Add Javacard tests and mingw build to Github Actions
* PIV applet * Isoapplet * Gids Applet * openpgp applet * Split clang-tidy to separate task as it is too slow
This commit is contained in:
parent
5d338739ac
commit
f43d3f8042
|
@ -23,6 +23,16 @@ if [ "$RUNNER_OS" == "macOS" ]; then
|
|||
exit $?
|
||||
fi
|
||||
|
||||
if [ "$1" == "mingw" -o "$1" == "mingw32" ]; then
|
||||
if [ "$1" == "mingw" ]; then
|
||||
HOST=x86_64-w64-mingw32
|
||||
elif [ "$1" == "mingw32" ]; then
|
||||
HOST=i686-w64-mingw32
|
||||
fi
|
||||
unset CC
|
||||
unset CXX
|
||||
./configure --host=$HOST --with-completiondir=/tmp --disable-openssl --disable-readline --disable-zlib --disable-notify --prefix=$PWD/win32/opensc || cat config.log;
|
||||
fi
|
||||
# normal procedure
|
||||
./configure --disable-dependency-tracking
|
||||
|
||||
|
@ -36,3 +46,7 @@ if [ "$1" == "dist" ]; then
|
|||
fi
|
||||
|
||||
sudo make install
|
||||
|
||||
if [ "$1" == "mingw" -o "$1" == "mingw32" ]; then
|
||||
wine "C:/Program Files (x86)/Inno Setup 5/ISCC.exe" win32/OpenSC.iss
|
||||
fi
|
||||
|
|
|
@ -0,0 +1,24 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
# Select the right java
|
||||
sudo update-java-alternatives -s java-1.8.0-openjdk-amd64
|
||||
sudo update-alternatives --get-selections | grep ^java
|
||||
export PATH="/usr/lib/jvm/java-8-openjdk-amd64/bin/:$PATH"
|
||||
export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/
|
||||
env | grep -i openjdk
|
||||
|
||||
# VSmartcard
|
||||
./.github/setup-vsmartcard.sh
|
||||
|
||||
# Javacard SDKs
|
||||
git clone https://github.com/martinpaljak/oracle_javacard_sdks.git
|
||||
export JC_HOME=$PWD/oracle_javacard_sdks/jc222_kit
|
||||
export JC_CLASSIC_HOME=$PWD/oracle_javacard_sdks/jc305u3_kit
|
||||
|
||||
# jCardSim
|
||||
git clone https://github.com/arekinath/jcardsim.git
|
||||
pushd jcardsim
|
||||
env | grep -i openjdk
|
||||
export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/
|
||||
mvn initialize && mvn clean install
|
||||
popd
|
|
@ -1,17 +1,41 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
DEPS="docbook-xsl libpcsclite-dev xsltproc gengetopt libcmocka-dev help2man pcscd check clang-tidy softhsm2 pcsc-tools libtool make autoconf autoconf-archive automake libssl-dev zlib1g-dev pkg-config libreadline-dev openssl git"
|
||||
if [ "$1" == "cac" ]; then
|
||||
DEPS="docbook-xsl libpcsclite-dev xsltproc gengetopt libcmocka-dev help2man pcscd check softhsm2 pcsc-tools libtool make autoconf autoconf-archive automake libssl-dev zlib1g-dev pkg-config libreadline-dev openssl git"
|
||||
|
||||
if [ "$1" == "clang-tidy" ]; then
|
||||
DEPS="$DEPS clang-tidy"
|
||||
elif [ "$1" == "cac" ]; then
|
||||
DEPS="$DEPS libglib2.0-dev libnss3-dev gnutls-bin libusb-dev libudev-dev flex libnss3-tools"
|
||||
elif [ "$1" == "oseid" ]; then
|
||||
DEPS="$DEPS socat gawk xxd"
|
||||
elif [ "$1" == "piv"]; then
|
||||
DEPS="$DEPS ant cmake"
|
||||
elif [ "$1" == "mingw" ]; then
|
||||
DEPS="$DEPS wine binutils-mingw-w64-i686 binutils-mingw-w64-x86-64 gcc-mingw-w64-i686 gcc-mingw-w64-x86-64 mingw-w64"
|
||||
