Add Javacard tests and mingw build to Github Actions

* PIV applet
* Isoapplet
* Gids Applet
* openpgp applet
* Split clang-tidy to separate task as it is too slow

.github/build.sh

@@ -23,6 +23,16 @@ if [ "$RUNNER_OS" == "macOS" ]; then
 	exit $?
 fi
 
+if [ "$1" == "mingw" -o "$1" == "mingw32" ]; then
+	if [ "$1" == "mingw" ]; then
+		HOST=x86_64-w64-mingw32
+	elif [ "$1" == "mingw32" ]; then
+		HOST=i686-w64-mingw32
+	fi
+	unset CC
+	unset CXX
+	./configure --host=$HOST --with-completiondir=/tmp --disable-openssl --disable-readline --disable-zlib --disable-notify --prefix=$PWD/win32/opensc || cat config.log;
+fi
 # normal procedure
 ./configure  --disable-dependency-tracking
 
@@ -36,3 +46,7 @@ if [ "$1" == "dist" ]; then
 fi
 
 sudo make install
+
+if [ "$1" == "mingw" -o "$1" == "mingw32" ]; then
+	wine "C:/Program Files (x86)/Inno Setup 5/ISCC.exe" win32/OpenSC.iss
+fi

.github/setup-java.sh

@@ -0,0 +1,24 @@
+#!/bin/bash -e
+
+# Select the right java
+sudo update-java-alternatives -s java-1.8.0-openjdk-amd64
+sudo update-alternatives --get-selections | grep ^java
+export PATH="/usr/lib/jvm/java-8-openjdk-amd64/bin/:$PATH"
+export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/
+env | grep -i openjdk
+
+# VSmartcard
+./.github/setup-vsmartcard.sh
+
+# Javacard SDKs
+git clone https://github.com/martinpaljak/oracle_javacard_sdks.git
+export JC_HOME=$PWD/oracle_javacard_sdks/jc222_kit
+export JC_CLASSIC_HOME=$PWD/oracle_javacard_sdks/jc305u3_kit
+
+# jCardSim
+git clone https://github.com/arekinath/jcardsim.git
+pushd jcardsim
+env | grep -i openjdk
+export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/
+mvn initialize && mvn clean install
+popd

.github/setup-linux.sh

@@ -1,17 +1,41 @@
 #!/bin/bash -e
 
-DEPS="docbook-xsl libpcsclite-dev xsltproc gengetopt libcmocka-dev help2man pcscd check clang-tidy softhsm2 pcsc-tools libtool make autoconf autoconf-archive automake libssl-dev zlib1g-dev pkg-config libreadline-dev openssl git"
-if [ "$1" == "cac" ]; then
+DEPS="docbook-xsl libpcsclite-dev xsltproc gengetopt libcmocka-dev help2man pcscd check softhsm2 pcsc-tools libtool make autoconf autoconf-archive automake libssl-dev zlib1g-dev pkg-config libreadline-dev openssl git"
+
+if [ "$1" == "clang-tidy" ]; then
+	DEPS="$DEPS clang-tidy"
+elif [ "$1" == "cac" ]; then
 	DEPS="$DEPS libglib2.0-dev libnss3-dev gnutls-bin libusb-dev libudev-dev flex libnss3-tools"
 elif [ "$1" == "oseid" ]; then
 	DEPS="$DEPS socat gawk xxd"
-elif [ "$1" == "piv"]; then
-	DEPS="$DEPS ant cmake"
-elif [ "$1" == "mingw" ]; then
-	DEPS="$DEPS wine binutils-mingw-w64-i686 binutils-mingw-w64-x86-64 gcc-mingw-w64-i686 gcc-mingw-w64-x86-64 mingw-w64"
+elif [ "$1" == "piv" -o "$1" == "isoapplet" -o "$1" == "gidsapplet" -o "$1" == "openpgp" ]; then
+	if [ "$1" == "piv" ]; then
+		DEPS="$DEPS cmake"
+	fi
+	DEPS="$DEPS ant openjdk-8-jdk"
+elif [ "$1" == "mingw" -o "$1" == "mingw32" ]; then
+	sudo dpkg --add-architecture i386
+	if [ "$1" == "mingw" ]; then
+		DEPS="$DEPS wine wine32 binutils-mingw-w64-x86-64 gcc-mingw-w64-x86-64 mingw-w64"
+	elif [ "$1" == "mingw32" ]; then
+		DEPS="$DEPS wine wine32 binutils-mingw-w64-i686 gcc-mingw-w64-i686"
+	fi
 fi
 
