Path to a NodeJS demo

[Utopiah]

The servers provided, in particular reverse proxies like nginx, cover most Web services.

Still numerous ones rely on NodeJS directly via popular framework like Express itself allowing some customization.

My understanding is that NodeJS ships with OpenSSL and defaults to it with its cipher suite that can be customized.

Consequently I believe a demo could be made by

1. compiling open-quantum-safe/openssl
2. using a binary compatible NodeJS version and force to use oqs openssl via LD_LIBRARY_PATH knowing the related maintaining position and that numerous issues have been opened on the topic so to verify via node -pe process.versions
3. alternatively build NodeJS dynamically linking oqs openssl (via e.g the FIPS support example )
4. run the Express demo limited to a specific cipher with e.g node --tls-cipher-list='falcon512' server.js then open it with oqs chromium

Does this seem like a realistic path?

Edit: relying on nodejs --shared-openssl with the oqs-provider plugin, cf details on providers, seems like a more maintainable path.

[baentsch]

relying on nodejs --shared-openssl with the oqs-provider plugin, cf details on providers, seems like a more maintainable path.

If you hadn't added that, that'd been my recommendation, too. We really want to move off oqs-openssl111...

Now, the bigger issue I see is that our code does not provide a cipher (in either oqsprovider or oqs-openssl), but only KEM and signature algorithms. As I don't know enough about Express there's probably some more investigation required... If this can make use of signature or KEM algorithms, then, yes, the path you propose sounds doable. Feel free to keep us posted on what you find going forward (or want to bounce off further ideas).