elif [ "$1" == "piv" -o "$1" == "isoapplet" -o "$1" == "gidsapplet" -o "$1" == "openpgp" ]; then
|
||||
if [ "$1" == "piv" ]; then
|
||||
DEPS="$DEPS cmake"
|
||||
fi
|
||||
DEPS="$DEPS ant openjdk-8-jdk"
|
||||
elif [ "$1" == "mingw" -o "$1" == "mingw32" ]; then
|
||||
sudo dpkg --add-architecture i386
|
||||
if [ "$1" == "mingw" ]; then
|
||||
DEPS="$DEPS wine wine32 binutils-mingw-w64-x86-64 gcc-mingw-w64-x86-64 mingw-w64"
|
||||
elif [ "$1" == "mingw32" ]; then
|
||||
DEPS="$DEPS wine wine32 binutils-mingw-w64-i686 gcc-mingw-w64-i686"
|
||||
fi
|
||||
fi
|
||||
|
||||
# make sure we do not get prompts
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y build-essential $DEPS
|
||||
|
||||
if [ "$1" == "mingw" -o "$1" == "mingw32" ]; then
|
||||
if [ ! -f "$(winepath 'C:/Program Files (x86)/Inno Setup 5/ISCC.exe')" ]; then
|
||||
/sbin/start-stop-daemon --start --quiet --pidfile /tmp/custom_xvfb_99.pid --make-pidfile --background --exec /usr/bin/Xvfb -- :99 -ac -screen 0 1280x1024x16
|
||||
export DISPLAY=:99.0
|
||||
[ -d isetup ] || mkdir isetup
|
||||
pushd isetup
|
||||
[ -f isetup-5.5.6.exe ] || wget http://files.jrsoftware.org/is/5/isetup-5.5.6.exe
|
||||
sleep 5 # make sure the X server is ready ?
|
||||
wine isetup-5.5.6.exe /SILENT /VERYSILENT /SP- /SUPPRESSMSGBOXES /NORESTART
|
||||
popd
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [ ! -d "vsmartcard" ]; then
|
||||
git clone https://github.com/frankmorgner/vsmartcard.git
|
||||
fi
|
||||
pushd vsmartcard/virtualsmartcard
|
||||
autoreconf -vis && ./configure && make -j2 && sudo make install
|
||||
popd
|
|
@ -5,12 +5,7 @@ sudo make install
|
|||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
|
||||
# VSmartcard
|
||||
if [ ! -d "vsmartcard" ]; then
|
||||
git clone https://github.com/frankmorgner/vsmartcard.git
|
||||
fi
|
||||
pushd vsmartcard/virtualsmartcard
|
||||
autoreconf -vis && ./configure && make -j2 && sudo make install
|
||||
popd
|
||||
./.github/setup-vsmartcard.sh
|
||||
|
||||
# libcacard
|
||||
if [ ! -d "libcacard" ]; then
|
||||
|
|
|
@ -0,0 +1,36 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
# install the opensc
|
||||
sudo make install
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
|
||||
# setup java stuff
|
||||
. .github/setup-java.sh
|
||||
|
||||
# GidsApplet
|
||||
git clone https://github.com/vletoux/GidsApplet.git;
|
||||
javac -classpath jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar GidsApplet/src/com/mysmartlogon/gidsApplet/*.java;
|
||||
echo "com.licel.jcardsim.card.applet.0.AID=A000000397425446590201" > gids_jcardsim.cfg;
|
||||
echo "com.licel.jcardsim.card.applet.0.Class=com.mysmartlogon.gidsApplet.GidsApplet" >> gids_jcardsim.cfg;
|
||||
echo "com.licel.jcardsim.card.ATR=3B80800101" >> gids_jcardsim.cfg;
|
||||
echo "com.licel.jcardsim.vsmartcard.host=localhost" >> gids_jcardsim.cfg;
|
||||
echo "com.licel.jcardsim.vsmartcard.port=35963" >> gids_jcardsim.cfg;
|
||||
|
||||
# log errors from pcscd to console
|
||||
sudo systemctl stop pcscd.service pcscd.socket
|
||||
sudo /usr/sbin/pcscd -f &
|
||||
PCSCD_PID=$!
