Updated oqsprovider to v0.7.0

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25702)

diff --git a/oqs-provider b/oqs-provider
index 0ec51eca39d72867f309878f5bb9002f1c3e07fb..c0ee292723fa1b37f86a42ddfdd804c35cc49ff3 160000 (submodule)
--- a/oqs-provider
+++ b/oqs-provider
@@ -1 +1 @@
-Subproject commit 0ec51eca39d72867f309878f5bb9002f1c3e07fb
+Subproject commit c0ee292723fa1b37f86a42ddfdd804c35cc49ff3

diff --git a/test/recipes/95-test_external_oqsprovider_data/oqsprovider-externalinterop.sh b/test/recipes/95-test_external_oqsprovider_data/oqsprovider-externalinterop.sh
deleted file mode 100755 (executable)
index 5a6e312..0000000
--- a/test/recipes/95-test_external_oqsprovider_data/oqsprovider-externalinterop.sh
+++ /dev/null
@@ -1,49 +0,0 @@
-#!/bin/bash
-
-set -e 
-
-# Use newly built oqsprovider to test interop with external sites
-
-if [ -z "$OPENSSL_APP" ]; then
-    echo "OPENSSL_APP env var not set. Exiting."
-    exit 1
-fi
-
-if [ -z "$OPENSSL_MODULES" ]; then
-    echo "Warning: OPENSSL_MODULES env var not set."
-fi
-
-# Set OSX DYLD_LIBRARY_PATH if not already externally set
-if [ -z "$DYLD_LIBRARY_PATH" ]; then
-    export DYLD_LIBRARY_PATH=$LD_LIBRARY_PATH
-fi
-
-# We assume the value of env var HTTP_PROXY is "http://host.domain:port_num"
-if [ ! -z "${HTTP_PROXY}" ]; then
-    echo "Using Web proxy \"${HTTP_PROXY}\""
-    export USE_PROXY="-proxy ${HTTP_PROXY#http://} -allow_proxy_certs"
-else
-    export USE_PROXY=""
-fi
-
-# Ascertain algorithms are available:
-
-# skipping these tests for now as per https://mailarchive.ietf.org/arch/msg/tls/hli5ogDbUudAA4tZXskVbOqeor4
-# TBD replace with suitable ML-KEM hybrid tests as and when available XXX 
-
-exit 0
-
-echo " Cloudflare:"
-
-if ! ($OPENSSL_APP list -kem-algorithms | grep x25519_kyber768); then
-   echo "Skipping unconfigured x25519_kyber768 interop test"
-else
-   export OQS_CODEPOINT_X25519_KYBER512=65072
-   (echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | "${OPENSSL_APP}" s_client ${USE_PROXY} -connect pq.cloudflareresearch.com:443 -groups x25519_kyber768 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber768Draft00
-fi
-
-if ! ($OPENSSL_APP list -kem-algorithms | grep x25519_kyber512); then
-   echo "Skipping unconfigured x25519_kyber512 interop test"
-else
-   (echo -e "GET /cdn-cgi/trace HTTP/1.1\nHost: cloudflare.com\n\n"; sleep 1; echo $'\cc') | "${OPENSSL_APP}" s_client ${USE_PROXY} -connect pq.cloudflareresearch.com:443 -groups x25519_kyber512 -servername cloudflare.com -ign_eof 2>/dev/null | grep kex=X25519Kyber512Draft00
-fi

diff --git a/test/recipes/95-test_external_oqsprovider_data/oqsprovider.sh b/test/recipes/95-test_external_oqsprovider_data/oqsprovider.sh
index 4956b113db9662f9baa7626c28c5f1ce5092628e..ad4b20df45b795d4540c69b56736a237e771cdb4 100755 (executable)
--- a/test/recipes/95-test_external_oqsprovider_data/oqsprovider.sh
+++ b/test/recipes/95-test_external_oqsprovider_data/oqsprovider.sh
@@ -71,6 +71,4 @@ export OPENSSL_MODULES=$PWD/_build/lib
 export OQS_PROVIDER_TESTSCRIPTS=$SRCTOP/oqs-provider/scripts
 export OPENSSL_CONF=$OQS_PROVIDER_TESTSCRIPTS/openssl-ca.cnf
 # Be verbose if harness is verbose:
-# temporarily replace external interop testing
-cp $SRCTOP/test/recipes/95-test_external_oqsprovider_data/oqsprovider-externalinterop.sh $SRCTOP/oqs-provider/scripts/
 $SRCTOP/oqs-provider/scripts/runtests.sh -V