a special acknowledgement to the companies who have dedicated programmer time to contribute source code to OQS, including Amazon Web Services, evolutionQ, Microsoft Research, Cisco Systems, IBM Research and Fachhochschule Nordwestschweiz. +This project is part of [Open Quantum Safe](https://openquantumsafe.org/news/). -Research projects which developed specific components of OQS have been supported by various research grants, including funding from the Natural Sciences and Engineering Research Council of Canada (NSERC); see here and here for funding acknowledgments.