|
||||
|
||||
|
||||
# start the applet and run couple of commands against that
|
||||
java -noverify -cp GidsApplet/src/:jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar com.licel.jcardsim.remote.VSmartCard gids_jcardsim.cfg >/dev/null &
|
||||
PID=$!;
|
||||
sleep 5;
|
||||
opensc-tool --card-driver default --send-apdu 80b80000190bA0000003974254465902010bA00000039742544659020100;
|
||||
opensc-tool -n;
|
||||
gids-tool --initialize --pin 123456 --admin-key 000000000000000000000000000000000000000000000000 --serial 00000000000000000000000000000000;
|
||||
kill -9 $PID
|
||||
|
||||
|
||||
# cleanup
|
||||
sudo kill -9 $PCSCD_PID
|
|
@ -0,0 +1,41 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
# install the opensc
|
||||
sudo make install
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
|
||||
# setup java stuff
|
||||
./.github/setup-java.sh
|
||||
|
||||
# The ISO applet
|
||||
git clone https://github.com/philipWendland/IsoApplet.git;
|
||||
javac -classpath jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar IsoApplet/src/net/pwendland/javacard/pki/isoapplet/*.java;
|
||||
echo "com.licel.jcardsim.card.applet.0.AID=F276A288BCFBA69D34F31001" > isoapplet_jcardsim.cfg;
|
||||
echo "com.licel.jcardsim.card.applet.0.Class=net.pwendland.javacard.pki.isoapplet.IsoApplet" >> isoapplet_jcardsim.cfg;
|
||||
echo "com.licel.jcardsim.card.ATR=3B80800101" >> isoapplet_jcardsim.cfg;
|
||||
echo "com.licel.jcardsim.vsmartcard.host=localhost" >> isoapplet_jcardsim.cfg;
|
||||
echo "com.licel.jcardsim.vsmartcard.port=35963" >> isoapplet_jcardsim.cfg;
|
||||
|
||||
# log errors from pcscd to console
|
||||
sudo systemctl stop pcscd.service pcscd.socket
|
||||
sudo /usr/sbin/pcscd -f &
|
||||
PCSCD_PID=$!
|
||||
|
||||
# start the applet and run couple of commands against that
|
||||
java -noverify -cp IsoApplet/src/:jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar com.licel.jcardsim.remote.VSmartCard isoapplet_jcardsim.cfg >/dev/null &
|
||||
PID=$!;
|
||||
sleep 5;
|
||||
opensc-tool --card-driver default --send-apdu 80b800001a0cf276a288bcfba69d34f310010cf276a288bcfba69d34f3100100;
|
||||
opensc-tool -n;
|
||||
pkcs15-init --create-pkcs15 --so-pin 123456 --so-puk 0123456789abcdef;
|
||||
pkcs15-tool --change-pin --pin 123456 --new-pin 654321;
|
||||
pkcs15-tool --unblock-pin --puk 0123456789abcdef --new-pin 123456;
|
||||
pkcs15-init --generate-key rsa/2048 --id 1 --key-usage decrypt,sign --auth-id FF --pin 123456;
|
||||
pkcs15-init --generate-key rsa/2048 --id 2 --key-usage decrypt --auth-id FF --pin 123456;
|
||||
pkcs15-init --generate-key ec/secp256r1 --id 3 --key-usage sign --auth-id FF --pin 123456;
|
||||
pkcs15-tool -D;
|
||||
pkcs11-tool -l -t -p 123456;
|
||||
kill -9 $PID;
|
||||
|
||||
# cleanup
|
||||
sudo kill -9 $PCSCD_PID
|
|
@ -0,0 +1,40 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
# install the opensc
|
||||
sudo make install
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
|
||||
# setup java stuff
|
||||
. .github/setup-java.sh
|
||||
|
||||
# The OpenPGP applet
|
||||
git clone --recursive https://github.com/Yubico/ykneo-openpgp.git;
|
||||
cd ykneo-openpgp;
|
||||
ant -DJAVACARD_HOME=${JC_HOME};
|
||||
cd $TRAVIS_BUILD_DIR;
|
||||
echo "com.licel.jcardsim.card.applet.0.AID=D2760001240102000000000000010000" > openpgp_jcardsim.cfg;
|
||||
echo "com.licel.jcardsim.card.applet.0.Class=openpgpcard.OpenPGPApplet" >> openpgp_jcardsim.cfg;
|
||||
echo "com.licel.jcardsim.card.ATR=3B80800101" >> openpgp_jcardsim.cfg;
|
||||
echo "com.licel.jcardsim.vsmartcard.host=localhost" >> openpgp_jcardsim.cfg;
|
||||
echo "com.licel.jcardsim.vsmartcard.port=35963" >> openpgp_jcardsim.cfg;
|
||||
|
||||
# log errors from pcscd to console
|
||||
sudo systemctl stop pcscd.service pcscd.socket
|
||||
sudo /usr/sbin/pcscd -f &
|
||||
PCSCD_PID=$!
