Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add code coverage measurement. #21

Merged
merged 9 commits into from
Mar 27, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
122 changes: 104 additions & 18 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,18 +7,92 @@ on:
branches: [ "master" ]

jobs:
build:

applet:
runs-on: ubuntu-latest
permissions:
contents: read

strategy:
matrix:
java: [ "8", "11", "17", "21" ]
java: [ "8", "11", "17"]
env:
JAVA_VERSION: ${{ matrix.java }}
name: Build Java ${{ matrix.java }}
name: Build applet with Java ${{ matrix.java }}
steps:
- uses: actions/checkout@v4
with:
submodules: recursive

- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: ${{ matrix.java }}
distribution: "temurin"

- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3

- name: Build applets
run: ./gradlew applet:buildJavaCard

- name: Test
run: ./gradlew applet:test

- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: built-applet-${{ matrix.java }}
path: |
applet/build/javacard/*.cap

reader:
runs-on: ubuntu-latest
permissions:
contents: read

strategy:
matrix:
java: [ "11", "17", "21" ]
name: Build reader on Java ${{ matrix.java }}
steps:
- uses: actions/checkout@v4
with:
submodules: recursive

- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: ${{ matrix.java }}
distribution: "temurin"

- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3

- name: Build reader
run: ./gradlew reader:uberJar

- name: Test
run: ./gradlew reader:test

- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: built-reader-${{ matrix.java }}
path: |
reader/build/libs/ECTesterReader.jar

standalone:
runs-on: ubuntu-latest
permissions:
contents: read

strategy:
matrix:
java: [ "11", "17", "21" ]
env:
# ffs: https://github.com/adoptium/adoptium-support/issues/485 !!!
LD_LIBRARY_PATH: "/usr/lib/x86_64-linux-gnu/"
name: Build standalone on Java ${{ matrix.java }}
steps:
- uses: actions/checkout@v4
with:
Expand All @@ -40,60 +114,72 @@ jobs:
echo "BORINGSSL_VERSION=$(git submodule status ext/boringssl | cut -f2 -d' ')" >> $GITHUB_ENV
echo "LIBRESSL_VERSION=$(git submodule status ext/libressl | cut -f2 -d' ')" >> $GITHUB_ENV
echo "IPPCP_VERSION=$(git submodule status ext/ipp-crypto | cut -f2 -d' ')" >> $GITHUB_ENV

- name: Build applets
run: if [ $JAVA_VERSION != 21 ]; then ./gradlew applet:buildJavaCard; fi

- name: Build reader
run: ./gradlew reader:uberJar
echo "WOLFCRYPT_VERSION=$(git submodule status ext/wolfcrypt-jni | cut -f2 -d' ')" >> $GITHUB_ENV
echo "WOLFSSL_VERSION=$(dpkg -s libwolfssl-dev | grep 'Version' | cut -f2 -d' ')" >> $GITHUB_ENV

- name: Cache libs
uses: actions/cache@v4
id: cache-libs
with:
key: libs-${{ env.BORINGSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.IPPCP_VERSION }}
key: libs-${{ env.BORINGSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.IPPCP_VERSION }}-${{ env.WOLFCRYPT_VERSION }}-${{ env.WOLFSSL_VERSION }}
path: |
ext/boringssl/build/crypto/libcrypto.so
ext/libressl/build/crypto/libcrypto.so
ext/ipp-crypto/build/.build/RELEASE/lib/libippcp.so
ext/wolfcrypt-jni/lib/wolfcrypt-jni.jar
ext/wolfcrypt-jni/lib/libwolfcryptjni.so

- name: Build libs
if: steps.cache-libs.outputs.cache-hit != 'true'
run: |
# ------------ Build BoringSSL ------------
cd ext/boringssl
cmake -DBUILD_SHARED_LIBS=1 -Bbuild
cd build
make -j4 crypto
cd ../../..
# ------------ Build LibreSSL ------------
cd ext/libressl
./autogen.sh
cmake -DBUILD_SHARED_LIBS=ON -Bbuild
cd build
make -j4 crypto
cd ../../..
# ------------ Build IPP-crypto ------------
cd ext/ipp-crypto
CC=clang CXX=clang++ cmake CMakeLists.txt -Bbuild -DARCH=intel64
cd build
make -j4
cd ../../..
# ------------ Build wolfcrypt-jni ------------
cd ext/wolfcrypt-jni
mkdir junit
wget -P junit/ https://repo1.maven.org/maven2/junit/junit/4.13.2/junit-4.13.2.jar
wget -P junit/ https://repo1.maven.org/maven2/org/hamcrest/hamcrest-all/1.3/hamcrest-all-1.3.jar
make -j4 -f makefile.linux
env JUNIT_HOME=junit/ ant build-jce-release
cd ../../..

