js331zc/MastersThesis
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
4b6d13bbaa
MastersThesis/OpenSSL & oqsprovider/README.md
Jozef Šimko 4b6d13bbaa update readme
2024-02-19 17:22:01 +00:00

110 lines
3.4 KiB
Markdown
Raw Blame History

# OpenSSL & liboqs & oqsprovider
## About
Tento priečinok obsahuje detailný postup inštalácie potrebných knižníc na sprístupnenie PQ algoritmov v OpenSSL 3.2 a vzorové aplikácie klienta a serveru, ktoré využívajú PQ algoritmy pri štandardnej TCP/IP komunikácii s využitím protokolu TLS 1.3.
## Building
Inštalované a testované na:
| Platform | OS | compiler | cmake | ninja |
|:-----------------:|:---------------------------:|:------------------------------------------------:|:-------:|:-------:|
| Linux | Ubuntu 20.04.1 WLS2 | gcc version 11.4.0 (Ubuntu 11.4.0-1ubuntu1~22.04) | 1.10.1 | 3.22.1 |
| Windows | Windows 10.0.19043 | gcc version 14.0.0 20240107 (experimental) (MinGW-W64 x86_64-msvcrt-posix-seh) | 1.11.1 | 3.28.1 |
### :exclamation: **OpenSSL 3.2 je minimálna verzia OpenSSL, ktorá umožňuje využívať PQ algoritmy pri komunikácii** :exclamation:
### LINUX
#### OpenSSL 3.2
```
sudo apt install build-essential checkinstall -y
git clone https://github.com/openssl/openssl.git
https://github.com/openssl/openssl/releases/download/openssl-3.2.0/openssl-3.2.0.tar.gz
tar -xvf openssl-3.2.0.tar.gz
cd openssl-3.2.0
./Configure
make
sudo make install
export PATH="/usr/local:$PATH"
export LD_LIBRARY_PATH="/usr/local/lib64:$PATH"
cd /etc/ld.so.conf.d/
sudo touch openssl-3.2.0.conf
echo "/usr/local/lib64" | sudo tee -a openssl-3.2.0.conf
sudo ldconfig -v
```
#### LIBOQS
```
sudo apt install astyle cmake gcc ninja-build libssl-dev python3-pytest python3-pytest-xdist unzip xsltproc doxygen graphviz python3-yaml valgrind -y
git clone https://github.com/open-quantum-safe/liboqs.git
cd liboqs/
mkdir build && cd build
cmake -GNinja .. -DBUILD_SHARED_LIBS=ON -DOPENSSL_ROOT_DIR=/usr/local/lib64 -DOQS_ALGS_ENABLED=ALL
ninja
sudo ninja install
cd /etc/ld.so.conf.d/
sudo touch liboqs.conf
echo "/usr/local/lib" | sudo tee -a liboqs.conf
sudo ldconfig -v
```
#### OQS PROVIDER
```
git clone https://github.com/open-quantum-safe/oqs-provider.git
cd oqs-provider
cmake -S . -B _build -DOPENSSL_ROOT_DIR=/usr/local/lib64 -Dliboqs_DIR=/usr/local -DBUILD_SHARED_LIBS=ON
cmake --build _build
sudo cmake --install _build
```
```
cd /usr/local/ssl/
sudo nano openssl.cnf
```
- po inštalácii pridáme do konfiguračného súboru modul, ktorý permanentne aktivuje OQS provider a jeho funkcie pri používani OpenSSL
- `Note: Be sure to always activate the "default" provider`
- v prípade potreby je možné konfiguračný súbor nahradiť súborom z tohto priečinku
```
[provider_sect]
default = default_sect
oqsprovider = oqsprovider_sect
[oqsprovider_sect]
activate = 1
```
### WINDOWS
Winlibs
copy + path update
make rename
LIBOQS
```
mkdir build
cd build
cmake -GNinja .. -DOPENSSL_ROOT_DIR='D:\TUKE\DIPLOMOVKA\WIN\openssl-3\x64\bin\' -DOQS_ALGS_ENABLED=ALL -DCMAKE_C_LINK_LIBRARY_FLAG="-lssl -lcrypto"
d:\mingw64\lib\ - nakopírované ssl a crypto
cmake_install.cmake - set(CMAKE_INSTALL_PREFIX - uprava cesty kde chceme inštalovať
```
OQS-PROVIDER
```
cmake -GNinja .. -DOPENSSL_ROOT_DIR="C:\Program Files\Common Files\FireDaemon SSL 3" -Dliboqs_DIR=d:\liboqs\lib\cmake\liboqs\ -DBUILD_SHARED_LIBS=OFF
ninja
ninja install
```
- oqs_test_tlssig.c - added certsdir mingw64 check
- alebo ignorovat testy
config do hlavnej zložky - c:\Program Files\Common Files\FireDaemon SSL 3\
Reference in New Issue View Git Blame Copy Permalink