|
||||
|
||||
|
||||
# start the applet and run couple of commands against that
|
||||
java -noverify -cp ykneo-openpgp/applet/bin:jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar com.licel.jcardsim.remote.VSmartCard openpgp_jcardsim.cfg >/dev/null &
|
||||
PID=$!;
|
||||
sleep 5;
|
||||
opensc-tool --card-driver default --send-apdu 80b800002210D276000124010200000000000001000010D276000124010200000000000001000000;
|
||||
opensc-tool -n;
|
||||
openpgp-tool --verify CHV3 --pin 12345678 --gen-key 2;
|
||||
pkcs15-init --verify --auth-id 3 --pin 12345678 --delete-objects privkey,pubkey --id 2 --generate-key rsa/2048;
|
||||
pkcs11-tool -l -t -p 123456;
|
||||
kill -9 $PID
|
||||
|
||||
|
||||
# cleanup
|
||||
sudo kill -9 $PCSCD_PID
|
|
@ -0,0 +1,45 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
# install the opensc
|
||||
sudo make install
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
|
||||
# setup java stuff
|
||||
. .github/setup-java.sh
|
||||
|
||||
# The PIV Applet
|
||||
git clone --recursive https://github.com/arekinath/PivApplet.git
|
||||
pushd PivApplet
|
||||
JC_HOME=${JC_CLASSIC_HOME} ant dist
|
||||
popd
|
||||
|
||||
# yubico-piv-tool is needed for PIV Applet management
|
||||
git clone https://github.com/Yubico/yubico-piv-tool.git
|
||||
pushd yubico-piv-tool
|
||||
mkdir build
|
||||
pushd build
|
||||
cmake .. && make && sudo make install
|
||||
popd
|
||||
popd
|
||||
|
||||
|
||||
# log errors from pcscd to console
|
||||
sudo systemctl stop pcscd.service pcscd.socket
|
||||
sudo /usr/sbin/pcscd -f &
|
||||
PCSCD_PID=$!
|
||||
|
||||
|
||||
# start the applet and run couple of commands against that
|
||||
java -noverify -cp PivApplet/bin/:jcardsim/target/jcardsim-3.0.5-SNAPSHOT.jar com.licel.jcardsim.remote.VSmartCard PivApplet/test/jcardsim.cfg >/dev/null &
|
||||
PID=$!
