diff --git a/.github/workflows/time-machine.yml b/.github/workflows/time-machine.yml new file mode 100644 index 0000000000..c6e9532987 --- /dev/null +++ b/.github/workflows/time-machine.yml @@ -0,0 +1,195 @@ +# Copyright (c) 2024 Ribose Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + +name: time-machine +on: + push: + branches: + - main + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - '.github/workflows/*.yml' + - '!.github/workflows/time-machine.yml' + pull_request: + paths-ignore: + - '/*.sh' + - '/.*' + - '/_*' + - 'Brewfile' + - 'docs/**' + - '**.adoc' + - '**.md' + - '**.nix' + - 'flake.lock' + - '.github/workflows/*.yml' + - '!.github/workflows/time-machine.yml' + workflow_dispatch: + +concurrency: + group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' + cancel-in-progress: true + +env: + RNP_LOG_CONSOLE: 1 + +jobs: + build: + name: ${{ matrix.image.name }} [CC ${{ matrix.env.CC }}; backend ${{ matrix.image.backend }}] + runs-on: ubuntu-latest + timeout-minutes: 120 + strategy: + fail-fast: false + matrix: + env: + - { CC: clang, CXX: clang++ } + +# This workflow keeps all capabilities from the base one (centos-and-fedora.yml) +# but uses just few of tehm +# Pls refer to https://github.com/rnpgp/rnp-ci-containers#readme for image details + image: + - { name: 'Fedora 36', container: 'fedora-36-amd64', backend: 'Botan' } + - { name: 'Fedora 36', container: 'fedora-36-amd64', backend: 'OpenSSL' } + + container: ghcr.io/rnpgp/ci-rnp-${{ matrix.image.container }} + + env: ${{ matrix.env }} + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + submodules: true + + - name: Setup environment + run: | + set -o errexit -o pipefail -o noclobber -o nounset + + /opt/tools/tools.sh select_crypto_backend_for_gha ${{ matrix.image.backend }} + /opt/tools/tools.sh select_gpg_version_for_gha 'system' + /opt/tools/tools.sh select_botan_version_for_gha 'system' + + echo CORES="$(nproc --all)" >> $GITHUB_ENV + + useradd rnpuser + printf "\nrnpuser\tALL=(ALL)\tNOPASSWD:\tALL" > /etc/sudoers.d/rnpuser + printf "\nrnpuser\tsoft\tnproc\tunlimited\n" > /etc/security/limits.d/30-rnpuser.conf + + - name: Configure + run: | + cmake -B build \ + -DBUILD_SHARED_LIBS=ON \ + -DDOWNLOAD_GTEST=ON \ + -DCMAKE_BUILD_TYPE=Release \ + -DCRYPTO_BACKEND=${{ matrix.image.backend }} + + - name: Build + run: cmake --build build --parallel ${{ env.CORES }} + + - name: Archive build files + run: tar -czvf build.tar.gz build + + - name: Upload build files + uses: actions/upload-artifact@v3 + with: + name: 'build-${{ matrix.env.CC }}-${{ matrix.image.backend }}' + path: 'build.tar.gz' + retention-days: 5 + + test: + name: ${{ matrix.image.name }} [CC ${{ matrix.env.CC }}; backend ${{ matrix.image.backend }}; date offset ${{ matrix.date-offset }}] + runs-on: ubuntu-latest + needs: build + timeout-minutes: 120 + strategy: + fail-fast: false + matrix: + env: + - { CC: clang, CXX: clang++ } + +# Pls refer to https://github.com/rnpgp/rnp-ci-containers#readme for image details + image: + - { name: 'Fedora 36', container: 'fedora-36-amd64', backend: 'Botan' } + - { name: 'Fedora 36', container: 'fedora-36-amd64', backend: 'OpenSSL' } + + date-offset: + - '+0y' + - '+1y' + - '+5y' + + container: ghcr.io/rnpgp/ci-rnp-${{ matrix.image.container }} + + env: ${{ matrix.env }} + steps: + - name: Install tools + run: dnf -y install libfaketime + + - name: Checkout + uses: actions/checkout@v3 + with: + submodules: true + + - name: Setup environment + run: | + set -o errexit -o pipefail -o noclobber -o nounset + + /opt/tools/tools.sh select_crypto_backend_for_gha ${{ matrix.image.backend }} + /opt/tools/tools.sh select_gpg_version_for_gha 'system' + /opt/tools/tools.sh select_botan_version_for_gha 'system' + + echo CORES="$(nproc --all)" >> $GITHUB_ENV + + useradd rnpuser + printf "\nrnpuser\tALL=(ALL)\tNOPASSWD:\tALL" > /etc/sudoers.d/rnpuser + printf "\nrnpuser\tsoft\tnproc\tunlimited\n" > /etc/security/limits.d/30-rnpuser.conf + + - name: Download build files + uses: actions/download-artifact@v3 + with: + name: 'build-${{ matrix.env.CC }}-${{ matrix.image.backend }}' + + - name: Extract build files + run: tar -xzvf build.tar.gz + + - name: Configure fake time + if: matrix.date-offset != '0 years' + run: | + set -o errexit -o pipefail -o noclobber -o nounset + echo FAKETIME="${{ matrix.date-offset }}" >> $GITHUB_ENV + + - name: Test + run: | + set -o errexit -o pipefail -o noclobber -o nounset + mkdir -p "build/Testing/Temporary" + cp "cmake/CTestCostData.txt" "build/Testing/Temporary" + export PATH="$PWD/build/src/lib:$PATH" + chown -R rnpuser:rnpuser $PWD + echo Running tests for "$(LD_PRELOAD=/usr/lib64/faketime/libfaketime.so.1 date)" + exec su rnpuser -c "LD_PRELOAD=/usr/lib64/faketime/libfaketime.so.1 ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" diff --git a/src/tests/data/test_stream_key_load/ecc-25519-2subs-sec.asc b/src/tests/data/test_stream_key_load/ecc-25519-2subs-sec.asc index ac48ee0cd5..a815960459 100644 --- a/src/tests/data/test_stream_key_load/ecc-25519-2subs-sec.asc +++ b/src/tests/data/test_stream_key_load/ecc-25519-2subs-sec.asc @@ -1,36 +1,41 @@ ------BEGIN PGP PRIVATE KEY BLOCK----- - -xYYEWsN6MBYJKwYBBAHaRw8BAQdAAS+nkv9BdVi0JX7g6d+O201bdKhdowbielOougCpCfj+BwMC -kuClwXrc7H3i9J2+l5bS6+TGJVRP2/yrh9tCcsgmUf0Z1T7uwS7ABadlAPIokvZ3aLmU5ahSJY7S -pK/EV3vEG76FMCxxXOJTDIKfsHoS880JZWNjLTI1NTE5wpQEExYIADwCGwMFCwkIBwIDIgIBBhUK -CQgLAgQWAgMBAh4DAheAFiEEIfxoJ0quO13jmkJ3zHhieJgbBygFAlxVr80ACgkQzHhieJgbByiU -UAD+My3dFRRvnG3rclbocVytirRGsMBxgyxcBjveJmk+wRwBAOYpsfbUuTCgKVT1GtQlJhmcyVr+ -lB2A7F3v8+NEKlsKx8MGBGWKu+MBCADrrci5Yes25POd5AtX2fLQyJFiVfH6fRL9UrgmTGaHa7uZ -hGaUhAjigKi7ZD4XEAVr3a9OvagiLmF/DyhRGtBFkmxtMQi0feqgOW0XY6+mLfghUKDgrvzP0B2y -FhlA4VbtpWhJ8XUNSx5+Fg84H6DR597ELfo5vckQfXMQKR2XsWLV513aFVcnDx4QZVSLfTHmUNN4 -AKyY/MclO+vpWCpOaGvDcrXgxsjzqMuko7BpGd8I9+aAV8VOYruO49Wdv/PEok2+fAzmYwDcq0Uc -o5y4cEKxeKUBvEaVssZMGqWZwMPhy90M8/hMr+oA1IMZImV/MKosVeCAS4dqL4WS2lbNABEBAAH+ -CQMINg2MvEJ8tybFzJappxxEV60vuiRlZ2WoFGJVwNfHEBGAs78iD7ZZThOpetdlVAzLGCnwbog1 -LGwzedB7T4s7oVgrZtVtdTat4Humeok8YljJZ/wpz4dAnTERP1bU0E+uBkiGcxMUjQ/lpbT+0mL6 -Zz/oZSQ+qwlm3WxWmN+K9YfmgO/77t0VrOeVrA9xXyH8/EnxRVAV2JmVHR4GRim3uijIkNSF6aIX -wpsANlvlC7hnPy5znquTUS7kyyXwBE/ajyBRTEASpITVaTgcXYcOWkYMKpg6E9k1umCHAFDi1nEU -I27w3ju1IAmfxkMjkXk0TSlGdXZeWWv7qyN8BDE25qpL1gRjcTgvec/oFkuV6dCXSZ6HlCL8r2mn -I0T8BMR7pc581Alv8mVfkAdxGI3Jtb0Eg85z5BIxcn4UYpqOJQa5pcSr67pMEVQm+SobEogDIUR4 -Wp1CJqoIVaN6gOetx6nJZQZCmPw4Hw/HttakZX4cDKk3pOzYtZOXXYA21+laUoWum2nfX3IC1VKK -Ci7qJVGtusrLLdKopOkBg/xOwrL6zqN4gtkLQs/dYBBX72KhH2121MkoOovdE3kobsgwxvnuMjVr -7vCNxk8H11CnLc+Pz71z5L+nNnuDr6eJkpzsR5OGa/9HUPHWjnBRvw14f4CmOAuhcnmQeXxVtR8O -Vk1imVlcRe5atST4O4Ie3ZEfqDY/mE1fMr0cvv4hcaoX98Oe+krLWkpABrF0sQOKOeqiO95a8nqG -xcS/dGwoK2anfFiueWLgT3waSfgIgBup5KlfoV9/68IQlV8C8WLWq+zlmKJce3rzIaKtyqN/RrVh -eGvWWxQD2a880ZyZ5+rjnu4yEluvEfuLnqC92AR1Z9V5NOCq3wepMUYiyx7+fhpzcoZx/jljPbR3 -QdPZFCkau/J081sPwn4EGBYIACYWIQQh/GgnSq47XeOaQnfMeGJ4mBsHKAUCZYq75AUJA8JnAAIb -DAAKCRDMeGJ4mBsHKOWaAP4n9VVjJVfaP6u93+M6gu6xxxyrHvO/C1COuNM5O/oC7AEAyIC2CZOK -z/oPFb4XXb9K9IFMmW8AsoHJgbKVzE6c9gvHhgRlirwDFgkrBgEEAdpHDwEBB0C8c/Z5jhqLKKja -39fiaENXaS/QSFg/uVi3soP7xwsVPf4JAwg28w+7+7oyKcQgMOnU82KBCb2dX8KrVFbIeruyNepX -ZAcFFr2UBT3Z3FKx7wLP1B4qm3w6Abst3f9Hr8S2pMIETX44WJkaCdb4Zu7oom5IwsA1BBgWCAAm -FiEEIfxoJ0quO13jmkJ3zHhieJgbBygFAmWKvAMFCQPCZwACGwIAgQkQzHhieJgbByh2IAQZFggA -HRYhBG0gfcwKwoHb/ChXhVc0NsIxrmM4BQJlirwDAAoJEFc0NsIxrmM4Sl4BAKZNuM4q2CNR0xtY -OBI3XoYxAMDgcLjKNlXRz/jlHr9NAP4s/CslyoQu9hj2WChlLwEEutYtUWY+stbAUi9pW4yHDsUi -AQCRUSL2WmjCIteNT1jC2oDyD7rqIlLW6kKaSS6xbZo2QwEAjMwIsEU066czOQwkzv/ftFhDKOcx -gMXZMeceVrvq+wM= -=rHQj ------END PGP PRIVATE