pool/liboqs
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1230160 from home:msmeissn:branches:devel:libraries:c_c++

Browse Source 
- Updated to 0.12.0:
  - This release updates the ML-DSA implementation to the [final
    FIPS 204](https://csrc.nist.gov/pubs/fips/204/final) version. This
    release still includes the NIST Round 3 version of Dilithium for
    interoperability purposes, but we plan to remove Dilithium Round 3 in
    a future release.
  - This will be the last release of liboqs to include Kyber (that is,
    the NIST Round 3 version of Kyber, prior to its standardization by NIST
    as ML-KEM in FIPS 203). Applications should switch to ML-KEM (FIPS 203).
  - The addition of ML-DSA FIPS 204 final version to liboqs has
    introduced a new signature API which includes a context string
    parameter. We are planning to remove the old version of the API
    without a context string in the next release to streamline the
    API and bring it in line with NIST specifications. Users who
    have an opinion on this removal are invited to provide input at
    https://github.com/open-quantum-safe/liboqs/issues/2001.
  Security issues:
  - CVE-2024-54137: Fixed bug in HQC decapsulation that leads to incorrect
    shared secret value during decapsulation when called with an invalid
    ciphertext. (bsc#1234292)

OBS-URL: https://build.opensuse.org/request/show/1230160
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/liboqs?expand=0&rev=27
This commit is contained in:
Marcus Meissner 2024-12-11 16:00:31 +00:00 committed by Git OBS Bridge
commit 7a3705cf7f
10 changed files with 537 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.osc

BIN
0.10.1.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.

BIN
0.11.0.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.

BIN
0.12.0.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.

