| raw e-mail | index | archive | help
The branch main has been updated by brnrd: URL: https://cgit.FreeBSD.org/ports/commit/?id=8f95f033ea062cccf0d3a7c2f2c17f5ba71096de commit 8f95f033ea062cccf0d3a7c2f2c17f5ba71096de Author: Bernard Spil <brnrd@FreeBSD.org> AuthorDate: 2024-12-08 18:13:25 +0000 Commit: Bernard Spil <brnrd@FreeBSD.org> CommitDate: 2024-12-09 08:03:28 +0000 security/openssl-oqsprovider: Add new port Quantum-safe algorithms provider for OpenSSL 3.x --- security/Makefile | 1 + security/openssl-oqsprovider/Makefile | 47 ++++++++++++++++++++++ security/openssl-oqsprovider/distinfo | 3 ++ .../openssl-oqsprovider/files/oqsprovider.cnf.in | 14 +++++++ security/openssl-oqsprovider/files/pkg-message.in | 11 +++++ security/openssl-oqsprovider/pkg-descr | 6 +++ 6 files changed, 82 insertions(+) diff --git a/security/Makefile b/security/Makefile index ca4b1cde0936..fb9b5bf8957e 100644 --- a/security/Makefile +++ b/security/Makefile @@ -445,6 +445,7 @@ SUBDIR += openssh-portable SUBDIR += openssl SUBDIR += openssl-agent + SUBDIR += openssl-oqsprovider SUBDIR += openssl-quictls SUBDIR += openssl-unsafe SUBDIR += openssl111 diff --git a/security/openssl-oqsprovider/Makefile b/security/openssl-oqsprovider/Makefile new file mode 100644 index 000000000000..d8a6276c3ea9 --- /dev/null +++ b/security/openssl-oqsprovider/Makefile @@ -0,0 +1,47 @@ +PORTNAME= oqsprovider +DISTVERSION= 0.7.0 +CATEGORIES= security +PKGNAMEPREFIX= openssl- + +MAINTAINER= brnrd@FreeBSD.org +COMMENT= quantum-resistant cryptography provider for OpenSSL +WWW= https://openquantumsafe.org/applications/tls.html#oqs-openssl-provider + +LICENSE= MIT +LICENSE_FILE= ${WRKSRC}/LICENSE.txt + +LIB_DEPENDS= liboqs.so:security/liboqs +TEST_ENVIRONMENT= OPENSSL_INSTALL=${LOCALBASE}/bin/openssl + +USES= cmake:testing ssl +USE_LDCONFIG= yes + +USE_GITHUB= yes +GH_ACCOUNT= open-quantum-safe +GH_PROJECT= oqs-provider + +CMAKE_ARGS= -DCMAKE_BUILD_TYPE=Debug\ + -DOPENSSL_ROOT_DIR=${OPENSSLBASE} \ + -DCMAKE_PREFIX_PATH=${OPENSSL_PATH} + +SUB_FILES= oqsprovider.cnf pkg-message + +PLIST_FILES= include/oqs-provider/oqs_prov.h \ + lib/ossl-modules/oqsprovider.so \ + openssl/oqsprovider.cnf + +.include <bsd.port.pre.mk> + +.if !defined(OPENSSL_PORT) && ${OSVERSION} < 1400000 +BROKEN= Requires OpenSSL 3.0+, preferably 3.2+ +.endif + +post-install: +.if ${OPENSSLLIB} == "/usr/lib" + ${MKDIR} ${STAGEDIR}${PREFIX}/lib/ossl-modules + ${MV} ${STAGEDIR}/usr/lib/ossl-modules/oqsprovider.so ${STAGEDIR}${PREFIX}/lib/ossl-modules +.endif + ${MKDIR} ${STAGEDIR}${PREFIX}/openssl + ${INSTALL_DATA} ${WRKDIR}/oqsprovider.cnf ${STAGEDIR}${PREFIX}/openssl/ + +.include <bsd.port.post.mk> diff --git a/security/openssl-oqsprovider/distinfo b/security/openssl-oqsprovider/distinfo new file mode 100644 index 000000000000..70d8d7e71a26 --- /dev/null +++ b/security/openssl-oqsprovider/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1732696794 +SHA256 (open-quantum-safe-oqs-provider-0.7.0_GH0.tar.gz) = dd7abda5aab2408672ca886baac7bceb629f918df2bca203038fb23949e3323f +SIZE (open-quantum-safe-oqs-provider-0.7.0_GH0.tar.gz) = 208082 diff --git a/security/openssl-oqsprovider/files/oqsprovider.cnf.in b/security/openssl-oqsprovider/files/oqsprovider.cnf.in new file mode 100644 index 000000000000..fbe7366354f9 --- /dev/null +++ b/security/openssl-oqsprovider/files/oqsprovider.cnf.in @@ -0,0 +1,14 @@ +# Replace the existing [provider_sect] and [default_provider] sections +# with this config + +[provider_sect] +default = default_sect +oqsprovider = oqsprovider_sect + +[default_sect] +activate = 1 + +[oqsprovider_sect] +activate = 1 +module = %%PREFIX%%/lib/ossl-modules/openssl-oqsprovider.so + diff --git a/security/openssl-oqsprovider/files/pkg-message.in b/security/openssl-oqsprovider/files/pkg-message.in new file mode 100644 index 000000000000..ef1a76cd7d99 --- /dev/null +++ b/security/openssl-oqsprovider/files/pkg-message.in @@ -0,0 +1,11 @@ +[ +{ type:install + message: <<EOM +To enable oqs-provider in OpenSSL, merge contents of the configuration file +%%PREFIX%%/openssl/oqsprovider.cnf with %%PREFIX%%/openssl/openssl.cnf. + +Expect issues if you're using OpenSSL < 3.2 +See https://github.com/open-quantum-safe/oqs-provider/blob/main/README.md#building-and-testing +EOM +} +] diff --git a/security/openssl-oqsprovider/pkg-descr b/security/openssl-oqsprovider/pkg-descr new file mode 100644 index 000000000000..84d9aa164883 --- /dev/null +++ b/security/openssl-oqsprovider/pkg-descr @@ -0,0 +1,6 @@ +Open Quantum Safe provider for OpenSSL + + +This port enables quantum-safe cryptography (QSC) in a standard OpenSSL +(3.x) distribution by way of implementing a single shared library, the +OpenSSL OQS provider.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?>