|
||||
sleep 5
|
||||
opensc-tool --card-driver default --send-apdu 80b80000120ba000000308000010000100050000020F0F7f
|
||||
opensc-tool -n
|
||||
yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P 123456 -s 9e -a generate -A RSA2048
|
||||
yubico-piv-tool -v 9999 -r 'Virtual PCD 00 00' -P 123456 -s 9a -a generate -A ECCP256
|
||||
pkcs11-tool -l -t -p 123456
|
||||
kill -9 $PID
|
||||
|
||||
|
||||
# cleanup
|
||||
sudo kill -9 $PCSCD_PID
|
|
@ -26,19 +26,100 @@ jobs:
|
|||
- uses: actions/checkout@v2
|
||||
- run: .github/setup-linux.sh
|
||||
- run: .github/build.sh
|
||||
- uses: actions/cache@v2
|
||||
id: cache-build
|
||||
with:
|
||||
path: ./*
|
||||
key: ${{ runner.os }}-18-${{ github.sha }}
|
||||
|
||||
# test-piv:
|
||||
# runs-on: ubuntu-latest
|
||||
# needs: [build]
|
||||
# steps:
|
||||
# - uses: actions/checkout@v2
|
||||
# - uses: actions/cache@v2
|
||||
# id: cache-build
|
||||
# with:
|
||||
# path: ./*
|
||||
# key: ${{ runner.os }}-${{ github.sha }}
|
||||
# - run: .github/setup-linux.sh piv
|
||||
# - run: .github/test-piv.sh
|
||||
build-mingw:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- run: .github/setup-linux.sh mingw
|
||||
- run: .github/build.sh mingw
|
||||
- uses: actions/cache@v2
|
||||
id: cache-build
|
||||
with:
|
||||
path: ./*
|
||||
key: ${{ runner.os }}-${{ github.sha }}
|
||||
|
||||
build-mingw32:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- run: .github/setup-linux.sh mingw32
|
||||
- run: .github/build.sh mingw32
|
||||
- uses: actions/cache@v2
|
||||
id: cache-build
|
||||
with:
|
||||
path: ./*
|
||||
key: ${{ runner.os }}-${{ github.sha }}
|
||||
|
||||
test-piv:
|
||||
runs-on: ubuntu-18.04
|
||||
needs: [build-ubuntu-18]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/cache@v2
|
||||
id: cache-build
|
||||
with:
|
||||
path: ./*
|
||||
key: ${{ runner.os }}-18-${{ github.sha }}
|
||||
- run: .github/setup-linux.sh piv
|
||||
- run: .github/test-piv.sh
|
||||
|
||||
test-isoapplet:
|
||||
runs-on: ubuntu-18.04
|
||||
needs: [build-ubuntu-18]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/cache@v2
|
||||
id: cache-build
|
||||
with:
|
||||
path: ./*
|
||||
key: ${{ runner.os }}-18-${{ github.sha }}
|
||||
- run: .github/setup-linux.sh isoapplet
|
||||
- run: .github/test-isoapplet.sh
|
||||
|
||||
test-gidsapplet:
|
||||
runs-on: ubuntu-18.04
|
||||
needs: [build-ubuntu-18]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/cache@v2
|
||||
id: cache-build
|
||||
with:
|
||||
path: ./*
|
||||
key: ${{ runner.os }}-18-${{ github.sha }}
|
||||
- run: .github/setup-linux.sh gidsapplet
|
||||
- run: .github/test-gidsapplet.sh
|
||||
|
||||
test-openpgp:
|
||||
runs-on: ubuntu-18.04
|
||||
needs: [build-ubuntu-18]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/cache@v2
|
||||
id: cache-build
|
||||
with:
|
||||
path: ./*
|
||||
key: ${{ runner.os }}-18-${{ github.sha }}
|
||||
- run: .github/setup-linux.sh openpgp
|
||||
- run: .github/test-openpgp.sh
|
||||
|
||||
build-clang-tidy:
|
||||
runs-on: ubuntu-latest
|
||||
needs: [build]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/cache@v2
|
||||
id: cache-build
|
||||
with:
|
||||
path: ./*
|
||||
key: ${{ runner.os }}-${{ github.sha }}
|
||||
- run: .github/setup-linux.sh clang-tidy
|
||||
- run: .github/build.sh
|
||||
|
||||
test-cac:
|
||||
runs-on: ubuntu-latest
|
||||
|
@ -68,7 +149,7 @@ jobs:
|
|||
|
||||
push-artifacts:
|
||||
runs-on: ubuntu-latest
|
||||
needs: [test-cac, test-oseid]
|
||||
needs: [build, build-mingw, build-mingw32]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/cache@v2
|
||||
|
|
Loading…
Reference in New Issue