2
baselibs.conf Normal file
View File

@ -0,0 +1,2 @@
liboqs7
liboqs-devel

174
liboqs-fix-build.patch Normal file
View File

@ -0,0 +1,174 @@
Index: liboqs-0.8.0/src/kem/kyber/pqcrystals-kyber_kyber1024_ref/kem.h
===================================================================
--- liboqs-0.8.0.orig/src/kem/kyber/pqcrystals-kyber_kyber1024_ref/kem.h
+++ liboqs-0.8.0/src/kem/kyber/pqcrystals-kyber_kyber1024_ref/kem.h
@@ -30,12 +30,13 @@
#endif
#define crypto_kem_keypair KYBER_NAMESPACE(keypair)
-int crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
+int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES], uint8_t sk[KYBER_SECRETKEYBYTES]);
+
#define crypto_kem_enc KYBER_NAMESPACE(enc)
-int crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
+int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES], uint8_t ss[KYBER_SSBYTES], const uint8_t pk[KYBER_PUBLICKEYBYTES]);
#define crypto_kem_dec KYBER_NAMESPACE(dec)
-int crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
+int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES], const uint8_t ct[KYBER_CIPHERTEXTBYTES], const uint8_t sk[KYBER_SECRETKEYBYTES]);
#endif
Index: liboqs-0.8.0/src/kem/kyber/pqcrystals-kyber_kyber512_ref/kem.h
===================================================================
--- liboqs-0.8.0.orig/src/kem/kyber/pqcrystals-kyber_kyber512_ref/kem.h
+++ liboqs-0.8.0/src/kem/kyber/pqcrystals-kyber_kyber512_ref/kem.h
@@ -30,12 +30,15 @@
#endif
#define crypto_kem_keypair KYBER_NAMESPACE(keypair)
-int crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
+int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES], uint8_t sk[KYBER_SECRETKEYBYTES]);
+
#define crypto_kem_enc KYBER_NAMESPACE(enc)
-int crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
+int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES], uint8_t ss[KYBER_SSBYTES], const uint8_t pk[KYBER_PUBLICKEYBYTES]);
+
#define crypto_kem_dec KYBER_NAMESPACE(dec)
-int crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
+int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES], const uint8_t ct[KYBER_CIPHERTEXTBYTES], const uint8_t sk[KYBER_SECRETKEYBYTES]);
+
#endif
Index: liboqs-0.8.0/src/kem/kyber/pqcrystals-kyber_kyber768_ref/kem.h
===================================================================
--- liboqs-0.8.0.orig/src/kem/kyber/pqcrystals-kyber_kyber768_ref/kem.h
+++ liboqs-0.8.0/src/kem/kyber/pqcrystals-kyber_kyber768_ref/kem.h
@@ -30,12 +30,14 @@
#endif
#define crypto_kem_keypair KYBER_NAMESPACE(keypair)
-int crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
+int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES], uint8_t sk[KYBER_SECRETKEYBYTES]);
+
#define crypto_kem_enc KYBER_NAMESPACE(enc)
-int crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
+int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES], uint8_t ss[KYBER_SSBYTES], const uint8_t pk[KYBER_PUBLICKEYBYTES]);
+
#define crypto_kem_dec KYBER_NAMESPACE(dec)
-int crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
+int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES], const uint8_t ct[KYBER_CIPHERTEXTBYTES], const uint8_t sk[KYBER_SECRETKEYBYTES]);
#endif
Index: liboqs-0.8.0/src/kem/kyber/pqcrystals-kyber_kyber512_ref/kem.c
===================================================================
--- liboqs-0.8.0.orig/src/kem/kyber/pqcrystals-kyber_kyber512_ref/kem.c
+++ liboqs-0.8.0/src/kem/kyber/pqcrystals-kyber_kyber512_ref/kem.c
@@ -20,8 +20,7 @@
*
* Returns 0 (success)
**************************************************/
-int crypto_kem_keypair(uint8_t *pk,
- uint8_t *sk)
+int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES], uint8_t sk[KYBER_SECRETKEYBYTES])
{
size_t i;
indcpa_keypair(pk, sk);
@@ -48,9 +47,7 @@ int crypto_kem_keypair(uint8_t *pk,
*
* Returns 0 (success)
**************************************************/
-int crypto_kem_enc(uint8_t *ct,
- uint8_t *ss,
- const uint8_t *pk)
+int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES], uint8_t ss[KYBER_SSBYTES], const uint8_t pk[KYBER_PUBLICKEYBYTES])
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@@ -91,9 +88,7 @@ int crypto_kem_enc(uint8_t *ct,
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
-int crypto_kem_dec(uint8_t *ss,
- const uint8_t *ct,
- const uint8_t *sk)
+int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES], const uint8_t ct[KYBER_CIPHERTEXTBYTES], const uint8_t sk[KYBER_SECRETKEYBYTES])
{
size_t i;
int fail;
Index: liboqs-0.8.0/src/kem/kyber/pqcrystals-kyber_kyber768_ref/kem.c
===================================================================
--- liboqs-0.8.0.orig/src/kem/kyber/pqcrystals-kyber_kyber768_ref/kem.c
+++ liboqs-0.8.0/src/kem/kyber/pqcrystals-kyber_kyber768_ref/kem.c
@@ -20,8 +20,7 @@
*
* Returns 0 (success)
**************************************************/
-int crypto_kem_keypair(uint8_t *pk,
- uint8_t *sk)
+int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES], uint8_t sk[KYBER_SECRETKEYBYTES])
{
size_t i;
indcpa_keypair(pk, sk);
@@ -48,9 +47,7 @@ int crypto_kem_keypair(uint8_t *pk,
*
* Returns 0 (success)
**************************************************/
-int crypto_kem_enc(uint8_t *ct,
- uint8_t *ss,
- const uint8_t *pk)
+int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES], uint8_t ss[KYBER_SSBYTES], const uint8_t pk[KYBER_PUBLICKEYBYTES])
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@@ -91,9 +88,7 @@ int crypto_kem_enc(uint8_t *ct,
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
-int crypto_kem_dec(uint8_t *ss,
- const uint8_t *ct,
- const uint8_t *sk)
+int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES], const uint8_t ct[KYBER_CIPHERTEXTBYTES], const uint8_t sk[KYBER_SECRETKEYBYTES])
{
size_t i;
int fail;
Index: liboqs-0.8.0/src/kem/kyber/pqcrystals-kyber_kyber1024_ref/kem.c
===================================================================
--- liboqs-0.8.0.orig/src/kem/kyber/pqcrystals-kyber_kyber1024_ref/kem.c
+++ liboqs-0.8.0/src/kem/kyber/pqcrystals-kyber_kyber1024_ref/kem.c
@@ -20,8 +20,7 @@
*
* Returns 0 (success)
**************************************************/
-int crypto_kem_keypair(uint8_t *pk,
- uint8_t *sk)
+int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES], uint8_t sk[KYBER_SECRETKEYBYTES])
{
size_t i;
indcpa_keypair(pk, sk);
@@ -48,9 +47,7 @@ int crypto_kem_keypair(uint8_t *pk,
*
* Returns 0 (success)
**************************************************/
-int crypto_kem_enc(uint8_t *ct,
- uint8_t *ss,
- const uint8_t *pk)
+int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES], uint8_t ss[KYBER_SSBYTES], const uint8_t pk[KYBER_PUBLICKEYBYTES])
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@@ -91,9 +88,7 @@ int crypto_kem_enc(uint8_t *ct,
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
-int crypto_kem_dec(uint8_t *ss,
- const uint8_t *ct,
- const uint8_t *sk)
+int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES], const uint8_t ct[KYBER_CIPHERTEXTBYTES], const uint8_t sk[KYBER_SECRETKEYBYTES])
{
size_t i;
int fail;

17
liboqs-fix-prototypemismatch.patch Normal file
View File

@ -0,0 +1,17 @@
Index: liboqs-0.8.0/src/kem/frodokem/kem_frodokem.h
===================================================================
--- liboqs-0.8.0.orig/src/kem/frodokem/kem_frodokem.h
+++ liboqs-0.8.0/src/kem/frodokem/kem_frodokem.h
@@ -11,9 +11,9 @@
#define OQS_KEM_frodokem_640_aes_length_ciphertext 9720
#define OQS_KEM_frodokem_640_aes_length_shared_secret 16
OQS_KEM *OQS_KEM_frodokem_640_aes_new(void);
-OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_keypair(uint8_t *public_key, uint8_t *secret_key);
-OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
-OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_keypair(unsigned char *public_key, unsigned char *secret_key);
+OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_encaps(unsigned char *ciphertext, unsigned char *shared_secret, const unsigned char *public_key);
+OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_decaps(unsigned char *shared_secret, const unsigned char *ciphertext, const unsigned char *secret_key);
#endif
#ifdef OQS_ENABLE_KEM_frodokem_640_shake

208
liboqs.changes Normal file
View File

@ -0,0 +1,208 @@
-------------------------------------------------------------------
Tue Dec 10 07:51:25 UTC 2024 - Marcus Meissner <meissner@suse.com>
- Updated to 0.12.0:
- This release updates the ML-DSA implementation to the [final
FIPS 204](https://csrc.nist.gov/pubs/fips/204/final) version. This
release still includes the NIST Round 3 version of Dilithium for
interoperability purposes, but we plan to remove Dilithium Round 3 in
a future release.
- This will be the last release of liboqs to include Kyber (that is,
the NIST Round 3 version of Kyber, prior to its standardization by NIST
as ML-KEM in FIPS 203). Applications should switch to ML-KEM (FIPS 203).
- The addition of ML-DSA FIPS 204 final version to liboqs has
introduced a new signature API which includes a context string
parameter. We are planning to remove the old version of the API
without a context string in the next release to streamline the
API and bring it in line with NIST specifications. Users who
have an opinion on this removal are invited to provide input at
https://github.com/open-quantum-safe/liboqs/issues/2001.
Security issues:
- CVE-2024-54137: Fixed bug in HQC decapsulation that leads to incorrect
shared secret value during decapsulation when called with an invalid
ciphertext. (bsc#1234292)
-------------------------------------------------------------------
Sun Sep 29 09:48:19 UTC 2024 - Marcus Meissner <meissner@suse.com>
- Updated to 0.11.0:
* This release updates ML-KEM implementations to their final FIPS 203
https://csrc.nist.gov/pubs/fips/203/final versions .
* This release still includes the NIST Round 3 version of Kyber for
interoperability purposes, but we plan to remove Kyber Round 3 in a
future release.
* Additionally, this release adds support for MAYO and CROSS
digital signature schemes from [NIST Additional Signatures Round 1
https://csrc.nist.gov/Projects/pqc-dig-sig/round-1-additional-signatures
along with stateful hash-based signature schemes XMSS
https://datatracker.ietf.org/doc/html/rfc8391 and LMS
https://datatracker.ietf.org/doc/html/rfc8554.
* Finally, this release provides formally verified
implementations of Kyber-512 and Kyber-768 from libjade
https://github.com/formosa-crypto/libjade/releases/tag/release%2F2023.05-2
* LMS and XMSS are disabled by default due to the security risks associated with their use in software.
See the note on stateful hash-based signatures in CONFIGURE.md
* Key encapsulation mechanisms:
- Kyber: Added formally-verified portable C and AVX2 implementations
of Kyber-512 and Kyber-768 from libjade.
- ML-KEM: Updated portable C and AVX2 implementations of ML-KEM-512,
ML-KEM-768, and ML-KEM-1024 to FIP 203 version.
- Kyber: Patched ARM64 implementations of Kyber-512, Kyber-768, and
Kyber-1024 to work with AddressSanitizer.
* Digital signature schemes:
- LMS/XMSS: Added implementations of stateful hash-based signature
schemes: XMSS and LMS
- MAYO: Added portable C and AVX2 implementations of MAYO signature
scheme from NIST Additional Signatures Round 1.
- CROSS: Added portable C and AVX2 implementations of CROSS signature
scheme from NIST Additional Signatures Round 1.
* Other changes:
- Added callback API to use custom implementations of AES, SHA2, and SHA3.
- Refactor SHA3 implementation to use OpenSSL's EVP_DigestSqueeze() API.
- new library major version 6
-------------------------------------------------------------------
Tue Jun 11 08:39:32 UTC 2024 - Marcus Meissner <meissner@suse.com>
- updated to 0.10.1:
This release is a security release which fixes potential
