From 894d65db9e4573515d6d74870d3bafe1371b0211 Mon Sep 17 00:00:00 2001 From: Spencer Wilson Date: Thu, 26 Sep 2024 12:22:24 -0400 Subject: [PATCH] Merge ps-libjade commit c10ac1f4771326e63ead5fa1ae8d684cc15325c1 Author: Pravek Sharma Date: Wed Sep 18 13:56:35 2024 -0400 fixup! Update fullbuild.sh to support -DOQS_LIBJADE_BUILD Signed-off-by: Pravek Sharma commit 12b45c7195a7de70b18cd8278ff70d47d44e8666 Author: Pravek Sharma Date: Wed Sep 18 13:20:24 2024 -0400 Update macos CI to build liboqs with -DOQS_LIBJADE_BUILD=ON Signed-off-by: Pravek Sharma commit f7d39190b91c6fb41d4da669a2abef21736845c1 Author: Pravek Sharma Date: Wed Sep 18 13:17:28 2024 -0400 Update CONFIGURE.md Signed-off-by: Pravek Sharma commit f2208304e5c9dd3f835a6f0bb68e01e60f1ff940 Author: Pravek Sharma Date: Wed Sep 18 13:16:31 2024 -0400 Update fullbuild.sh to support -DOQS_LIBJADE_BUILD Signed-off-by: Pravek Sharma --- .github/workflows/macos.yml | 2 +- CONFIGURE.md | 12 ++++++++++++ scripts/fullbuild.sh | 8 +++++++- 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 5bfc8c5b..d1f4ff98 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -59,7 +59,7 @@ jobs: key: ${{ runner.os }}-openssl32 - name: build liboqs run: | - cmake -DOPENSSL_ROOT_DIR=../.localopenssl32 -DCMAKE_INSTALL_PREFIX=../.localliboqs ${{ matrix.params.oqsconfig }} -S . -B _build + cmake -DOPENSSL_ROOT_DIR=../.localopenssl32 -DCMAKE_INSTALL_PREFIX=../.localliboqs -DOQS_LIBJADE_BUILD=ON ${{ matrix.params.oqsconfig }} -S . -B _build cmake --build _build cmake --install _build working-directory: liboqs diff --git a/CONFIGURE.md b/CONFIGURE.md index 309c9570..4c59c2f9 100644 --- a/CONFIGURE.md +++ b/CONFIGURE.md @@ -186,6 +186,18 @@ facilitated by setting the `liboqs` build option `-DOQS_ALGS_ENABLED=STD` when b `liboqs`. The list of algorithms supported by `oqs-provider` is defined by the contents of the file `generate.yml` documented in the [pre-build configuration](#pre-build-configuration). +### OQS_LIBJADE_BUILD + +This environment variable lets you specify the build option `-DOQS_LIBJADE_BUILD` for building liboqs when using the `fullbuild.sh` script. If this environment variable is not set `fullbuild.sh` defaults to building liboqs with `-DOQS_LIBJADE_BUILD=ON`. + +When building liboqs with `-DOQS_LIBJADE_BUILD=ON`, default implementations of post-quantum algorithms are replaced with formally verified implementations sourced from libjade[https://github.com/formosa-crypto/libjade] (if liboqs provied such an implementation.) Please refer to [liboqs documentation](https://github.com/open-quantum-safe/liboqs/blob/main/CONFIGURE.md#oqs_libjade_build) to see which algorithms have formally verified implementations and learn more about the `-DOQS_LIBJADE_BUILD` build option. + +For example, in order to build liboqs with `-DOQS_LIBJADE_BUILD=OFF`, you might run: + +``` +$ env OQS_LIBJADE_BUILD="OFF" bash scripts/fullbuild.sh +``` + ## Runtime options The `openssl` [property selection mechanism](https://www.openssl.org/docs/manmaster/man7/property.html) diff --git a/scripts/fullbuild.sh b/scripts/fullbuild.sh index 33de4c75..41eb3b0b 100755 --- a/scripts/fullbuild.sh +++ b/scripts/fullbuild.sh @@ -39,6 +39,12 @@ else export DOQS_ALGS_ENABLED="-DOQS_ALGS_ENABLED=$OQS_ALGS_ENABLED" fi +if [ -z "$OQS_LIBJADE_BUILD"]; then + export DOQS_LIBJADE_BUILD="-DOQS_LIBJADE_BUILD=ON" +else + export DOQS_LIBJADE_BUILD="-DOQS_LIBJADE_BUILD=$OQS_LIBJADE_BUILD" +fi + if [ -z "$OPENSSL_INSTALL" ]; then openssl version | grep "OpenSSL 3" > /dev/null 2>&1 #if [ \($? -ne 0 \) -o \( ! -z "$OPENSSL_BRANCH" \) ]; then @@ -109,7 +115,7 @@ if [ -z $liboqs_DIR ]; then # STD: only include NIST standardized algorithms # NIST_R4: only include algorithms in round 4 of the NIST competition # All: include all algorithms supported by liboqs (default) - cd liboqs && cmake -GNinja $CMAKE_PARAMS $DOQS_ALGS_ENABLED $CMAKE_OPENSSL_LOCATION -DCMAKE_INSTALL_PREFIX=$(pwd)/../.local -S . -B _build && cd _build && ninja && ninja install && cd ../.. + cd liboqs && cmake -GNinja $CMAKE_PARAMS $DOQS_ALGS_ENABLED $CMAKE_OPENSSL_LOCATION $DOQS_LIBJADE_BUILD -DCMAKE_INSTALL_PREFIX=$(pwd)/../.local -S . -B _build && cd _build && ninja && ninja install && cd ../.. if [ $? -ne 0 ]; then echo "liboqs build failed. Exiting." exit -1