%global oqs_version 0.7.0 %global liboqs_min_version 0.11.0-3 Name: oqsprovider Version: %{oqs_version} Release: 3%{?dist} Summary: oqsprovider is an OpenSSL provider for quantum-safe algorithms based on liboqs License: Apache-2.0 AND MIT URL: https://github.com/open-quantum-safe/oqs-provider.git Source0: https://github.com/open-quantum-safe/oqs-provider/archive/refs/tags/%{oqs_version}.tar.gz Source1: oqsprovider.conf Patch01: 01-iana-kem-only.patch Requires: liboqs >= %{liboqs_min_version} Requires: openssl BuildRequires: ninja-build BuildRequires: cmake BuildRequires: gcc BuildRequires: liboqs-devel BuildRequires: openssl-devel BuildRequires: liboqs >= %{liboqs_min_version} %description oqs-provider fully enables quantum-safe cryptography for KEM key establishment in TLS1.3 including management of such keys via the OpenSSL (3.0) provider interface and hybrid KEM schemes. Also, QSC signatures including CMS functionality are available via the OpenSSL EVP interface. Key persistence is provided via the encode/decode mechanism and X.509 data structures. %prep %autosetup -T -b 0 -p1 -n oqs-provider-%{oqs_version} %build %cmake -GNinja -DCMAKE_BUILD_TYPE=Debug -DOQS_KEM_ENCODERS=ON -LAH .. %cmake_build %check cd "%{_vpath_builddir}" OPENSSL_CONF=/dev/null ctest -V %install mkdir -p $RPM_BUILD_ROOT/%{_libdir}/ossl-modules install %{_vpath_builddir}/lib/oqsprovider.so $RPM_BUILD_ROOT/%{_libdir}/ossl-modules (cd $RPM_BUILD_ROOT/%{_libdir}/ossl-modules/ && ln -s oqsprovider.so oqsprovider.so.%{oqs_version}) mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.d install -m644 '%{SOURCE1}' \ $RPM_BUILD_ROOT/%{_sysconfdir}/pki/tls/openssl.d/oqsprovider.conf %files %license LICENSE.txt %{_libdir}/ossl-modules/oqsprovider.so.%{oqs_version} %{_libdir}/ossl-modules/oqsprovider.so %config(noreplace) %{_sysconfdir}/pki/tls/openssl.d/oqsprovider.conf %changelog * Tue Oct 29 2024 Troy Dawson - 0.7.0-3 - Bump release for October 2024 mass rebuild: Resolves: RHEL-64018 * Thu Oct 24 2024 Dmitry Belyavskiy - 0.7.0-2 - OQS provider should provide only standard groups Resolves: RHEL-64277 * Thu Oct 17 2024 Dmitry Belyavskiy - 0.7.0-1 - Rebase oqsprovider to 0.7.0 Resolves: RHEL-56155 * Thu Oct 03 2024 Dmitry Belyavskiy - 0.6.1-2 - Add drop-in configuration for oqsprovider Resolves: RHEL-56891 * Thu Jul 11 2024 Dmitry Belyavskiy - 0.6.1-1 - Rebase oqsprovider to 0.6.1 Resolves: RHEL-43146 * Mon Jun 24 2024 Troy Dawson - 0.5.3-4 - Bump release for June 2024 mass rebuild * Thu Mar 21 2024 Dmitry Belyavskiy - 0.5.3-3 - add gating.yaml Related: RHEL-25983 * Fri Mar 01 2024 Dmitry Belyavskiy - 0.5.3-2 - We run tests with specially crafted OpenSSL configuration, not the system one Resolves: RHEL-25983 * Thu Feb 01 2024 Dmitry Belyavskiy - 0.5.3-1 - Update to 0.5.3 version Enable KEM encoders * Thu Jan 25 2024 Fedora Release Engineering - 0.5.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering - 0.5.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Oct 27 2023 Dmitry Belyavskiy - 0.5.2-1 - Switch to 0.5.2 version Resolves: rhbz#2224598 * Thu Jul 20 2023 Fedora Release Engineering - 0.5.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Tue Jul 18 2023 Dmitry Belyavskiy - 0.5.0-1 - Initial build of oqsprovider for Fedora