- name: Build standalone
run: |
./gradlew standalone:libs || true
./gradlew standalone:uberJar

# ffs: https://github.com/adoptium/adoptium-support/issues/485 !!!
- name: List libraries
run: env LD_LIBRARY_PATH="/usr/lib/x86_64-linux-gnu/" ./gradlew standalone:run --args="list-libs"
run: ./gradlew standalone:run --args="list-libs"

- name: Test
run: ./gradlew test
run: ./gradlew standalone:test

- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: built-${{ matrix.java }}
name: built-standalone-${{ matrix.java }}
path: |
applet/build/javacard/*.cap
reader/build/libs/ECTesterReader.jar
standalone/build/libs/ECTesterStandalone.jar
standalone/build/libs/ECTesterStandalone.jar

- name: Upload code coverage
uses: codecov/codecov-action@v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
slug: crocs-muni/ECTester
3 changes: 3 additions & 0 deletions .gitmodules
Original file line number Diff line number Diff line change
Expand Up @@ -16,3 +16,6 @@
[submodule "ext/ipp-crypto"]
path = ext/ipp-crypto
url = https://github.com/intel/ipp-crypto
[submodule "ext/wolfcrypt-jni"]
path = ext/wolfcrypt-jni
url = https://github.com/wolfSSL/wolfcrypt-jni
24 changes: 19 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -308,7 +308,7 @@ For more information on ECC libraries see [LIBS](docs/LIBS.md).
### Setup

```shell
./gradlew :standalone:libs # To build the native library shims. (Necessary
./gradlew :standalone:libs # To build the native library shims.
./gradlew :standalone:uberJar # To build the standalone tool (jar) -> "standalone/build/libs/ECTesterStandalone.jar"
```
Simply doing the above should build everything necessary to test libraries via the standalone app,
Expand Down Expand Up @@ -356,17 +356,17 @@ g++ -fPIC -shared -O2 -o botan_provider.so -Wl,-rpath,'$ORIGIN/lib' botan.o cpp_
g++ -fPIC -shared -O2 -o cryptopp_provider.so -Wl,-rpath,'$ORIGIN/lib' cryptopp.o cpp_utils.o -L. -L/usr/local/lib -lcryptopp -l:lib_timing.so
```

BoringSSL, LibreSSL and ipp-crypto are included as git submodules. Make sure you run: `git submodule update --init --recursive`
BoringSSL, LibreSSL, ipp-crypto and partially wolfCrypt are included as git submodules. Make sure you run: `git submodule update --init --recursive`
after checking out the ECTester repository to initialize them. To build BoringSSL do:
```
```shell
cd ext/boringssl
cmake -GNinja -Bbuild -DBUILD_SHARED_LIBS=1
cd build
ninja
```

To build LibreSSL do:
```
```shell
cd ext/libressl
./autogen.sh
cmake -GNinja -Bbuild -DBUILD_SHARED_LIBS=1
Expand All @@ -376,13 +376,27 @@ ninja

