Skip to content

Commit

Permalink
Update
Browse files Browse the repository at this point in the history
* Modify algorithms in CI due to the change in hybrid signature algorithms in OQS-BoringSSL
* Update cURL

Signed-off-by: pi-314159 <[email protected]>
  • Loading branch information
pi-314159 committed Sep 19, 2024
1 parent 6e31ae7 commit f471bdc
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/quic.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,8 @@ jobs:
- name: Generate a quantum-safe certificate chain
run: |
docker run -v shared-1:/certs $TARGET_NAME/openssl3 /bin/sh -c "\
openssl req -x509 -new -newkey p256_falcon512 -keyout /certs/CA.key -out /certs/CA.crt -nodes -subj '/C=US/O=Open Quantum Safe/CN=OQS Demos' -days 1461 && \
openssl req -new -newkey mldsa87 -keyout /certs/server.key -out /certs/server.csr -nodes -subj /CN=host.docker.internal && \
openssl req -x509 -new -newkey rsa3072_falcon512 -keyout /certs/CA.key -out /certs/CA.crt -nodes -subj '/C=US/O=Open Quantum Safe/CN=OQS Demos' -days 1461 && \
openssl req -new -newkey sphincssha2128fsimple -keyout /certs/server.key -out /certs/server.csr -nodes -subj /CN=host.docker.internal && \
openssl x509 -req -in /certs/server.csr -out /certs/server.crt -CA /certs/CA.crt -CAkey /certs/CA.key -CAcreateserial -days 365"
shell: bash
- name: Build NGINX with QUIC support and start the server
Expand Down
4 changes: 2 additions & 2 deletions curl/Dockerfile-QUIC
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
FROM ubuntu:latest AS build

ARG CURL_VERSION=8.9.1
ARG CURL_VERSION=8.10.1
ARG QUICHE_VERSION=0.22.0

RUN apt update && apt install cmake gcc ninja-build libunwind-dev pkg-config build-essential cargo git wget -y && cd /root && \
Expand All @@ -13,7 +13,7 @@ RUN apt update && apt install cmake gcc ninja-build libunwind-dev pkg-config bui
# Build quiche
cd /root && git clone --recursive -b ${QUICHE_VERSION} https://github.com/cloudflare/quiche && cd quiche/quiche/deps && rm -R boringssl && ln -s /root/bssl boringssl && cd /root/quiche && cargo build --package quiche --release --features ffi,pkg-config-meta,qlog && cp -p target/release/libquiche.so /usr/local/lib/bssl/libquiche.so.0 && \
# Build curl
cd /root && wget https://curl.se/download/curl-${CURL_VERSION}.tar.gz && tar -zxf curl-${CURL_VERSION}.tar.gz && rm -R curl-${CURL_VERSION}.tar.gz && mv curl-${CURL_VERSION} curl && cd curl && LIBS=-lpthread ./configure LDFLAGS="-Wl,-rpath,/usr/local/lib/bssl" --with-openssl=/root/bssl/install --with-quiche=/root/quiche/target/release --prefix="/usr/local/curl" && make && make install
cd /root && wget https://curl.se/download/curl-${CURL_VERSION}.tar.gz && tar -zxf curl-${CURL_VERSION}.tar.gz && rm -R curl-${CURL_VERSION}.tar.gz && mv curl-${CURL_VERSION} curl && cd curl && LIBS=-lpthread ./configure LDFLAGS="-Wl,-rpath,/usr/local/lib/bssl" --with-openssl=/root/bssl/install --with-quiche=/root/quiche/target/release --without-libpsl --prefix="/usr/local/curl" && make && make install


FROM ubuntu:latest
Expand Down

0 comments on commit f471bdc

Please sign in to comment.