opensc/.travis.yml

language: c

matrix:
  include:
    - compiler: clang
      os: osx
      osx_image: xcode9.4
      env: DO_PUSH_ARTIFACT=yes
    - compiler: gcc
      os: linux
      dist: trusty
      env:
        - DO_SIMULATION=javacard
        - ENABLE_DOC=--enable-doc
    - compiler: gcc
      os: linux
      dist: bionic
      env:
        - DO_SIMULATION=oseid
    - env:
        - HOST=x86_64-w64-mingw32
        - DO_PUSH_ARTIFACT=yes
    - env:
        - HOST=i686-w64-mingw32
        - DO_PUSH_ARTIFACT=yes
    - env: DO_COVERITY_SCAN=yes
    - compiler: gcc
      os: linux
      dist: bionic
      env:
        - DO_SIMULATION=cac

env:
  global:
    # The next declaration are encrypted envirnmet variables, created via the
    # "travis encrypt" command using the project repo's public key
    # COVERITY_SCAN_TOKEN
    - secure: "UkHn7wy4im8V1nebCWbAetnDSOLRUbOlF6++ovk/7Bnso1/lnhXHelyzgRxfD/oI68wm9nnRV+RQEZ9+72Ug1CyvHxyyxxkwal/tPeHH4B/L+aGdPi0id+5OZSKIm77VP3m5s102sJMJgH7DFd03+nUd0K26p0tk8ad4j1geV4c="
    # GH_TOKEN
    - secure: "cUAvpN/XUPMIN5cgWAbIOhghRoLXyw7SCydzGaJ1Ucqb9Ml2v5iuLLuN57YbZHTiWw03vy6rYVzzwMDrHX8r3oUALsv7ViJHG4PzIe7fAFZsZpHECmGsp6SEnue7m7BNy3FT8KYbiXxnxDO0SxmFXlrPAYR0WMZCWx2TENYcafs="
    - COVERITY_SCAN_BRANCH_PATTERN="(master|coverity.*)"
    - COVERITY_SCAN_NOTIFICATION_EMAIL="viktor.tarasov@gmail.com"
    - COVERITY_SCAN_BUILD_COMMAND="make -j 4"
    - COVERITY_SCAN_PROJECT_NAME="$TRAVIS_REPO_SLUG"
    - SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct)

addons:
  apt_packages:
    - binutils-mingw-w64-i686
    - binutils-mingw-w64-x86-64
    - docbook-xsl
    - gcc-mingw-w64-i686
    - gcc-mingw-w64-x86-64
    - libpcsclite-dev
    - mingw-w64
    - xsltproc
    - gengetopt
    - libcmocka-dev
    - help2man
    - pcscd
    - pcsc-tools
    - check
    - ant
    - socat

before_install:
  # brew install gengetopt help2man cmocka ccache llvm;
  # export PATH="/usr/local/opt/ccache/libexec:/usr/local/opt/llvm/bin:$PATH";
  # add magic notarization flags for macOS, see https://github.com/akeru-inc/xcnotary/blob/master/README.md
  - if [ "$TRAVIS_OS_NAME" = "osx" ]; then
        brew update;
        brew uninstall libtool;
        brew install libtool;
        brew install gengetopt help2man cmocka ccache;
        export PATH="/usr/local/opt/ccache/libexec:$PATH";
        openssl aes-256-cbc -K $encrypted_3b9f0b9d36d1_key -iv $encrypted_3b9f0b9d36d1_iv -in .github/secrets.tar.enc -out .github/secrets.tar -d;
        .github/add_signing_key.sh;
        export OTHER_CODE_SIGN_FLAGS=--timestamp CODE_SIGN_INJECT_BASE_ENTITLEMENTS=NO CODE_SIGN_STYLE=Manual;
        git clone https://github.com/frankmorgner/OpenSCToken.git;
    fi
  - if [ "${DO_SIMULATION}" = "cac" ]; then
        sudo apt-get install -y libglib2.0-dev libnss3-dev  pkgconf libtool make autoconf autoconf-archive automake libsofthsm2-dev softhsm2 softhsm2-common help2man gnutls-bin libcmocka-dev libusb-dev libudev-dev flex libnss3-tools libssl-dev libpcsclite1;
        export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig;
    fi
  - if [ -n "${HOST}" ]; then
        sudo apt-get install -y wine;
    fi