 # make sure we do not get prompts
 export DEBIAN_FRONTEND=noninteractive
 sudo apt-get update
 sudo apt-get install -y build-essential $DEPS
+
+if [ "$1" == "mingw" -o "$1" == "mingw32" ]; then
+	if [ ! -f "$(winepath 'C:/Program Files (x86)/Inno Setup 5/ISCC.exe')" ]; then
+		/sbin/start-stop-daemon --start --quiet --pidfile /tmp/custom_xvfb_99.pid --make-pidfile --background --exec /usr/bin/Xvfb -- :99 -ac -screen 0 1280x1024x16
+		export DISPLAY=:99.0
+		[ -d isetup ] || mkdir isetup
+		pushd isetup
+		[ -f isetup-5.5.6.exe ] || wget http://files.jrsoftware.org/is/5/isetup-5.5.6.exe
+		sleep 5 # make sure the X server is ready ?
+		wine isetup-5.5.6.exe /SILENT /VERYSILENT /SP- /SUPPRESSMSGBOXES /NORESTART
+		popd
+	fi
+fi

.github/setup-vsmartcard.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+if [ ! -d "vsmartcard" ]; then
+	git clone https://github.com/frankmorgner/vsmartcard.git
+fi
+pushd vsmartcard/virtualsmartcard
+autoreconf -vis && ./configure && make -j2 && sudo make install
+popd

.github/test-cac.sh

@@ -5,12 +5,7 @@ sudo make install
 export LD_LIBRARY_PATH=/usr/local/lib
 
 # VSmartcard
-if [ ! -d "vsmartcard" ]; then
-	git clone https://github.com/frankmorgner/vsmartcard.git
-fi
-pushd vsmartcard/virtualsmartcard
-autoreconf -vis && ./configure && make -j2 && sudo make install
-popd
+./.github/setup-vsmartcard.sh
 
 # libcacard
 if [ ! -d "libcacard" ]; then

.github/test-gidsapplet.sh

@@ -0,0 +1,36 @@
+#!/bin/bash -e
+
+# install the opensc
+sudo make install
+export LD_LIBRARY_PATH=/usr/local/lib
+
+# setup java stuff
+. .github/setup-java.sh
+
+# GidsApplet
+git clone https://github.com/vletoux/GidsApplet.git;
+javac -classpath jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar GidsApplet/src/com/mysmartlogon/gidsApplet/*.java;
+echo "com.licel.jcardsim.card.applet.0.AID=A000000397425446590201" > gids_jcardsim.cfg;
+echo "com.licel.jcardsim.card.applet.0.Class=com.mysmartlogon.gidsApplet.GidsApplet" >> gids_jcardsim.cfg;
+echo "com.licel.jcardsim.card.ATR=3B80800101" >> gids_jcardsim.cfg;
+echo "com.licel.jcardsim.vsmartcard.host=localhost" >> gids_jcardsim.cfg;
+echo "com.licel.jcardsim.vsmartcard.port=35963" >> gids_jcardsim.cfg;
+
+# log errors from pcscd to console
+sudo systemctl stop pcscd.service pcscd.socket
+sudo /usr/sbin/pcscd -f &
+PCSCD_PID=$!
+
+
+# start the applet and run couple of commands against that
+java -noverify -cp GidsApplet/src/:jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar com.licel.jcardsim.remote.VSmartCard gids_jcardsim.cfg >/dev/null &
+PID=$!;
+sleep 5;
+opensc-tool --card-driver default --send-apdu 80b80000190bA0000003974254465902010bA00000039742544659020100;
+opensc-tool -n;
+gids-tool --initialize --pin 123456 --admin-key 000000000000000000000000000000000000000000000000 --serial 00000000000000000000000000000000;
+kill -9 $PID
+
+
+# cleanup
+sudo kill -9 $PCSCD_PID

