aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2016-08-28 10:36:17 -0400
committerJack Lloyd <[email protected]>2016-08-28 10:36:17 -0400
commitd8e513d0f90c4bcb5b6b1abf236860a2a4c3c807 (patch)
tree4a0be3e7f4980fffc219045617407d11004ba45c /src
parent8316775a591ead5697011fb41813bd956c2d0083 (diff)
parent4e42b0186b0cd975019918f33cc324428b739a21 (diff)
Merge GH #608 Travis CI work
Add ARM32, ARM64, PPC32, PPC64, and MinGW x86-32 cross builds to Travis. Add valgrind build to Travis.
Diffstat (limited to 'src')
-rw-r--r--src/build-data/cc/clang.txt3
-rw-r--r--src/build-data/cc/gcc.txt7
-rw-r--r--src/lib/entropy/cryptoapi_rng/info.txt2
-rw-r--r--src/lib/entropy/win32_stats/info.txt2
-rw-r--r--src/lib/pubkey/pubkey.cpp6
-rw-r--r--src/lib/utils/calendar.cpp11
-rw-r--r--src/lib/utils/os_utils.cpp2
-rwxr-xr-xsrc/scripts/ci/travis/build.sh212
-rwxr-xr-xsrc/scripts/ci/travis/install.sh29
-rw-r--r--src/tests/test_ffi.cpp37
10 files changed, 224 insertions, 87 deletions
diff --git a/src/build-data/cc/clang.txt b/src/build-data/cc/clang.txt
index 0e2963665..d6e3ecfe3 100644
--- a/src/build-data/cc/clang.txt
+++ b/src/build-data/cc/clang.txt
@@ -16,7 +16,8 @@ maintainer_warning_flags "-Qunused-arguments -Werror -Wno-error=unused-parameter
compile_flags "-c"
debug_info_flags "-g"
optimization_flags "-O3"
-sanitizer_flags "-fsanitize=address,undefined -fsanitize-coverage=edge,indirect-calls,8bit-counters -fno-sanitize-recover=undefined"
+#sanitizer_flags "-fsanitize=address,undefined -fsanitize-coverage=edge,indirect-calls,8bit-counters -fno-sanitize-recover=undefined"
+sanitizer_flags "-fsanitize=address,undefined"
shared_flags "-fPIC"
coverage_flags "--coverage"
diff --git a/src/build-data/cc/gcc.txt b/src/build-data/cc/gcc.txt
index 0687a6dd0..d3473454b 100644
--- a/src/build-data/cc/gcc.txt
+++ b/src/build-data/cc/gcc.txt
@@ -8,8 +8,11 @@ add_lib_dir_option -L
add_lib_option -l
lang_flags "-std=c++11 -D_REENTRANT"
-maintainer_warning_flags "-Wold-style-cast -Werror -Wno-error=old-style-cast -Wno-error=zero-as-null-pointer-constant -Wno-error=unused-parameter -Wno-error=unused-variable -Wno-error=strict-overflow -Wsuggest-override"
-warning_flags "-Wall -Wextra -Wpedantic -Wshadow -Wstrict-aliasing -Wstrict-overflow=5 -Wcast-align -Wmissing-declarations -Wpointer-arith -Wcast-qual -Wzero-as-null-pointer-constant -Wnon-virtual-dtor"
+
+# This should only contain flags which are included in GCC 4.8
+warning_flags "-Wall -Wextra -Wpedantic -Wstrict-aliasing -Wstrict-overflow=5 -Wcast-align -Wmissing-declarations -Wpointer-arith -Wcast-qual -Wzero-as-null-pointer-constant -Wnon-virtual-dtor"
+
+maintainer_warning_flags "-Wold-style-cast -Wsuggest-override -Wshadow -Werror -Wno-error=old-style-cast -Wno-error=zero-as-null-pointer-constant -Wno-error=unused-parameter -Wno-error=unused-variable -Wno-error=strict-overflow"
compile_flags "-c"
debug_info_flags "-g"
diff --git a/src/lib/entropy/cryptoapi_rng/info.txt b/src/lib/entropy/cryptoapi_rng/info.txt
