Created
August 29, 2025 08:26
-
-
Save hightemp/f4f578995ddf6d22892f93dea017f7fe to your computer and use it in GitHub Desktop.
Установка шифрования ГОСТ в образ alpine
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM alpine:latest | |
| ENV OPENSSL_VERSION=3.0.13 | |
| ENV GOST_ENGINE_BRANCH=v3.0.0 | |
| LABEL maintainer="hightemp" | |
| LABEL description="Alpine with custom-built OpenSSL ${OPENSSL_VERSION} and GOST engine support." | |
| RUN apk add --no-cache \ | |
| alpine-sdk \ | |
| cmake \ | |
| git \ | |
| perl \ | |
| linux-headers \ | |
| wget | |
| # Создаем рабочий каталог для исходных кодов | |
| WORKDIR /opt/src | |
| RUN wget https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz && \ | |
| tar -xvf openssl-${OPENSSL_VERSION}.tar.gz && \ | |
| cd openssl-${OPENSSL_VERSION} && \ | |
| ./config --prefix=/usr/local/openssl-gost \ | |
| --openssldir=/usr/local/openssl-gost/ssl \ | |
| shared \ | |
| -Wl,-rpath,/usr/local/openssl-gost/lib64 && \ | |
| make -j$(nproc) && \ | |
| make install | |
| RUN git clone https://github.com/gost-engine/engine.git && \ | |
| cd engine && \ | |
| git checkout ${GOST_ENGINE_BRANCH} && \ | |
| git submodule update --init | |
| RUN cd engine && \ | |
| mkdir build && \ | |
| cd build && \ | |
| cmake -DOPENSSL_ROOT_DIR=/usr/local/openssl-gost \ | |
| -DOPENSSL_ENGINES_DIR=/usr/local/openssl-gost/lib/engines-3 \ | |
| -DCMAKE_INSTALL_RPATH=/usr/local/openssl-gost/lib64 \ | |
| .. && \ | |
| cmake --build . --config Release && \ | |
| cmake --build . --target install --config Release | |
| RUN sed -i '/^\[openssl_init\]/a engines = engine_section' /usr/local/openssl-gost/ssl/openssl.cnf && \ | |
| sed -i 's/^#.*activate = 1/activate = 1/' /usr/local/openssl-gost/ssl/openssl.cnf && \ | |
| echo "" >> /usr/local/openssl-gost/ssl/openssl.cnf && \ | |
| echo "[engine_section]" >> /usr/local/openssl-gost/ssl/openssl.cnf && \ | |
| echo "gost = gost_section" >> /usr/local/openssl-gost/ssl/openssl.cnf && \ | |
| echo "" >> /usr/local/openssl-gost/ssl/openssl.cnf && \ | |
| echo "[gost_section]" >> /usr/local/openssl-gost/ssl/openssl.cnf && \ | |
| echo "engine_id = gost" >> /usr/local/openssl-gost/ssl/openssl.cnf && \ | |
| echo "dynamic_path = /usr/local/openssl-gost/lib/engines-3/gost.so" >> /usr/local/openssl-gost/ssl/openssl.cnf && \ | |
| echo "default_algorithms = ALL" >> /usr/local/openssl-gost/ssl/openssl.cnf | |
| RUN apk del alpine-sdk cmake git perl linux-headers wget && \ | |
| rm -rf /opt/src | |
| ENV PATH="/usr/local/openssl-gost/bin:${PATH}" | |
| RUN openssl engine | grep "(gost) Reference implementation of GOST engine" | |
| WORKDIR /root | |
| CMD ["/bin/sh"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment