diff --git a/fedora-36-amd64.Dockerfile b/fedora-36-amd64.Dockerfile index e3457e5..dc940dd 100644 --- a/fedora-36-amd64.Dockerfile +++ b/fedora-36-amd64.Dockerfile @@ -22,4 +22,6 @@ RUN dnf -y update RUN /opt/tools/tools.sh build_and_install_libiconv && \ /opt/tools/tools.sh build_and_install_gpg lts && \ /opt/tools/tools.sh build_and_install_gpg stable && \ - /opt/tools/tools.sh build_and_install_botan 3.1.1 + /opt/tools/tools.sh build_and_install_botan 3.1.1 && \ + /opt/tools/tools.sh build_and_install_botan 3.2.0 && \ + /opt/tools/tools.sh build_and_install_botan 3.3.0 diff --git a/tools/botan3-pqc-modules b/tools/botan3-pqc-modules new file mode 100644 index 0000000..987a5ea --- /dev/null +++ b/tools/botan3-pqc-modules @@ -0,0 +1,52 @@ +aead +aes +auto_rng +bigint +blowfish +camellia +cast128 +cbc +cfb +crc24 +curve25519 +des +dl_algo +dl_group +dsa +eax +ecc_key +ecdh +ecdsa +ed25519 +elgamal +eme_pkcs1 +emsa_pkcs1 +emsa_raw +ffi +hash +raw_hash +hmac +hmac_drbg +idea +kdf +md5 +ocb +pgp_s2k +rfc3394 +rmd160 +rsa +sha1 +sha2_32 +sha2_64 +sha3 +sm2 +sm3 +sm4 +sp800_56a +twofish +kyber +dilithium +sphincsplus_sha2 +sphincsplus_shake +hkdf +kmac diff --git a/tools/tools.sh b/tools/tools.sh index 0385f44..ccdced0 100755 --- a/tools/tools.sh +++ b/tools/tools.sh @@ -111,6 +111,19 @@ build_and_install_jsonc() { rm -rf "${jsonc_build}" } +botan_has_pqc_support() { + # Check whether version is in numeric format + if ! echo "$1" | grep -qE '^[0-9]+(\.[0-9]+)+$'; then + return 1 + fi + # Check whether botan version >= 3.2.0 + if [ "$(printf "3.2.0\n%s" "$1" | sort -V | head -n1)" = "3.2.0" ]; then + return 0 + else + return 1 + fi +} + build_and_install_botan() { BOTAN_VERSION="${1:-system}" @@ -139,8 +152,13 @@ build_and_install_botan() { local osparam=() local cpuparam=() local osslparam=() - local modules=$(cat "$DIR_TOOLS"/botan3-modules | tr '\n' ',') - [[ "${botan_v}" == "2" ]] && osslparam+=("--without-openssl") && modules=$(cat "$DIR_TOOLS"/botan-modules | tr '\n' ',') + local modules + if botan_has_pqc_support "${BOTAN_VERSION}"; then + modules=$(tr '\n' ',' < "${DIR_TOOLS}/botan3-pqc-modules") + else + modules=$(tr '\n' ',' < "${DIR_TOOLS}/botan3-modules") + fi + [[ "${botan_v}" == "2" ]] && osslparam+=("--without-openssl") && modules=$(tr '\n' ',' < "${DIR_TOOLS}/botan-modules") echo "Building botan with modules: ${modules}"