Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deploy test server #93

Closed
baentsch opened this issue Dec 9, 2022 · 8 comments
Closed

Deploy test server #93

baentsch opened this issue Dec 9, 2022 · 8 comments
Assignees
@bhess

Comments

@baentsch
Copy link
Member

baentsch commented Dec 9, 2022

Either replacing or amending test.openquantumsafe.org with an instance running oqs-provider to also test integrations and OpenSSL3. Would also allow implementing open-quantum-safe/openssl#388 (comment)
@baentsch baentsch mentioned this issue Feb 7, 2023
Merged
@baentsch
Copy link
Member Author

@bhess As a follow-up to our email conversation I now assigned this to you as I don't have access to the test server any more. Please confirm that you'll be able to have this complete by the end of next week as part of our liboqs release (confirmation) cycle.

@bhess
Copy link
Member

bhess commented May 18, 2023

Thanks @baentsch, will look into it next week.

@bhess
Copy link
Member

bhess commented May 26, 2023

Should there be (or is there already something like) a common.py for oqs-provider?
The script for OpenSSL 1.1.1 contains python structures with the available KEMs, Signatures and helper functions to create keys and certs, which is used by the deployment scripts for the test server. The alternative I see is to load generate.yml and create the algorithm list again, but there seems quite some logic involved in generate.py that I think is better not to replicate. @baentsch

@bhess
Copy link
Member

bhess commented May 28, 2023
edited
Loading

The test server based on liboqs-0.8.0-rc1 is now ready at https://test.openquantumsafe.org.

For now it's based on oqs-provider/main. Will update to a oqs-provider release tag once ready.

I did a test run (https://github.com/open-quantum-safe/oqs-demos/blob/bhe-nginx-serverupd/nginx/fulltest-provider/testrun.sh), and all tests passed.

The ports offered by the test server are now restricted to Signartures+KEMs with matching security levels (exceptions are the pure rsa/ecdsa signatures as baseline).

Not sure if makes sense to advertise the Chromium-ready test ports as there seems to be no build against 0.8.0 at the moment. So I removed the Chromium page for now.

Related PRs: #173, open-quantum-safe/oqs-demos#204

@baentsch
Copy link
Member Author

So I removed the Chromium page for now.

Perfect for me: We're not really supporting it, so we should drop the appearance of that, too.

@baentsch
Copy link
Member Author

baentsch commented Jun 9, 2023

@bhess: Release is tagged. Will mark final if you can close this issue after correct testing.

@bhess
Copy link
Member

bhess commented Jun 9, 2023

https://test.openquantumsafe.org is updated with liboqs 0.8.0 and oqs-provider 0.5.0, which includes generating the config using openssl list.

After a run with https://github.com/open-quantum-safe/oqs-demos/blob/bhe-nginx-serverupd/nginx/fulltest-provider/testrun.sh and the oqsprovider/curl image, all tests except the new x25519_kyber768 and p256_kyber768 hybrids pass. It looks like curl in the image doesn't support them yet. I also built a local version of the curl docker image, there everything works fine.

@baentsch baentsch mentioned this issue Jun 10, 2023
Closed
@baentsch
Copy link
Member Author

Thanks for integration and test -- open-quantum-safe/oqs-demos#206 added to fix curl docker image for good and #181 to avoid this from happening again. This then closes this issue out.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bhess bhess

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bhess @baentsch