non-constant-time behaviour in ML-KEM and Kyber. (bsc#1226162
CVE-2024-36405)
It also includes a fix for incorrectly named macros in the ML-DSA
implementation.
-------------------------------------------------------------------
Sat Mar 23 13:40:29 UTC 2024 - Marcus Meissner <meissner@suse.com>
- updated to 0.10.0:
Key encapsulation mechanisms:
- BIKE: Updated portable C implementation to include constant-time fixes from upstream.
- HQC: Updated to NIST Round 4 version.
- ML-KEM: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-KEM-512, ML-KEM-768, and ML-KEM-1024.
Digital signature schemes:
- Falcon: Updated portable C, AVX2, and AArch64 implementations to support fixed-length (PADDED-format) signatures. Fixed the maximum length of variable-length signatures to comply with the NIST Round 3 specification.
- ML-DSA: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-DSA-44, ML-DSA-65, and ML-DSA-87.
Other changes:
- Improved thread safety.
- Removed support for the "NIST-KAT" DRBG.
- Added extended KAT test programs.
- library major version changed from 4 to 5
-------------------------------------------------------------------
Tue Jan 23 15:19:41 UTC 2024 - Marcus Meissner <meissner@suse.com>
- updated to 0.9.2:
- Fixed potential non-constant-time behaviour in Kyber based on https://github.com/pq-crystals/kyber/commit/272125f6acc8e8b6850fd68ceb901a660ff48196
(bsc#1219614)
- Kyber: C, AVX2, and aarch64 implementation updated
-------------------------------------------------------------------
Sun Dec 24 10:00:49 UTC 2023 - Marcus Meissner <meissner@suse.com>
- updated to 0.9.1:
- Key encapsulation mechanisms
- Kyber: C, AVX2, and aarch64 implementation updated
-------------------------------------------------------------------
Fri Oct 13 07:31:49 UTC 2023 - Marcus Meissner <meissner@suse.com>
- updated to 0.9.0
This release features an update to the Classic McEliece KEM, bringing it
in line with NIST Round 4. It also adds or updates ARM implementations
for Kyber, Dilithium, and Falcon.
- major library version 4
-------------------------------------------------------------------
Thu Jun 8 07:14:12 UTC 2023 - Marcus Meissner <meissner@suse.com>
- updated to 0.8.0
This release features many algorithm updates, including removal
of algorithms and variants no longer proceeding through NIST
standardization and updates to newer versions. See the detailed list
of algorithm updates below.
Key encapsulation mechanisms:
- BIKE: updated to Round 4 version.
- Kyber: 90s variants were removed.
- NTRU Prime: All variants were removed, except for sntrup761.
- Saber: removed.
Digital signature schemes
- Dilithium; AES variants were removed.
- Falcon: updated to the 2023-02-07 version.
- Picnic: removed.
- Rainbow: removed.
- SPHINCS+: updated to version 3.1; SPHINCS+-Haraka variants were removed; SPHINCS+-SHA256 and SPHINCS+-SHAKE variants were renamed
Other changes
- Add Cryptographic Bill of Materials (CBOM)
- Improve building on ARM platforms
- Improve performance when using OpenSSL 3 for symmetric cryptography
- Increment shared object library version
- New configure-time options for algorithm selections
- pkgconfig file now available
- removed 0001-Add-support-for-powerpc64.-1160.patch: upstream
- 0002-Mark-stack-non-executable-when-compiling-with-clang-.patch: upstream
- liboqs is now liboqs.so.3.
-------------------------------------------------------------------
Wed Mar 29 06:38:25 UTC 2023 - Marcus Meissner <meissner@suse.com>
- liboqs-fix-prototypemismatch.patch: fixed uint8_t* vs unsigned char* mismatch
- disable -Werror for now.
-------------------------------------------------------------------
Tue Nov 15 16:10:18 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
- Ship the README.md mentioned in the description.
- Compact descriptions.
-------------------------------------------------------------------
Sat Jul 2 07:21:42 UTC 2022 - Christophe Giboudeaux <christophe@krop.fr>
- Add upstream changes:
* 0001-Add-support-for-powerpc64.-1160.patch
* 0002-Mark-stack-non-executable-when-compiling-with-clang-.patch
- Spec cleanup
-------------------------------------------------------------------
Tue Jan 25 07:48:57 UTC 2022 - Bernhard Wiedemann <bwiedemann@suse.com>
- Stop building with march=native to get reproducible binaries (boo#1100677)
-------------------------------------------------------------------
Sun Jan 2 18:26:29 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
- Trim redundancies from description. Remove old specfile
constructs.
-------------------------------------------------------------------
Fri Nov 12 13:08:09 UTC 2021 - Marcus Meissner <meissner@suse.com>
- initial import of the liboqs Open Quantum Safe library, version 0.7.1