.github/test-isoapplet.sh

@@ -0,0 +1,41 @@
+#!/bin/bash -e
+
+# install the opensc
+sudo make install
+export LD_LIBRARY_PATH=/usr/local/lib
+
+# setup java stuff
+./.github/setup-java.sh
+
+# The ISO applet
+git clone https://github.com/philipWendland/IsoApplet.git;
+javac -classpath jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar IsoApplet/src/net/pwendland/javacard/pki/isoapplet/*.java;
+echo "com.licel.jcardsim.card.applet.0.AID=F276A288BCFBA69D34F31001" > isoapplet_jcardsim.cfg;
+echo "com.licel.jcardsim.card.applet.0.Class=net.pwendland.javacard.pki.isoapplet.IsoApplet" >> isoapplet_jcardsim.cfg;
+echo "com.licel.jcardsim.card.ATR=3B80800101" >> isoapplet_jcardsim.cfg;
+echo "com.licel.jcardsim.vsmartcard.host=localhost" >> isoapplet_jcardsim.cfg;
+echo "com.licel.jcardsim.vsmartcard.port=35963" >> isoapplet_jcardsim.cfg;
+
+# log errors from pcscd to console
+sudo systemctl stop pcscd.service pcscd.socket
+sudo /usr/sbin/pcscd -f &
+PCSCD_PID=$!
+
+# start the applet and run couple of commands against that
+java -noverify -cp IsoApplet/src/:jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar com.licel.jcardsim.remote.VSmartCard isoapplet_jcardsim.cfg >/dev/null &
+PID=$!;
+sleep 5;
+opensc-tool --card-driver default --send-apdu 80b800001a0cf276a288bcfba69d34f310010cf276a288bcfba69d34f3100100;
+opensc-tool -n;
+pkcs15-init --create-pkcs15 --so-pin 123456 --so-puk 0123456789abcdef;
+pkcs15-tool --change-pin --pin 123456 --new-pin 654321;
+pkcs15-tool --unblock-pin --puk 0123456789abcdef --new-pin 123456;
+pkcs15-init --generate-key rsa/2048     --id 1 --key-usage decrypt,sign --auth-id FF --pin 123456;
+pkcs15-init --generate-key rsa/2048     --id 2 --key-usage decrypt      --auth-id FF --pin 123456;
+pkcs15-init --generate-key ec/secp256r1 --id 3 --key-usage sign         --auth-id FF --pin 123456;
+pkcs15-tool -D;
+pkcs11-tool -l -t -p 123456;
+kill -9 $PID;
+
+# cleanup
+sudo kill -9 $PCSCD_PID

.github/test-openpgp.sh

@@ -0,0 +1,40 @@
+#!/bin/bash -e
+
+# install the opensc
+sudo make install
+export LD_LIBRARY_PATH=/usr/local/lib
+
+# setup java stuff
+. .github/setup-java.sh
+
+# The OpenPGP applet
+git clone --recursive https://github.com/Yubico/ykneo-openpgp.git;
+cd ykneo-openpgp;
+ant -DJAVACARD_HOME=${JC_HOME};
+cd $TRAVIS_BUILD_DIR;
+echo "com.licel.jcardsim.card.applet.0.AID=D2760001240102000000000000010000" > openpgp_jcardsim.cfg;
+echo "com.licel.jcardsim.card.applet.0.Class=openpgpcard.OpenPGPApplet" >> openpgp_jcardsim.cfg;
+echo "com.licel.jcardsim.card.ATR=3B80800101" >> openpgp_jcardsim.cfg;
+echo "com.licel.jcardsim.vsmartcard.host=localhost" >> openpgp_jcardsim.cfg;
+echo "com.licel.jcardsim.vsmartcard.port=35963" >> openpgp_jcardsim.cfg;
+
+# log errors from pcscd to console
+sudo systemctl stop pcscd.service pcscd.socket
+sudo /usr/sbin/pcscd -f &
+PCSCD_PID=$!
+
+
+# start the applet and run couple of commands against that
+java -noverify -cp ykneo-openpgp/applet/bin:jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar com.licel.jcardsim.remote.VSmartCard openpgp_jcardsim.cfg >/dev/null &
+PID=$!;
+sleep 5;
+opensc-tool --card-driver default --send-apdu 80b800002210D276000124010200000000000001000010D276000124010200000000000001000000;
+opensc-tool -n;
+openpgp-tool --verify CHV3 --pin 12345678 --gen-key 2;
+pkcs15-init --verify --auth-id 3 --pin 12345678 --delete-objects privkey,pubkey --id 2 --generate-key rsa/2048;
+pkcs11-tool -l -t -p 123456;
+kill -9 $PID
+
+
+# cleanup
+sudo kill -9 $PCSCD_PID