To build ipp-crypto do:
(Make sure you have the necessary [build requirements](https://github.com/intel/ipp-crypto/blob/develop/BUILD.md))
```
```shell
cd ext/ipp-crypto
CC=clang CXX=clang++ cmake CMakeLists.txt -GNinja -Bbuild -DARCH=intel64 # Does not work with GCC 12+
cd build
ninja
```

To build wolfCrypt-JNI do:
(You need to have wolfSSL installed and ready for development)
```shell
cd ext/wolfcrypt-jni
mkdir junit
wget -P junit/ https://repo1.maven.org/maven2/junit/junit/4.13.2/junit-4.13.2.jar
wget -P junit/ https://repo1.maven.org/maven2/org/hamcrest/hamcrest-all/1.3/hamcrest-all-1.3.jar
make -f makefile.linux
env JUNIT_HOME=junit/ ant build-jce-release
```
The produced `lib/wolfcrypt-jni.jar` will be automatically included into the standalone JAR when building `standalone:uberJar`.
However, the produced `lib/libwolfcryptjni.so` native library will not be automatically loaded. You thus need to include it
on `LD_LIBRARY_PATH`.


#### Java

Expand Down
4 changes: 4 additions & 0 deletions applet/build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,10 @@ dependencies {
runtimeOnly("com.klinec:gradle-javacard:1.8.0")
}

java {
sourceCompatibility = if (JavaVersion.current() == JavaVersion.VERSION_1_8) JavaVersion.VERSION_1_8 else JavaVersion.VERSION_11
}

tasks.named<Test>("test") {
useJUnitPlatform()
}
Expand Down
4 changes: 4 additions & 0 deletions common/build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -20,4 +20,8 @@ dependencies {
api("org.yaml:snakeyaml:2.2")
// https://mvnrepository.com/artifact/com.klinec/jcardsim
api("com.klinec:jcardsim:3.0.5.11")
}

java {
sourceCompatibility = JavaVersion.VERSION_11
}
1 change: 1 addition & 0 deletions ext/wolfcrypt-jni
Submodule wolfcrypt-jni added at 0497ee
Binary file modified ext/wolfcrypt-jni.jar
Binary file not shown.
Binary file modified gradle/wrapper/gradle-wrapper.jar
Binary file not shown.
2 changes: 1 addition & 1 deletion gradle/wrapper/gradle-wrapper.properties
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-8.6-bin.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-8.7-bin.zip
networkTimeout=10000
validateDistributionUrl=true
zipStoreBase=GRADLE_USER_HOME
Expand Down
28 changes: 28 additions & 0 deletions reader/build.gradle.kts
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
plugins {
application
jacoco
id("com.adarshr.test-logger") version "4.0.0"
}

repositories {
Expand All @@ -13,6 +15,15 @@ repositories {
dependencies {
implementation(project(":common"))
implementation(project(":applet"))

testImplementation(platform("org.junit:junit-bom:5.10.2"))
testImplementation("org.junit.jupiter:junit-jupiter")
testImplementation("org.junit-pioneer:junit-pioneer:2.2.0")
testRuntimeOnly("org.junit.platform:junit-platform-launcher")
}

java {
sourceCompatibility = JavaVersion.VERSION_11
}

application {
Expand All @@ -21,6 +32,23 @@ application {
version = "0.3.3"
}

tasks.named<Test>("test") {
useJUnitPlatform()
// Report is always generated after tests run
finalizedBy(tasks.jacocoTestReport)
}

tasks.jacocoTestReport {
reports {
xml.required = true
}
}

testlogger {
theme = com.adarshr.gradle.testlogger.theme.ThemeType.MOCHA
showStandardStreams = true
}

tasks.register<Jar>("uberJar") {
archiveFileName = "ECTesterReader.jar"
duplicatesStrategy = DuplicatesStrategy.WARN
Expand Down
33 changes: 31 additions & 2 deletions standalone/build.gradle.kts
Original file line number Diff line number Diff line change
@@ -1,22 +1,33 @@

plugins {
application
jacoco
id("com.google.osdetector") version "1.7.3"
id("com.adarshr.test-logger") version "4.0.0"
}

repositories {
mavenCentral()
}

dependencies {
implementation(files("$rootDir/ext/wolfcrypt-jni.jar"))
// Fallback to bundled wolfcrypt-jni if the submodule one is not built.
if (file("$rootDir/ext/wolfcrypt-jni/lib/wolfcrypt-jni.jar").exists()) {
implementation(files("$rootDir/ext/wolfcrypt-jni/lib/wolfcrypt-jni.jar"))
} else {
implementation(files("$rootDir/ext/wolfcrypt-jni.jar"))
}
implementation(project(":common"))

testImplementation(platform("org.junit:junit-bom:5.10.2"))
testImplementation("org.junit.jupiter:junit-jupiter")
testImplementation("org.junit-pioneer:junit-pioneer:2.2.0")
testRuntimeOnly("org.junit.platform:junit-platform-launcher")
}

java {
sourceCompatibility = JavaVersion.VERSION_11
}

application {
applicationName = "ECTesterStandalone"
mainClass = "cz.crcs.ectester.standalone.ECTesterStandalone"
Expand All @@ -25,6 +36,23 @@ application {

tasks.named<Test>("test") {
useJUnitPlatform()
// Report is always generated after tests run
finalizedBy(tasks.jacocoTestReport)
// Add wolfcrypt JNI lib path to LD_LIBRARY_PATH (as our native library loading does not handle it)
environment(
"LD_LIBRARY_PATH", "$rootDir/ext/wolfcrypt-jni/lib/:" + System.getenv("LD_LIBRARY_PATH")
)
}

tasks.jacocoTestReport {
reports {
xml.required = true
}
}

testlogger {
theme = com.adarshr.gradle.testlogger.theme.ThemeType.MOCHA
showStandardStreams = true
}

tasks.withType<JavaCompile> {
Expand All @@ -48,6 +76,7 @@ tasks.register<Exec>("libs") {

tasks.register<Jar>("uberJar") {
archiveFileName = "ECTesterStandalone.jar"
duplicatesStrategy = DuplicatesStrategy.WARN

from(sourceSets.main.get().output)

Expand Down
Loading
Loading