Skip to content

Openssl3 HMAC Deperated #465

Openssl3 HMAC Deperated

Openssl3 HMAC Deperated #465

Workflow file for this run

name: CI
on:
push:
branches:
- openssl1.1
pull_request:
env:
DOCKER_TAG: buildenv
DOCKER_FOLDER_PATH: ./dockerfiles/base
# This buildenv contains libp11/softhsm and libdilithium
DOCKER_WITH_FEATURE_TAG: buildenv_with_features
DOCKER_WITH_FEATURE_FOLDER_PATH: ./dockerfiles/feature-support
TOKEN_LABEL1: token-label
TOKEN_LABEL2: token-label2
USER_PIN: 1234
SO_PIN: 4321
jobs:
check-format:
runs-on: ubuntu-latest
steps:
- name: "Checkout"
uses: actions/checkout@v2
- name: "Build Docker Image"
uses: ./.github/actions/build-docker
with:
docker_tag: ${{ env.DOCKER_TAG }}
docker_folder_path: ${{ env.DOCKER_FOLDER_PATH }}
- name: "Check code format"
run: |
docker run --rm -u "$UID" -v "$PWD:/src:rw" -w /src ${{ env.DOCKER_TAG }} bash -c \
'./scripts/check_format.sh'
build-and-test:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
compiler: ["g++", "clang++"]
build_type: ["", "ASAN"]
hsm_flag: ["MOCOCRW_HSM_ENABLED=ON", "MOCOCRW_HSM_ENABLED=OFF"]
dilithium_flag: ["MOCOCRW_DILITHIUM_ENABLED=ON", "MOCOCRW_DILITHIUM_ENABLED=OFF"]
include:
- build_type: "ASAN"
# Disable fast unwind to have clean stack-traces for better suppression.
ASAN_OPTIONS: "fast_unwind_on_malloc=false"
# Include suppression list to avoid false positives reported by LSAN.
LSAN_OPTIONS: "suppressions=/src/lsan_suppression.txt"
- build_type: ""
ASAN_OPTIONS: ""
LSAN_OPTIONS: ""
- hsm_flag: "MOCOCRW_HSM_ENABLED=ON"
docker_tag: "buildenv_with_features"
softhsm2_conf: "/usr/share/softhsm/softhsm2.conf"
softhsm2_grp: ":softhsm"
- dilithium_flag: "MOCOCRW_DILITHIUM_ENABLED=ON"
docker_tag: "buildenv_with_features"
- hsm_flag: "MOCOCRW_HSM_ENABLED=OFF"
dilithium_flag: "MOCOCRW_DILITHIUM_ENABLED=OFF"
docker_tag: "buildenv"
softhsm2_conf: ""
softhsm2_grp:
steps:
- name: "Checkout"
uses: actions/checkout@v2
- name: "Build Docker Image"
uses: ./.github/actions/build-docker
with:
docker_tag: ${{ env.DOCKER_TAG }}
docker_folder_path: ${{ env.DOCKER_FOLDER_PATH }}
- name: "Build Docker Image With HSM"
if: ${{ matrix.hsm_flag == 'MOCOCRW_HSM_ENABLED=ON' || matrix.dilithium_flag == 'MOCOCRW_DILITHIUM_ENABLED=ON' }}
uses: ./.github/actions/build-docker
with:
docker_tag: ${{ env.DOCKER_WITH_FEATURE_TAG }}
docker_folder_path: ${{ env.DOCKER_WITH_FEATURE_FOLDER_PATH }}
- name: "Build MoCOCrW"
run: |
mkdir build
docker run --rm -e SOFTHSM2_CONF="${{ matrix.softhsm2_conf }}" \
-u "$UID"${{ matrix.softhsm2_grp }} \
-v "$PWD:/src:rw" -w /src/build ${{ matrix.docker_tag }} bash -c \
'cmake \
-DCMAKE_CXX_COMPILER=${{ matrix.compiler }} \
-DCMAKE_BUILD_TYPE=${{ matrix.build_type }} \
-D${{ matrix.hsm_flag }} \
-D${{ matrix.dilithium_flag }} \
-DBUILD_TESTING=True \
-GNinja \
/src \
&& ninja'
- name: "Run tests"
run: |
docker run --rm -e ASAN_OPTIONS="${{ matrix.ASAN_OPTIONS }}" -e LSAN_OPTIONS="${{ matrix.LSAN_OPTIONS }}" \
-e SOFTHSM2_CONF="${{ matrix.softhsm2_conf }}" \
-u "$UID"${{ matrix.softhsm2_grp }} \
-v "$PWD:/src:rw" -w /src/build ${{ matrix.docker_tag }} bash -c \
'if [ "${{ matrix.hsm_flag }}" = "MOCOCRW_HSM_ENABLED=ON" ]; then \
softhsm2-util --init-token --free --label ${{ env.TOKEN_LABEL1 }} --pin ${{ env.USER_PIN }} --so-pin ${{ env.SO_PIN }}; \
softhsm2-util --init-token --free --label ${{ env.TOKEN_LABEL2 }} --pin ${{ env.USER_PIN }} --so-pin ${{ env.SO_PIN }}; \
fi \
&& ctest --verbose -j $(nproc) \
&& if [ "${{ matrix.hsm_flag }}" = "MOCOCRW_HSM_ENABLED=ON" ]; then \
echo "HsmIntegrationTest stderr:"
cat /tmp/hsm-int-test.log
softhsm2-util --delete-token --token ${{ env.TOKEN_LABEL1 }} --pin ${{ env.USER_PIN }} --so-pin ${{ env.SO_PIN }}; \
softhsm2-util --delete-token --token ${{ env.TOKEN_LABEL2 }} --pin ${{ env.USER_PIN }} --so-pin ${{ env.SO_PIN }}; \
fi'