KEY BLOCK----- +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lIYEWsN6MBYJKwYBBAHaRw8BAQdAAS+nkv9BdVi0JX7g6d+O201bdKhdowbielOo +ugCpCfj+BwMCPEyv4kgwM53xFzXrH/MXu6qb60MYEO8DqZMCpxOsLYytglLHeb1n +0wstuw0rql7NVfNndIjlKMQZ1CD2/ulTnMpEUyfiza7XPL8EoTPGGbQJZWNjLTI1 +NTE5iJQEExYIADwCGwMFCwkIBwIDIgIBBhUKCQgLAgQWAgMBAh4DAheAFiEEIfxo +J0quO13jmkJ3zHhieJgbBygFAlxVr80ACgkQzHhieJgbByiUUAD+My3dFRRvnG3r +clbocVytirRGsMBxgyxcBjveJmk+wRwBAOYpsfbUuTCgKVT1GtQlJhmcyVr+lB2A +7F3v8+NEKlsKnQPGBGWKu+MBCADrrci5Yes25POd5AtX2fLQyJFiVfH6fRL9Urgm +TGaHa7uZhGaUhAjigKi7ZD4XEAVr3a9OvagiLmF/DyhRGtBFkmxtMQi0feqgOW0X +Y6+mLfghUKDgrvzP0B2yFhlA4VbtpWhJ8XUNSx5+Fg84H6DR597ELfo5vckQfXMQ +KR2XsWLV513aFVcnDx4QZVSLfTHmUNN4AKyY/MclO+vpWCpOaGvDcrXgxsjzqMuk +o7BpGd8I9+aAV8VOYruO49Wdv/PEok2+fAzmYwDcq0Uco5y4cEKxeKUBvEaVssZM +GqWZwMPhy90M8/hMr+oA1IMZImV/MKosVeCAS4dqL4WS2lbNABEBAAH+BwMC81Ki +6hTzrpLxTZlO0Xii6BZw1l+G2vE0Kfp4UmHZC4OURb8YNHSbKagmmfqeNOiCewG5 +2fQgQogfWtiCN752rhL5bK7nHwtYuFrWbhWStqnqRxfkJydngFamY9hlCpWcbWD/ +z5Y6cQAXivqWHD8hPxHB/LcOyN+cfnZzxK5vRlMtBJFpLgOlBaoQlYo1ClKIMWWW +pmL6a55vhDiH2f9pNxQKKBYDlgsIGR8OcImD+pAiR9PNrpOac4fyMSTTXR2MOkGJ +TxPAaNWVYHtxdTLhHSc/FjvUnGeDPMFgqmnbS2FSDFP/QOlvYfdjR036q0n7PfQ1 +mXpCH/x2b5344RTphM6oJa8cNxJ04lMrHe4+3lepLKzB3JOSBcRsDOMq+yY4lqBH +bGfDzmzFOLOgxJMUFu8dmbrfuGMc9AeuZl1LGiPL8DWD0ejd8H641mEbilbZpATA +xEjQfS/Bzunvf3A7hHVy8ZWu6h8/jOsVBDs+61igXkcyk1w2NAS1/5gEMNcTX2k/ +wHUQ6KsEF4IoLKEeUaE3gmwjBO0VJYgQs0Sg/FH6kxVZFq8nYx6B1lhtR7Bd6eGG +hiRNv1I9oXcwhSvq4e5y+HbKEqnrm5aTvRTMTb+Rf6j6MR3Hzg1gMYVZtonUJjPr +GOndrHIYjp1rJ2WS1riOkCl0FqqjH9Hd74OGGLxMP5sUWRBi8bW9t2eB4ADvIaVr +EeJSU2wIux72zXdesuLkn1awj53pBk40xRrbqks1WKlgxVb943sVn+BNngpkohfE +esaemcZFLOGDAZX83PWb9b8IKc2LZ9I3btlHvCwi4P5g0Yzsuc+bZlHyoE5Xc+62 +FTzsavfdt+PstFNSWemFYO1L8nlZ6WgO4y8HUtfxkcJ7HyyvWoao1I1yZDbXU1do +6wER90DSFqM5yf87fDlcazsQiH4EGBYIACYWIQQh/GgnSq47XeOaQnfMeGJ4mBsH +KAUCZYq75AUJA8JnAAIbDAAKCRDMeGJ4mBsHKOWaAP4n9VVjJVfaP6u93+M6gu6x +xxyrHvO/C1COuNM5O/oC7AEAyIC2CZOKz/oPFb4XXb9K9IFMmW8AsoHJgbKVzE6c +9guchgRlirwDFgkrBgEEAdpHDwEBB0C8c/Z5jhqLKKja39fiaENXaS/QSFg/uVi3 +soP7xwsVPf4HAwLzAdCzwYIHaPHmHtlsWZ4wAVb2rFlTIu7Ct5DJKK7HnhdDFnmI +Nrf1wiQrKO26TWjaFAOK71dtxRO2pRZ45fLjMGJs5UGgdEcAUHMZF7aViO8EGBYI +ACACGwIWIQQh/GgnSq47XeOaQnfMeGJ4mBsHKAUCZbuIVACBdiAEGRYIAB0WIQRt +IH3MCsKB2/woV4VXNDbCMa5jOAUCZYq8AwAKCRBXNDbCMa5jOEpeAQCmTbjOKtgj +UdMbWDgSN16GMQDA4HC4yjZV0c/45R6/TQD+LPwrJcqELvYY9lgoZS8BBLrWLVFm +PrLWwFIvaVuMhw4JEMx4YniYGwcoBR0BALnDnfdfDiOpVb4vqHYcVr2tHsss2rI2 +6EQ72rpRM5xAAP0Yx//Lp6jidyGOSvEjdZsgpdgZOXULtTF62vW4Ggv3Cw== +=SX92 +-----END PGP PRIVATE KEY BLOCK-----