index 8aa166692..941411f67 100644
--- a/src/lib/entropy/cryptoapi_rng/info.txt
+++ b/src/lib/entropy/cryptoapi_rng/info.txt
@@ -17,6 +17,6 @@ mingw
</os>
<libs>
-windows -> advapi32.lib
+windows -> advapi32
mingw -> advapi32
</libs>
diff --git a/src/lib/entropy/win32_stats/info.txt b/src/lib/entropy/win32_stats/info.txt
index 48eb91faa..c17acce58 100644
--- a/src/lib/entropy/win32_stats/info.txt
+++ b/src/lib/entropy/win32_stats/info.txt
@@ -15,5 +15,5 @@ mingw
</os>
<libs>
-windows -> user32.lib
+windows -> user32
</libs>
diff --git a/src/lib/pubkey/pubkey.cpp b/src/lib/pubkey/pubkey.cpp
index c0485fec8..8b24ee983 100644
--- a/src/lib/pubkey/pubkey.cpp
+++ b/src/lib/pubkey/pubkey.cpp
@@ -54,7 +54,7 @@ PK_Decryptor::decrypt_or_random(const byte in[],
{
const secure_vector<byte> fake_pms = rng.random_vec(expected_pt_len);
- CT::poison(in, length);
+ //CT::poison(in, length);
byte valid_mask = 0;
secure_vector<byte> decoded = do_decrypt(valid_mask, in, length);
@@ -90,8 +90,8 @@ PK_Decryptor::decrypt_or_random(const byte in[],
/*from1*/fake_pms.data(),
expected_pt_len);
- CT::unpoison(in, length);
- CT::unpoison(decoded.data(), decoded.size());
+ //CT::unpoison(in, length);
+ //CT::unpoison(decoded.data(), decoded.size());
return decoded;
}
diff --git a/src/lib/utils/calendar.cpp b/src/lib/utils/calendar.cpp
index 73602d634..2ed90486a 100644
--- a/src/lib/utils/calendar.cpp
+++ b/src/lib/utils/calendar.cpp
@@ -12,6 +12,7 @@
#include <sstream>
#include <iomanip>
#include <mutex>
+#include <stdlib.h>
#if defined(BOTAN_HAS_BOOST_DATETIME)
#include <boost/date_time/posix_time/posix_time_types.hpp>
@@ -39,7 +40,7 @@ std::tm do_gmtime(std::time_t time_val)
return tm;
}
-#if !defined(BOTAN_TARGET_OS_HAS_TIMEGM) && !defined(BOTAN_TARGET_OS_HAS_MKGMTIME)
+#if !defined(BOTAN_TARGET_OS_HAS_TIMEGM) && !(defined(BOTAN_TARGET_OS_HAS_MKGMTIME) && defined(BOTAN_BUILD_COMPILER_IS_MSVC))
#if defined(BOTAN_HAS_BOOST_DATETIME)
@@ -67,7 +68,7 @@ std::time_t boost_timegm(std::tm *tm)
return out;
}
-#else
+#elif defined(BOTAN_OS_TYPE_IS_UNIX)
#pragma message "Caution! A fallback version of timegm() is used which is not thread-safe"
@@ -138,13 +139,15 @@ std::chrono::system_clock::time_point calendar_point::to_std_timepoint() const
// Define a function alias `botan_timegm`
#if defined(BOTAN_TARGET_OS_HAS_TIMEGM)
std::time_t (&botan_timegm)(std::tm *tm) = timegm;
- #elif defined(BOTAN_TARGET_OS_HAS_MKGMTIME)
+ #elif defined(BOTAN_TARGET_OS_HAS_MKGMTIME) && defined(BOTAN_BUILD_COMPILER_IS_MSVC)
// http://stackoverflow.com/questions/16647819/timegm-cross-platform
std::time_t (&botan_timegm)(std::tm *tm) = _mkgmtime;
#elif defined(BOTAN_HAS_BOOST_DATETIME)
std::time_t (&botan_timegm)(std::tm *tm) = boost_timegm;
- #else
+ #elif defined(BOTAN_OS_TYPE_IS_UNIX)
std::time_t (&botan_timegm)(std::tm *tm) = fallback_timegm;
+ #else
+ std::time_t (&botan_timegm)(std::tm *tm) = mktime; // localtime instead...
