Skip to content

fix key hashing for v5 / v6 signatures #978

fix key hashing for v5 / v6 signatures

fix key hashing for v5 / v6 signatures #978

# Copyright (c) 2023-2024 Ribose Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
name: windows-native
on:
push:
branches:
- main
- 'release/**'
paths-ignore:
- '/*.sh'
- '/.*'
- '/_*'
- 'Brewfile'
- 'docs/**'
- '**.adoc'
- '**.md'
- '**.nix'
- 'flake.lock'
- 'version.txt'
- '.github/workflows/*.yml'
- '!.github/workflows/windows-native.yml'
pull_request:
paths-ignore:
- '/*.sh'
- '/.*'
- '/_*'
- 'Brewfile'
- 'docs/**'
- '**.adoc'
- '**.md'
- '**.nix'
- 'flake.lock'
- 'version.txt'
concurrency:
group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}'
cancel-in-progress: true
env:
VCPKG_DIR: C:/vcpkg
VCPKG_DEFAULT_BINARY_CACHE: ${{github.workspace}}\cache
RNP_TEST_DATA: ${{github.workspace}}\src\tests\data
jobs:
build_and_test:
name: Windows-2022 [arch ${{ matrix.arch.name }}, toolset ${{ matrix.toolset }}, backend ${{ matrix.backend }}, build shared libs ${{ matrix.shared_libs }}, use CMake prefix path ${{ matrix.use_cmake_prefix_path }}, sanitizers ${{ matrix.sanitizers }}]
runs-on: windows-2022
if: "!contains(github.event.head_commit.message, 'skip ci')"
strategy:
fail-fast: false
matrix:
arch: [ { name: 'x64', triplet: 'x64-windows' } ]
toolset: [ 'v143', 'ClangCL' ]
backend: [ 'botan', 'openssl' ]
shared_libs: [ 'off']
use_cmake_prefix_path: [ 'on', 'off' ]
sanitizers: [ 'off' ]
include:
- arch: { name: 'x64', triplet: 'x64-windows' }
toolset: 'v143'
backend: 'botan'
use_cmake_prefix_path: 'off'
shared_libs: 'off'
sanitizers: 'on'
- arch: { name: 'Win32', triplet: 'x86-windows' }
toolset: 'ClangCL'
backend: 'botan'
use_cmake_prefix_path: 'on'
shared_libs: 'off'
sanitizers: 'off'
- arch: { name: 'Win32', triplet: 'x86-windows' }
toolset: 'v143'
backend: 'openssl'
use_cmake_prefix_path: 'off'
shared_libs: 'off'
sanitizers: 'off'
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: true
lfs: true
fetch-depth: 1
- name: vcpkg parameters
run: |
vcpkg version >> vcpkg.version
mkdir -p ${{ env.VCPKG_DEFAULT_BINARY_CACHE }}
- name: vcpkg cache
uses: actions/cache@v4
with:
path: ${{ env.VCPKG_DEFAULT_BINARY_CACHE }}
key: vcpkg-${{ hashFiles('vcpkg.version') }}-${{ matrix.arch.triplet }}-${{ matrix.toolset }}-${{ matrix.backend }}
- name: vcpkg packages
shell: bash
run: |
dir_u=$(cygpath -u ${{ env.VCPKG_DIR }})
echo "VCPKG_DIR_U=$dir_u" >> $GITHUB_ENV
# See https://github.com/microsoft/vcpkg/issues/41339#issuecomment-2394308597 for lines below.
export SystemDrive="$SYSTEMDRIVE"
export SystemRoot="$SYSTEMROOT"
export windir="$WINDIR"
vcpkg install --triplet ${{ matrix.arch.triplet }} bzip2 zlib json-c getopt dirent ${{ matrix.backend }}
- name: Upload vcpkg logs on failure
if: failure()
uses: actions/upload-artifact@v4
with:
name: vcpkg-error-logs
path: |
C:\vcpkg\buildtrees\*\*.log
C:\vcpkg\installed\vcpkg\issue_body.md
- name: Set OPENSSL_ROOT_DIR
# Ensure consistent access to openssl installation for test_backend_version test
# There is another one instance of ssl at /mingw and /mingw/bin is always at the first position at PATH
# So we have to adjust PATH for each step below; changing $GITHUB_PATH does not work
if: matrix.backend == 'openssl'
shell: bash
run: |
echo OPENSSL_ROOT_DIR=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }} >> $GITHUB_ENV
