Updated oqsprovider to v0.7.0

Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25702)
2024-10-15 07:32:19 +02:00 · 2024-10-15 07:32:19 +02:00 · 8bcf488011
commit 8bcf488011
parent 36254fda37
3 changed files with 1 additions and 52 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 0ec51eca39d72867f309878f5bb9002f1c3e07fb
+Subproject commit c0ee292723fa1b37f86a42ddfdd804c35cc49ff3
--- a/test/recipes/95-test_external_oqsprovider_data/oqsprovider-externalinterop.sh
+++ b/test/recipes/95-test_external_oqsprovider_data/oqsprovider-externalinterop.sh
@ -1,49 +0,0 @@
-#!/bin/bash
-
-set -e 
-
-# Use newly built oqsprovider to test interop with external sites
-
-if [ -z "$OPENSSL_APP" ]; then
-    echo "OPENSSL_APP env var not set. Exiting."
-    exit 1
-fi
-
-if [ -z "$OPENSSL_MODULES" ]; then
-    echo "Warning: OPENSSL_MODULES env var not set."
-fi
-
-# Set OSX DYLD_LIBRARY_PATH if not already externally set
-if [ -z "$DYLD_LIBRARY_PATH" ]; then
-    export DYLD_LIBRARY_PATH=$LD_LIBRARY_PATH
-fi
-
-# We assume the value of env var HTTP_PROXY is "http://host.domain:port_num"
-if [ ! -z "${HTTP_PROXY}" ]; then
-    echo "Using Web proxy \"${HTTP_PROXY}\""
-    export USE_PROXY="-proxy ${HTTP_PROXY#http://} -allow_proxy_certs"
-else
-    export USE_PROXY=""
-fi
-
-# Ascertain algorithms are available:
-
-# skipping these tests for now as per https://mailarchive.ietf.org/arch/msg/tls/hli5ogDbUudAA4tZXskVbOqeor4
-# TBD replace with suitable ML-KEM hybrid tests as and when available XXX 
-
-exit 0
-
-echo " Cloudflare:"
-
-if ! ($OPENSSL_APP list -kem-algorithms | grep x25519_kyber768); then
-   echo "Skipping unconfigured x25519_kyber768 interop test"
-else
-   export OQS_CODEPOINT_X25519_KYBER512=65072
-   (echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | "${OPENSSL_APP}" s_client ${USE_PROXY} -connect pq.cloudflareresearch.com:443 -groups x25519_kyber768 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber768Draft00
-fi
-
-if ! ($OPENSSL_APP list -kem-algorithms | grep x25519_kyber512); then
-   echo "Skipping unconfigured x25519_kyber512 interop test"
-else
-   (echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | "${OPENSSL_APP}" s_client ${USE_PROXY} -connect pq.cloudflareresearch.com:443 -groups x25519_kyber512 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber512Draft00
-fi
--- a/test/recipes/95-test_external_oqsprovider_data/oqsprovider.sh
+++ b/test/recipes/95-test_external_oqsprovider_data/oqsprovider.sh
@ -71,6 +71,4 @@ export OPENSSL_MODULES=$PWD/_build/lib
 export OQS_PROVIDER_TESTSCRIPTS=$SRCTOP/oqs-provider/scripts
 export OPENSSL_CONF=$OQS_PROVIDER_TESTSCRIPTS/openssl-ca.cnf
 # Be verbose if harness is verbose:
-# temporarily replace external interop testing
-cp $SRCTOP/test/recipes/95-test_external_oqsprovider_data/oqsprovider-externalinterop.sh $SRCTOP/oqs-provider/scripts/
 $SRCTOP/oqs-provider/scripts/runtests.sh -V