#endif
// Convert std::tm to std::time_t
diff --git a/src/lib/utils/os_utils.cpp b/src/lib/utils/os_utils.cpp
index c00c898a3..33bcf3cff 100644
--- a/src/lib/utils/os_utils.cpp
+++ b/src/lib/utils/os_utils.cpp
@@ -141,7 +141,7 @@ size_t get_memory_locking_limit()
return std::min<size_t>(limits.rlim_cur, mlock_requested * 1024);
}
-#elif defined BOTAN_TARGET_OS_HAS_VIRTUAL_LOCK
+#elif defined(BOTAN_TARGET_OS_HAS_VIRTUAL_LOCK) && defined(BOTAN_BUILD_COMPILER_IS_MSVC)
SIZE_T working_min = 0, working_max = 0;
DWORD working_flags = 0;
if(!::GetProcessWorkingSetSizeEx(::GetCurrentProcess(), &working_min, &working_max, &working_flags))
diff --git a/src/scripts/ci/travis/build.sh b/src/scripts/ci/travis/build.sh
index 8cdb6ccc9..9248f382f 100755
--- a/src/scripts/ci/travis/build.sh
+++ b/src/scripts/ci/travis/build.sh
@@ -2,97 +2,171 @@
set -ev
which shellcheck > /dev/null && shellcheck "$0" # Run shellcheck on this if available
-if [ "$BUILD_MODE" = "static" ]; then
- CFG_FLAGS=(--disable-shared --via-amalgamation)
-elif [ "$BUILD_MODE" = "shared" ] || [ "$BUILD_MODE" = "sonarqube" ]; then
- CFG_FLAGS=()
+MAKE_PREFIX=""
+TEST_PREFIX=""
+TEST_EXE=./botan-test
+CFG_FLAGS=(--prefix=/tmp/botan-installation --cc=$CC --os=$TRAVIS_OS_NAME)
+
+CFG_FLAGS+=(--with-pkcs11)
+
+CC_BIN=$CXX
+
+if [ "$BUILD_MODE" = "static" ] || [ "$BUILD_MODE" = "mini-static" ]; then
+ CFG_FLAGS+=(--disable-shared --via-amalgamation)
+elif [ "$BUILD_MODE" = "shared" ] || [ "$BUILD_MODE" = "mini-shared" ]; then
+ # No special flags required for shared lib build
+ CFG_FLAGS+=()
+elif [ "$BUILD_MODE" = "sonarqube" ]; then
+ # No special flags required
+ CFG_FLAGS+=()
+elif [ "$BUILD_MODE" = "parallel" ]; then
+
+ if [ "$CC" = "gcc" ]; then
+ CFG_FLAGS+=(--with-cilkplus)
+ else
+ CFG_FLAGS+=(--with-openmp)
+ fi
+
elif [ "$BUILD_MODE" = "coverage" ]; then
- CFG_FLAGS=(--with-coverage)
+ CFG_FLAGS+=(--with-coverage)
elif [ "$BUILD_MODE" = "sanitizer" ]; then
- CFG_FLAGS=(--with-sanitizers)
+ export ASAN_OPTIONS=detect_leaks=0
+ CFG_FLAGS+=(--with-sanitizers)
+elif [ "$BUILD_MODE" = "valgrind" ]; then
+ CFG_FLAGS+=(--with-valgrind --with-debug-info)
+ TEST_PREFIX="valgrind --track-origins=yes --error-exitcode=9 -v"
fi
-if [ "$MODULES" = "min" ]; then
- CFG_FLAGS+=(--minimized-build --enable-modules=base)
+if [ "$BUILD_MODE" = "mini-static" ] || [ "$BUILD_MODE" = "mini-shared" ]; then
+ CFG_FLAGS+=(--minimized-build --enable-modules="base,dev_random,system_rng,sha2_32,sha2_64,aes")
+elif [ "$BUILD_MODE" = "valgrind" ]; then
+ # Valgrind on Travis on full build takes too long and the job is killed
+ # Prune to the most important stuff
+ CFG_FLAGS+=(--module-policy=modern --enable-modules=tls)
+
+elif [ "${BUILD_MODE:0:5}" != "cross" ]; then
+ # Only use external libraries when compiling natively
+ CFG_FLAGS+=(--with-bzip2 --with-lzma --with-sqlite --with-zlib)
+
+ # Avoid OpenSSL when using dynamic checkers...
