OQS-Bind

OQS-Bind is a forked version of ISC's Bind9 DNS software which enables PQC DNS. The original Bind9 README can be found here. This fork take advantage of Open Quantum Safe's liboqs and oqs-provider. NOTE: OpenSSL 3.2 is REQUIRED to build and use OQS-Bind.

This project is not officially affiliated with Open Quantum Safe.

Algorithms

Currently only DNSSEC is supported and tested with a small number of algorithms, but DoT and DoH inprinciple should work. I plan on eventually enabling more DNSSEC PQC algorithms in the future and automating enabling and disabling them, but for now this must be done by hand. The algorithms we support in DNSSEC are as follows:

DNSSEC Algorithms

Algorithm	DNSSEC Algorithm ID
Falcon-512	17
Dilithium2	18
SPHINCS+-SHA-256-128s Simple	19

We opted to start the algorithm IDs at 17 because of the discussion seen here.

DoT/DoH Algorithms

These have not been tested, but in principle all algorithms supported by oqs-proivder should work.

Building

In order to build OQS-Bind, some version of OpenSSL 3.2 must be installed. At the time of writing Beta1 just was released, so it is recommended to not use OpenSSL 3.2 as your primary system-wide instalation of OpenSSL. Instead, installed OpenSSL 3.2 in a special location. You can then specify the location of OpenSSL 3.2 using the --with-openssl=<OPENSSL3.2DIR>. Then simply follow the regular Bind9 build instructions found here.

Name	Name	Last commit message	Last commit date
Latest commit jgoertzen-sb Fix named's verify (#14 ) Dec 15, 2023 31ba35d · Dec 15, 2023 History 40,048 Commits
.github/workflows	.github/workflows	Fix liboqs version to 0.9.0 (#11 )	Oct 30, 2023
.gitlab/issue_templates	.gitlab/issue_templates	Update release checklist	Aug 17, 2023
.reuse	.reuse	Add configuration for readthedocs.org	Jul 18, 2023
LICENSES	LICENSES	Update the copyright information in all files in the repository	Jan 11, 2022
bin	bin	Fix named's verify (#14 )	Dec 15, 2023
cocci	cocci	Remove ISC_MEM_ZERO and isc_mem_*x() API	Aug 31, 2023
conftools/perllib/dnsconf	conftools/perllib/dnsconf	Mark setting operating system limits from named.conf as ancient	Dec 7, 2022
contrib	contrib	Merged v9.19.17 release of bind into branch	Oct 16, 2023
doc	doc	Reorder release notes	Sep 8, 2023
fuzz	fuzz	remove dns_name_fromstring2()	Aug 31, 2023
lib	lib	Fix named's verify (#14 )	Dec 15, 2023
m4	m4	Fixed a logic bug in m4/ax_check_openssl.m4	Dec 8, 2023
tests	tests	Activate CodeQL Github action	Oct 25, 2023
util	util	Simplify Sphinx tools installation	Sep 8, 2023
.clang-format	.clang-format	Add ISC_LIST_FOREACH(_SAFE) macros	Apr 25, 2023
.clang-format.headers	.clang-format.headers	Build with liburcu, Userspace RCU	Mar 10, 2023
.dir-locals.el	.dir-locals.el	Remove trailing whitespace from all text files	Jun 13, 2023
.git-blame-ignore-revs	.git-blame-ignore-revs	Ignore test cleanup commits in git blame	Jul 14, 2023
.gitattributes	.gitattributes	Add previously detected dns_rdata_fromwire_text failures	Aug 13, 2020
.gitignore	.gitignore	Add .log.txt to gitignore	May 22, 2023
.gitlab-ci.yml	.gitlab-ci.yml	Enable keyfromlabel and enginepkcs11 systemtests with pkcs11-provider	Aug 25, 2023
.pylintrc	.pylintrc	Disable pylint check for too-few-public-methods	May 22, 2023
.readthedocs.yaml	.readthedocs.yaml	Add configuration for readthedocs.org	Jul 18, 2023
.tsan-suppress	.tsan-suppress	Change images for TSAN jobs	May 30, 2023
.uncrustify.cfg	.uncrustify.cfg	fix spelling errors reported by Fossies.	Feb 21, 2020
AUTHORS	AUTHORS	Modify AUTHORS	Dec 20, 2022
CHANGES	CHANGES	Add a CHANGES marker	Sep 8, 2023
CODE_OF_CONDUCT.md	CODE_OF_CONDUCT.md	Update the copyright information in all files in the repository	Jan 11, 2022
CONTRIBUTING.md	CONTRIBUTING.md	Move security-related information to SECURITY.md	Sep 4, 2023
COPYING	COPYING	Complete rewrite the BIND 9 build system	Apr 21, 2020
COPYRIGHT	COPYRIGHT	Remove trailing whitespace from all text files	Jun 13, 2023
ChangeLog	ChangeLog	Complete rewrite the BIND 9 build system	Apr 21, 2020
LICENSE	LICENSE	Update the copyright information in all files in the repository	Jan 11, 2022
Makefile.am	Makefile.am	Add support for User Statically Defined Tracing (USDT) probes	Aug 21, 2023
Makefile.docs	Makefile.docs	remove /etc/bind.keys	Feb 6, 2023
Makefile.dtrace	Makefile.dtrace	Regenerate the DTrace generated files on configure change	Aug 23, 2023
Makefile.tests	Makefile.tests	Stop the unit tests from running twice	May 28, 2022
Makefile.top	Makefile.top	Add support for User Statically Defined Tracing (USDT) probes	Aug 21, 2023
NEWS	NEWS	Complete rewrite the BIND 9 build system	Apr 21, 2020
OPTIONS.md	OPTIONS.md	Document -DOPENSSL_API_COMPAT=10100 in OPTIONS.md	Sep 23, 2022
ORIGINAL_README.md	ORIGINAL_README.md	Write an OQS-Bind specific README	Oct 28, 2023
README.md	README.md	Converted BIND -> Bind in README.md	Oct 30, 2023
SECURITY.md	SECURITY.md	Move security-related information to SECURITY.md	Sep 4, 2023
bind.keys	bind.keys	Update the copyright information in all files in the repository	Jan 11, 2022
configure.ac	configure.ac	Activate CodeQL Github action	Oct 25, 2023
dangerfile.py	dangerfile.py	Add a friendly Danger plea to run the pairwise CI job	May 19, 2023
sonar-project.properties	sonar-project.properties	Add SonarCloud GitHub Action	Feb 24, 2023
suppr-lsan.txt	suppr-lsan.txt	Suppressing memory leaks procuded by LeakSanitizer	Jan 27, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Licenses found

Repository files navigation

OQS-Bind

Algorithms

DNSSEC Algorithms

DoT/DoH Algorithms

Building

About

Licenses found

Releases

Packages

Contributors 45

Languages

License

Martyrshot/OQS-bind

Folders and files

Latest commit

History

Repository files navigation

OQS-Bind

Algorithms

DNSSEC Algorithms

DoT/DoH Algorithms

Building

About

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases

Packages 0

Contributors 45

Languages

Packages