.github/test-piv.sh

@@ -0,0 +1,45 @@
+#!/bin/bash -e
+
+# install the opensc
+sudo make install
+export LD_LIBRARY_PATH=/usr/local/lib
+
+# setup java stuff
+. .github/setup-java.sh
+
+# The PIV Applet
+git clone --recursive https://github.com/arekinath/PivApplet.git
+pushd PivApplet
+JC_HOME=${JC_CLASSIC_HOME} ant dist
+popd
+
+# yubico-piv-tool is needed for PIV Applet management 
+git clone https://github.com/Yubico/yubico-piv-tool.git
+pushd yubico-piv-tool
+mkdir build
+pushd build
+cmake .. && make && sudo make install
+popd
+popd
+
+
+# log errors from pcscd to console
+sudo systemctl stop pcscd.service pcscd.socket
+sudo /usr/sbin/pcscd -f &
+PCSCD_PID=$!
+
+
+# start the applet and run couple of commands against that
+java -noverify -cp PivApplet/bin/:jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar com.licel.jcardsim.remote.VSmartCard PivApplet/test/jcardsim.cfg >/dev/null &
+PID=$!
+sleep 5
+opensc-tool --card-driver default --send-apdu 80b80000120ba000000308000010000100050000020F0F7f
+opensc-tool -n
+yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P 123456 -s 9e -a generate -A RSA2048
+yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P 123456 -s 9a -a generate -A ECCP256
+pkcs11-tool -l -t -p 123456
+kill -9 $PID
+
+
+# cleanup
+sudo kill -9 $PCSCD_PID

.github/workflows/linux.yml

@@ -26,19 +26,100 @@ jobs:
       - uses: actions/checkout@v2
       - run: .github/setup-linux.sh
       - run: .github/build.sh
+      - uses: actions/cache@v2
+        id: cache-build
+        with:
+          path: ./*
+          key: ${{ runner.os }}-18-${{ github.sha }}
 
-#  test-piv:
-#    runs-on: ubuntu-latest
-#    needs: [build]
-#    steps:
-#      - uses: actions/checkout@v2
-#      - uses: actions/cache@v2
-#        id: cache-build
-#        with:
-#          path: ./*
-#          key: ${{ runner.os }}-${{ github.sha }}
-#      - run: .github/setup-linux.sh piv
-#      - run: .github/test-piv.sh
+  build-mingw:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - run: .github/setup-linux.sh mingw
+      - run: .github/build.sh mingw
+      - uses: actions/cache@v2
+        id: cache-build
+        with:
+          path: ./*
+          key: ${{ runner.os }}-${{ github.sha }}
+
+  build-mingw32:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - run: .github/setup-linux.sh mingw32
+      - run: .github/build.sh mingw32
+      - uses: actions/cache@v2
+        id: cache-build
+        with:
+          path: ./*
+          key: ${{ runner.os }}-${{ github.sha }}
+
+  test-piv:
+    runs-on: ubuntu-18.04
+    needs: [build-ubuntu-18]
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        id: cache-build
+        with:
+          path: ./*
+          key: ${{ runner.os }}-18-${{ github.sha }}
+      - run: .github/setup-linux.sh piv
+      - run: .github/test-piv.sh
+
+  test-isoapplet:
+    runs-on: ubuntu-18.04
+    needs: [build-ubuntu-18]
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        id: cache-build
+        with:
+          path: ./*
+          key: ${{ runner.os }}-18-${{ github.sha }}
+      - run: .github/setup-linux.sh isoapplet
+      - run: .github/test-isoapplet.sh
+
+  test-gidsapplet:
+    runs-on: ubuntu-18.04
+    needs: [build-ubuntu-18]
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        id: cache-build
+        with:
+          path: ./*
+          key: ${{ runner.os }}-18-${{ github.sha }}
+      - run: .github/setup-linux.sh gidsapplet
+      - run: .github/test-gidsapplet.sh
+
+  test-openpgp:
+    runs-on: ubuntu-18.04
+    needs: [build-ubuntu-18]
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        id: cache-build
+        with:
+          path: ./*
+          key: ${{ runner.os }}-18-${{ github.sha }}
+      - run: .github/setup-linux.sh openpgp
+      - run: .github/test-openpgp.sh
+
+  build-clang-tidy:
+    runs-on: ubuntu-latest
+    needs: [build]
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        id: cache-build
+        with:
+          path: ./*
+          key: ${{ runner.os }}-${{ github.sha }}
+      - run: .github/setup-linux.sh clang-tidy
+      - run: .github/build.sh
 
   test-cac:
     runs-on: ubuntu-latest
@@ -68,7 +149,7 @@ jobs:
 
   push-artifacts:
     runs-on: ubuntu-latest
-    needs: [test-cac, test-oseid]
+    needs: [build, build-mingw, build-mingw32]
     steps:
       - uses: actions/checkout@v2
       - uses: actions/cache@v2