before_script:
  - if [ "$TRAVIS_BRANCH" = "master" -a "$TRAVIS_PULL_REQUEST" = "false" ]; then
      ./bootstrap;
    fi
  - if [ "$TRAVIS_BRANCH" = "master" -a "$TRAVIS_PULL_REQUEST" != "false" ]; then
      ./bootstrap.ci -s "-pr$TRAVIS_PULL_REQUEST";
    fi
  - if [ "$TRAVIS_BRANCH" != "master" -a "$TRAVIS_PULL_REQUEST" = "false" ]; then
      ./bootstrap.ci -s "-$TRAVIS_BRANCH";
    fi
  - if [ "$TRAVIS_BRANCH" != "master" -a "$TRAVIS_PULL_REQUEST" != "false" ]; then
      ./bootstrap.ci -s "-$TRAVIS_BRANCH-pr$TRAVIS_PULL_REQUEST";
    fi
  - if [ -z "$HOST" ]; then
      CFLAGS="-Werror" ./configure $ENABLE_DOC --enable-dnie-ui;
    else
      if [ ! -f "$(winepath 'C:/Program Files (x86)/Inno Setup 5/ISCC.exe')" ]; then
        /sbin/start-stop-daemon --start --quiet --pidfile /tmp/custom_xvfb_99.pid --make-pidfile --background --exec /usr/bin/Xvfb -- :99 -ac -screen 0 1280x1024x16;
        export DISPLAY=:99.0;
        [ -d isetup ] || mkdir isetup;
        pushd isetup;
        [ -f isetup-5.5.6.exe ] || wget http://files.jrsoftware.org/is/5/isetup-5.5.6.exe;
        wine isetup-5.5.6.exe /SILENT /VERYSILENT /SP- /SUPPRESSMSGBOXES /NORESTART;
        popd;
      fi;
      unset CC;
      unset CXX;
      ./configure --host=$HOST --with-completiondir=/tmp --disable-openssl --disable-readline --disable-zlib --disable-notify --prefix=${TRAVIS_BUILD_DIR}/win32/opensc || cat config.log;
    fi
  # Optionally try to upload to Coverity Scan
  # On error (propably quota is exhausted), just continue
  - if [ "${DO_COVERITY_SCAN}" = "yes" ]; then curl -s 'https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh' | bash || true; fi

  - if [ "${DO_SIMULATION}" = "javacard" ]; then
      set -ex;
      git clone https://github.com/frankmorgner/vsmartcard.git;
      cd vsmartcard/virtualsmartcard;
      autoreconf -vis && ./configure && sudo make install;
      cd $TRAVIS_BUILD_DIR;
      sudo /etc/init.d/pcscd restart;

      git clone https://github.com/martinpaljak/oracle_javacard_sdks.git;
      export JC_HOME=$PWD/oracle_javacard_sdks/jc222_kit;
      export JC_CLASSIC_HOME=$PWD/oracle_javacard_sdks/jc305u3_kit;

      git clone https://github.com/arekinath/jcardsim.git;
      cd jcardsim;
      mvn initialize && mvn clean install;
      cd $TRAVIS_BUILD_DIR;

      git clone https://github.com/philipWendland/IsoApplet.git;
      javac -classpath jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar IsoApplet/src/net/pwendland/javacard/pki/isoapplet/*.java;
      echo "com.licel.jcardsim.card.applet.0.AID=F276A288BCFBA69D34F31001" > isoapplet_jcardsim.cfg;
      echo "com.licel.jcardsim.card.applet.0.Class=net.pwendland.javacard.pki.isoapplet.IsoApplet" >> isoapplet_jcardsim.cfg;
      echo "com.licel.jcardsim.card.ATR=3B80800101" >> isoapplet_jcardsim.cfg;
      echo "com.licel.jcardsim.vsmartcard.host=localhost" >> isoapplet_jcardsim.cfg;
      echo "com.licel.jcardsim.vsmartcard.port=35963" >> isoapplet_jcardsim.cfg;

      git clone https://github.com/vletoux/GidsApplet.git;
      javac -classpath jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar GidsApplet/src/com/mysmartlogon/gidsApplet/*.java;
      echo "com.licel.jcardsim.card.applet.0.AID=A000000397425446590201" > gids_jcardsim.cfg;
      echo "com.licel.jcardsim.card.applet.0.Class=com.mysmartlogon.gidsApplet.GidsApplet" >> gids_jcardsim.cfg;
      echo "com.licel.jcardsim.card.ATR=3B80800101" >> gids_jcardsim.cfg;
      echo "com.licel.jcardsim.vsmartcard.host=localhost" >> gids_jcardsim.cfg;
      echo "com.licel.jcardsim.vsmartcard.port=35963" >> gids_jcardsim.cfg;

