Update FFI API with key certification and signature customization functions. #3727

Workflow file for this run

	# Copyright (c) 2023-2024 [Ribose Inc](https://www.ribose.com).
	# All rights reserved.
	# This file is a part of rnp
	#
	# Redistribution and use in source and binary forms, with or without
	# modification, are permitted provided that the following conditions
	# are met:
	# 1. Redistributions of source code must retain the above copyright
	# notice, this list of conditions and the following disclaimer.
	# 2. Redistributions in binary form must reproduce the above copyright
	# notice, this list of conditions and the following disclaimer in the
	# documentation and/or other materials provided with the distribution.
	#
	# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
	# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
	# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS
	# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
	# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
	# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
	# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
	# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
	# POSSIBILITY OF SUCH DAMAGE.

	name: macos

	on:
	push:
	branches:
	- main
	- 'release/**'
	paths-ignore:
	- '/*.sh'
	- '/.*'
	- '/_*'
	- 'docs/**'
	- '**.adoc'
	- '**.md'
	- '**.nix'
	- 'flake.lock'
	- 'version.txt'
	- '.github/workflows/*.yml'
	- '!.github/workflows/macos.yml'
	pull_request:
	paths-ignore:
	- '/*.sh'
	- '/.*'
	- '/_*'
	- 'docs/**'
	- '**.adoc'
	- '**.md'
	- '**.nix'
	- 'flake.lock'
	- 'version.txt'

	concurrency:
	group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref \|\| github.ref_name }}'
	cancel-in-progress: true

	env:
	BOTAN_VERSION: 2.19.4
	CORES: 3

	jobs:
	tests:
	name: ${{ matrix.os }} [ backend ${{ matrix.backend }}, shared libs ${{ matrix.shared_libs }} ]
	runs-on: ${{ matrix.os }}
	strategy:
	fail-fast: false
	matrix:
	# On MacOS gcc is alias of clang these days
	os: [ macos-12, macos-13, macos-14 ]
	backend: [ 'botan' ]
	shared_libs: [ 'on' ]
	include:
	- { os: 'macos-12', backend: '[email protected]', shared_libs: 'on' }
	- { os: 'macos-14', backend: 'openssl@3', shared_libs: 'on' }
	- { os: 'macos-14', backend: 'botan', shared_libs: 'off' }
	- { os: 'macos-14', backend: 'botan3', shared_libs: 'on' }

	if: "!contains(github.event.head_commit.message, 'skip ci')"
	timeout-minutes: 250

	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: 1
	submodules: true

	- name: Configure openssl 1.1 backend
	if: matrix.backend == '[email protected]'
	run: \|
	echo "brew \"[email protected]\"" >> Brewfile
	echo "OPENSSL_ROOT_DIR=$(brew --prefix [email protected])" >> $GITHUB_ENV
	echo "CRYPTO_BACKEND=openssl" >> $GITHUB_ENV

	- name: Configure openssl 3 backend
	if: matrix.backend == 'openssl@3'
	run: \|
	echo "brew \"openssl@3\"" >> Brewfile
	echo "OPENSSL_ROOT_DIR=$(brew --prefix openssl@3)" >> $GITHUB_ENV
	echo "CRYPTO_BACKEND=openssl" >> $GITHUB_ENV

	- name: Install dependencies
	run: \|
	rm -f '/usr/local/bin/2to3' '/usr/local/bin/2to3-3.12' '/usr/local/bin/idle3' '/usr/local/bin/idle3.12' \
	'/usr/local/bin/pydoc3' '/usr/local/bin/pydoc3.12' '/usr/local/bin/python3' '/usr/local/bin/python3-config' \
	'/usr/local/bin/python3.12' '/usr/local/bin/python3.12-config'
	brew bundle

	- name: Botan2 cache
	id: cache
	uses: actions/cache@v4
	if: matrix.backend == 'botan'
	with:
	path: Botan-${{ env.BOTAN_VERSION }}
	key: ${{ matrix.os }}-Botan-${{ env.BOTAN_VERSION }}

	- name: Build Botan2
	if: matrix.backend == 'botan' && steps.cache.outputs.cache-hit != 'true'
	run: \|
	wget -qO- https://botan.randombit.net/releases/Botan-${{ env.BOTAN_VERSION }}.tar.xz \| tar xvJ
	cd Botan-${{ env.BOTAN_VERSION }}
	./configure.py --prefix=/usr/local
	make
	cd ..

	- name: Install Botan2
	if: matrix.backend == 'botan'
	run: \|
	cd Botan-${{ env.BOTAN_VERSION }}
	sudo make install
	cd ..

	- name: Install Botan3
	if: matrix.backend == 'botan3'
	run: \|
	brew install botan

	- name: Configure
	run: \|
	echo "CORES=$(sysctl -n hw.ncpu)" >> $GITHUB_ENV
	echo "RNP_INSTALL=$PWD/rnp-install" >> $GITHUB_ENV
	cmake -B build -DBUILD_SHARED_LIBS=${{ matrix.shared_libs }} \
	-DCMAKE_BUILD_TYPE=Release \
	-DCMAKE_INSTALL_PREFIX="$PWD/rnp-install" \
	-DDOWNLOAD_GTEST=OFF \
	-DCMAKE_CXX_FLAGS="-DS2K_MINIMUM_TUNING_RATIO=4"\
	-DCRYPTO_BACKEND=${{ env.CRYPTO_BACKEND }} .

	- name: Build
	run: cmake --build build --config Release --parallel ${{ env.CORES }}

	- name: Install
	run: cmake --install build

	- name: Test
	run: \|
	mkdir -p "build/Testing/Temporary"
	cp "cmake/CTestCostData.txt" "build/Testing/Temporary"
	export PATH="$PWD/build/src/lib:$PATH"
	ctest --parallel ${{ env.CORES }} --test-dir build -C Debug --output-on-failure

	- name: Checkout shell test framework
	if: matrix.shared_libs == 'on'
	uses: actions/checkout@v4
	with:
	repository: kward/shunit2
	path: ci/tests/shunit2

	- name: Run additional ci tests
	if: matrix.shared_libs == 'on'
	run: zsh -o shwordsplit -- ci/tests/ci-tests.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update FFI API with key certification and signature customization functions. #3727

Workflow file

Update FFI API with key certification and signature customization functions. #3727

Jobs

Run details

Workflow file for this run