103
liboqs.spec Normal file
View File

@ -0,0 +1,103 @@
#
# spec file for package liboqs
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: liboqs
Version: 0.12.0
Release: 0
Summary: C library for quantum-resistant cryptographic algorithms
License: MIT
Group: Productivity/Security
URL: https://github.com/open-quantum-safe/liboqs/
Source: https://github.com/open-quantum-safe/liboqs/archive/refs/tags/%{version}.tar.gz
Source1: baselibs.conf
Patch0: liboqs-fix-build.patch
Patch1: liboqs-fix-prototypemismatch.patch
BuildRequires: cmake
BuildRequires: doxygen
BuildRequires: libopenssl-devel
%description
liboqs is a C library for quantum-resistant cryptographic algorithms.
See the bundled README.md for particular limitations on intended use.
%package -n liboqs7
Summary: C library for quantum-resistant cryptographic algorithms
Group: System/Libraries
%description -n liboqs7
liboqs is a C library for quantum-resistant cryptographic algorithms.
See the bundled README.md for particular limitations on intended use.
%package devel
Summary: Headers for liboqs, a library for quantum-resistant cryptography
Group: Development/Languages/C and C++
Requires: liboqs7 = %{version}
%description devel
liboqs is a C library for quantum-resistant cryptographic algorithms.
See the bundled README.md for particular limitations on intended use.
%prep
%autosetup -p1
%build
export RPM_OPT_FLAGS="%{optflags} -std=gnu11"
# 20220702: The %%cmake macro can't be used because a 'CMakeLists.txt' folder
# exists
cmake -S . -B build -DBUILD_SHARED_LIBS:BOOL=ON -DOQS_DIST_BUILD:BOOL=ON
pushd build
%cmake_build
popd
%install
%cmake_install
# need to find out what cmake option is needed
mv %{buildroot}%{_prefix}/local/* %{buildroot}%{_prefix}
#if [ "%{_lib}" != "lib" ]; then
# mv %{buildroot}%{_prefix}/lib %{buildroot}%{_libdir}
#fi
rmdir %{buildroot}%{_prefix}/local/
%post -n liboqs7 -p /sbin/ldconfig
%postun -n liboqs7 -p /sbin/ldconfig
%files -n liboqs7
%license LICENSE.txt
%{_libdir}/liboqs.so.%version
%{_libdir}/liboqs.so.7
%doc README.md
%files devel
%license LICENSE.txt
%dir %{_includedir}/oqs
%{_includedir}/oqs/*
%{_libdir}/liboqs.so
%{_libdir}/pkgconfig/liboqs.pc
%dir %{_libdir}/cmake/
%dir %{_libdir}/cmake/liboqs/
%{_libdir}/cmake/liboqs/liboqsTargets-noconfig.cmake
%{_libdir}/cmake/liboqs/liboqsTargets.cmake
%{_libdir}/cmake/liboqs/liboqsConfig.cmake
%{_libdir}/cmake/liboqs/liboqsConfigVersion.cmake
%changelog