      git clone --recursive https://github.com/Yubico/ykneo-openpgp.git;
      cd ykneo-openpgp;
      ant -DJAVACARD_HOME=${JC_HOME};
      cd $TRAVIS_BUILD_DIR;
      echo "com.licel.jcardsim.card.applet.0.AID=D2760001240102000000000000010000" > openpgp_jcardsim.cfg;
      echo "com.licel.jcardsim.card.applet.0.Class=openpgpcard.OpenPGPApplet" >> openpgp_jcardsim.cfg;
      echo "com.licel.jcardsim.card.ATR=3B80800101" >> openpgp_jcardsim.cfg;
      echo "com.licel.jcardsim.vsmartcard.host=localhost" >> openpgp_jcardsim.cfg;
      echo "com.licel.jcardsim.vsmartcard.port=35963" >> openpgp_jcardsim.cfg;

      git clone --recursive https://github.com/arekinath/PivApplet.git;
      cd PivApplet;
      ant dist;
      cd $TRAVIS_BUILD_DIR;

      git clone https://github.com/Yubico/yubico-piv-tool.git;
      cd yubico-piv-tool;
      autoreconf -vis && ./configure && sudo make install;
      cd $TRAVIS_BUILD_DIR;
      set +ex;
    fi

  - if [ "${DO_SIMULATION}" = "oseid" ]; then
      git clone https://github.com/popovec/oseid;
      cd oseid/src/;
      make -f Makefile.console;
      mkdir tmp;
      socat -d -d pty,link=tmp/OsEIDsim.socket,raw,echo=0 "exec:build/console/console ...,pty,raw,echo=0" &
      PID=$!;
      sleep 1;
      echo "# OsEIDsim" > tmp/reader.conf;
      echo 'FRIENDLYNAME      "OsEIDsim"' >> tmp/reader.conf;
      echo "DEVICENAME        ${TRAVIS_BUILD_DIR}/oseid/src/tmp/OsEIDsim.socket" >> tmp/reader.conf;
      echo "LIBPATH           ${TRAVIS_BUILD_DIR}/oseid/src/build/console/libOsEIDsim.so.0.0.1" >> tmp/reader.conf;
      echo "CHANNELID         1" >> tmp/reader.conf;
      sudo mv tmp/reader.conf /etc/reader.conf.d/reader.conf;
      cat /etc/reader.conf.d/reader.conf;
      cd $TRAVIS_BUILD_DIR;

      sudo /etc/init.d/pcscd restart;
    fi

  - if [ "${DO_SIMULATION}" = "cac" ]; then
      git clone https://github.com/frankmorgner/vsmartcard.git;
      cd vsmartcard/virtualsmartcard;
      autoreconf -vis && ./configure && make -j4 && sudo make install;

      cd $TRAVIS_BUILD_DIR;
      git clone https://gitlab.freedesktop.org/spice/libcacard.git;
      cd libcacard && ./autogen.sh --prefix=/usr && make -j4 && sudo make install;

      cd $TRAVIS_BUILD_DIR;
      git clone https://github.com/PL4typus/virt_cacard.git;
      cd virt_cacard && ./autogen.sh && ./configure && make;

      cd $TRAVIS_BUILD_DIR;
      sudo /etc/init.d/pcscd restart;
    fi

script:
  - if [ "${DO_COVERITY_SCAN}" != "yes" ]; then
      if [ "${TRAVIS_OS_NAME}" = "osx" ]; then
        ./MacOSX/build;
      else
        make -j 4;
      fi;
    fi
  - if [ -z "$HOST" -a "${DO_COVERITY_SCAN}" != "yes" -a -z "$DO_SIMULATION" ]; then
      make check && make dist;
    fi
  - if [ ! -z "$HOST" -a "${DO_COVERITY_SCAN}" != "yes" ]; then
      make install;
      wine "C:/Program Files (x86)/Inno Setup 5/ISCC.exe" win32/OpenSC.iss;
    fi

  - if [ "${DO_SIMULATION}" = "javacard" ]; then
      set -ex;
      sudo make install;
      export LD_LIBRARY_PATH=/usr/local/lib;

      java -noverify -cp IsoApplet/src/:jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar com.licel.jcardsim.remote.VSmartCard isoapplet_jcardsim.cfg >/dev/null &
      PID=$!;
      sleep 5;
      opensc-tool --card-driver default --send-apdu 80b800001a0cf276a288bcfba69d34f310010cf276a288bcfba69d34f3100100;
      opensc-tool -n;
      pkcs15-init --create-pkcs15 --so-pin 123456 --so-puk 0123456789abcdef;
      pkcs15-init --generate-key rsa/2048     --id 1 --key-usage decrypt,sign --auth-id FF --pin 123456;
      pkcs15-init --generate-key rsa/2048     --id 2 --key-usage decrypt      --auth-id FF --pin 123456;
      pkcs15-init --generate-key ec/secp256r1 --id 3 --key-usage sign         --auth-id FF --pin 123456;
      pkcs15-tool -D;
      pkcs11-tool -l -t -p 123456;
      kill -9 $PID;