echo OPENSSL_MODULES=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }}/bin >> $GITHUB_ENV
echo RNP_TESTS_OPENSSL_ROOT=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }} >> $GITHUB_ENV
- name: Adjust settings for s2k_iteration_tuning test
# This step adjusts s2k_iteration_tuning threshold for
# s2k_iteration_tuning test (src/tests/cipher.cpp)
# It looks like cl on Win32 does not provide robust response
if: matrix.arch.name == 'Win32' && matrix.toolset == 'ClangCL'
shell: bash
run: echo CXXFLAGS="-DS2K_MINIMUM_TUNING_RATIO=4" >> $GITHUB_ENV
- name: Configure using vpkg toolchain file
if: matrix.use_cmake_prefix_path != 'on'
shell: bash
run: |
echo CORES="$(nproc --all)" >> $GITHUB_ENV
export PATH=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }}/bin:$PATH
cmake -B build -G "Visual Studio 17 2022" \
-A ${{ matrix.arch.name }} \
-T ${{ matrix.toolset }} \
-DBUILD_SHARED_LIBS=${{ matrix.shared_libs}} \
-DENABLE_SANITIZERS=${{ matrix.sanitizers }} \
-DCRYPTO_BACKEND=${{ matrix.backend }} \
-DCMAKE_TOOLCHAIN_FILE=${{ env.VCPKG_DIR }}/scripts/buildsystems/vcpkg.cmake .
- name: Configure using CMake prefix path
if: matrix.use_cmake_prefix_path == 'on'
shell: bash
run: |
echo CORES="$(nproc --all)" >> $GITHUB_ENV
export PATH=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }}/bin:$PATH
cmake -B build -G "Visual Studio 17 2022" \
-A ${{ matrix.arch.name }} \
-T ${{ matrix.toolset }} \
-DBUILD_SHARED_LIBS=${{ matrix.shared_libs}} \
-DENABLE_SANITIZERS=${{ matrix.sanitizers }} \
-DCRYPTO_BACKEND=${{ matrix.backend }} \
-DCMAKE_PREFIX_PATH=${{ env.VCPKG_DIR }}/installed/${{ matrix.arch.triplet }} .
- name: Build
shell: bash
run: |
export PATH=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }}/bin:$PATH
cmake --build build --parallel ${{ env.CORES }} --config Release
- name: Find Visual Studio root via vswhere
if: matrix.sanitizers == 'on'
shell: cmd
# Not sure why but vswhere.exe cannot be run via bash, so using cmd instead.
run: |
FOR /F "delims=" %%i in ('C:\ProgramData\Chocolatey\bin\vswhere.exe -latest -products * -requires Microsoft.VisualStudio.Component.VC.Tools.x86.x64 -property installationPath') DO SET "VS_PATH=%%i"
echo "Detected Visual Studio path: %VS_PATH%"
echo VS_PATH=%VS_PATH%>> "%GITHUB_ENV%"
- name: Test
shell: bash
# Sometimes running cli_tests in parallel causes instability [???]
# ctest --test-dir build -R cli_tests -C Debug --output-on-failure
# ctest --parallel ${{ env.CORES }} --test-dir build -R rnp_tests -C Debug --output-on-failure
# ctest --parallel ${{ env.CORES }} --test-dir build -C Release --output-on-failure
run: |
export PATH=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }}/bin:$PATH
if [[ "${{ matrix.sanitizers }}" == "on" ]]; then
# Since VS 2022 we need to add path to sanitizers libs to PATH to load those.
# For this we need to detect VS_PATH on the previous step via the vswhere
vsp=$(cygpath -u "${VS_PATH}")
ts_ver=$(<"$vsp/VC/Auxiliary/Build/Microsoft.VCToolsVersion.${{matrix.toolset}}.default.txt")
lib_dir="${vsp}/VC/Tools/MSVC/${ts_ver}/bin/Hostx64/x64"
if [[ ! -d "$lib_dir" ]]; then
echo "Looks like directory with sanitizer libs changed from ${lib_dir}. Available ones:"
ls -la "${vsp}/VC/Tools/MSVC"
exit 1
fi
export PATH=$lib_dir:$PATH
fi
mkdir -p "build/Testing/Temporary"
cp "cmake/CTestCostData.txt" "build/Testing/Temporary"
ctest --parallel ${{ env.CORES }} --test-dir build -C Release --output-on-failure