      java -noverify -cp GidsApplet/src/:jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar com.licel.jcardsim.remote.VSmartCard gids_jcardsim.cfg >/dev/null &
      PID=$!;
      sleep 5;
      opensc-tool --card-driver default --send-apdu 80b80000190bA0000003974254465902010bA00000039742544659020100;
      opensc-tool -n;
      gids-tool --initialize --pin 123456 --admin-key 000000000000000000000000000000000000000000000000 --serial 00000000000000000000000000000000;
      kill -9 $PID;

      java -noverify -cp ykneo-openpgp/applet/bin:jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar com.licel.jcardsim.remote.VSmartCard openpgp_jcardsim.cfg >/dev/null &
      PID=$!;
      sleep 5;
      opensc-tool --card-driver default --send-apdu 80b800002210D276000124010200000000000001000010D276000124010200000000000001000000;
      opensc-tool -n;
      openpgp-tool --verify CHV3 --pin 12345678 --gen-key 2;
      pkcs15-init --verify --auth-id 3 --pin 12345678 --delete-objects privkey,pubkey --id 2 --generate-key rsa/2048;
      pkcs11-tool -l -t -p 123456;
      kill -9 $PID;

      java -noverify -cp PivApplet/bin/:jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar com.licel.jcardsim.remote.VSmartCard PivApplet/test/jcardsim.cfg >/dev/null &
      PID=$!;
      sleep 5;
      opensc-tool --card-driver default --send-apdu 80b80000120ba000000308000010000100050000020F0F7f;
      opensc-tool -n;
      yubico-piv-tool -r 'Virtual PCD 00 00' -P 123456 -s 9a -a generate -A ECCP256;
      yubico-piv-tool -r 'Virtual PCD 00 00' -P 123456 -s 9e -a generate -A RSA2048;
      pkcs11-tool -l -t -p 123456;
      kill -9 $PID;

      set +ex;
    fi

  - if [ "${DO_SIMULATION}" = "oseid" ]; then
      set -ex;
      sudo make install;
      export LD_LIBRARY_PATH=/usr/local/lib;

      cd oseid/tools;
      echo | ./OsEID-tool INIT;
      ./OsEID-tool RSA-CREATE-KEYS;
      ./OsEID-tool RSA-UPLOAD-KEYS;
      ./OsEID-tool RSA-DECRYPT-TEST;
      ./OsEID-tool EC-CREATE-KEYS;
      ./OsEID-tool EC-UPLOAD-KEYS;
      ./OsEID-tool EC-SIGN-TEST;
      ./OsEID-tool EC-ECDH-TEST;
      kill -9 $PID;

      set +ex;
    fi
  - if [ "${DO_SIMULATION}" = "cac" ]; then
      cd $TRAVIS_BUILD_DIR;
      make check && sudo make install || (cat tests/*log src/tests/unittests/*log && exit);
      export LD_LIBRARY_PATH=/usr/local/lib;
      cd src/tests/p11test/;
      ./p11test -s 0 -p 12345678 -i &
      sleep 5;
      cd $TRAVIS_BUILD_DIR/virt_cacard;
      ./setup-softhsm2.sh;
      export SOFTHSM2_CONF=$PWD/softhsm2.conf;
      ./virt_cacard &
      wait $(ps aux | grep '[p]11test'| awk '{print $2}');
      kill -9 $(ps aux | grep '[v]irt_cacard'| awk '{print $2}');
    fi

after_script:
  # kill process started during compilation to finish the build, see
  # https://github.com/moodlerooms/moodle-plugin-ci/issues/33 for details
  - if [ ! -z "$HOST" ]; then
      killall services.exe;
    fi

  # keep in sync with appveyor.yml
  - if [ "${DO_PUSH_ARTIFACT}" = "yes" -a "$TRAVIS_PULL_REQUEST" = "false" -a "$TRAVIS_REPO_SLUG" = "OpenSC/OpenSC" ]; then
      git config --global user.email "builds@travis-ci.org";
      git config --global user.name "Travis CI";
      .github/push_artifacts.sh "Travis CI build ${TRAVIS_JOB_NUMBER}";
    fi
  - if [ "$TRAVIS_OS_NAME" = "osx" ]; then
      .github/remove_signing_key.sh;
      rm -f .github/secrets.tar;
    fi

before_cache:
  - brew cleanup

cache:
  apt: true
  ccache: true
  directories:
    - $HOME/.m2/
    - $HOME/Library/Caches/Homebrew
    - openssl_bin
    - openpace_bin
    - isetup