+ if [ "$BUILD_MODE" != "sanitizer" ] && [ "$BUILD_MODE" != "valgrind" ]; then
+ CFG_LFAGS+=(--with-openssl)
+ fi
fi
-if [ "$BOOST" = "y" ]; then
+if [ "$TRAVIS_OS_NAME" = "osx" ] && [ "${BUILD_MODE:0:5}" != "cross" ]; then
+ # The Boost-specific codepaths are tested via the OS X CI
CFG_FLAGS+=(--with-boost)
fi
-CFG_FLAGS+=(--with-pkcs11 --prefix=/tmp/botan-installation)
+if [ "${BUILD_MODE:0:6}" = "cross-" ]; then
+ CFG_FLAGS+=(--disable-shared)
-# enable ccache
-if [ "$BUILD_MODE" != "sonarqube" ]; then
- ccache --max-size=100M
- ccache --show-stats
- export CXX="ccache $CXX"
-fi
+ if [ "$TRAVIS_OS_NAME" = "osx" ]; then
+ MAKE_PREFIX="xcrun --sdk iphoneos"
+ if [ "$BUILD_MODE" = "cross-arm32" ]; then
+ CFG_FLAGS+=(--cpu=armv7 --cc-abi-flags="-arch armv7 -arch armv7s -stdlib=libc++")
+ elif [ "$BUILD_MODE" = "cross-arm64" ]; then
+ CFG_FLAGS+=(--cpu=armv8-a --cc-abi-flags="-arch arm64 -stdlib=libc++")
+ fi
+ elif [ "$TRAVIS_OS_NAME" = "linux" ]; then
+ CFG_FLAGS+=(--cc-abi-flags="-static-libstdc++")
-# configure
-if [ "$TARGETOS" = "ios32" ]; then
- ./configure.py "${CFG_FLAGS[@]}" --cpu=armv7 --cc=clang --cc-bin="$CXX" \
- --cc-abi-flags="-arch armv7 -arch armv7s -stdlib=libc++"
+ if [ "$BUILD_MODE" = "cross-arm32" ]; then
+ CC_BIN=arm-linux-gnueabihf-g++-4.8
+ TEST_PREFIX="qemu-arm -L /usr/arm-linux-gnueabihf/"
+ CFG_FLAGS+=(--cpu=armv7)
+ CFG_FLAGS+=(--module-policy=modern --enable-modules=tls)
+ elif [ "$BUILD_MODE" = "cross-arm64" ]; then
+ CC_BIN=aarch64-linux-gnu-g++-4.8
+ TEST_PREFIX="qemu-aarch64 -L /usr/aarch64-linux-gnu/"
+ CFG_FLAGS+=(--cpu=armv8-a)
+ CFG_FLAGS+=(--module-policy=modern --enable-modules=tls)
+ elif [ "$BUILD_MODE" = "cross-ppc32" ]; then
+ CC_BIN=powerpc-linux-gnu-g++-4.8
+ TEST_PREFIX="qemu-ppc -L /usr/powerpc-linux-gnu/"
+ CFG_FLAGS+=(--cpu=ppc32)
+ CFG_FLAGS+=(--module-policy=modern --enable-modules=tls)
+ elif [ "$BUILD_MODE" = "cross-ppc64" ]; then
+ CC_BIN=powerpc64le-linux-gnu-g++-4.8
+ TEST_PREFIX="qemu-ppc64 -L /usr/powerpc64le-linux-gnu/"
+ CFG_FLAGS+=(--cpu=ppc64)
+ CFG_FLAGS+=(--module-policy=modern --enable-modules=tls)
+ elif [ "$BUILD_MODE" = "cross-win32" ]; then
+ CC_BIN=i686-w64-mingw32-g++
+ # No test prefix needed, PE executes as usual with Wine installed
+ CFG_FLAGS+=(--cpu=x86_32 --os=windows --cc-abi-flags="-static")
+ TEST_EXE=./botan-test.exe
+ fi
+ fi
+fi
-elif [ "$TARGETOS" = "ios64" ]; then
- ./configure.py "${CFG_FLAGS[@]}" --cpu=armv8-a --cc=clang --cc-bin="$CXX" \
- --cc-abi-flags="-arch arm64 -stdlib=libc++"
+CFG_FLAGS+=(--cc-bin="ccache $CC_BIN")
-else
- ./configure.py "${CFG_FLAGS[@]}" --cc="$CC" --cc-bin="$CXX" \
- --with-bzip2 --with-lzma --with-openssl --with-sqlite --with-zlib
+if [ "$BUILD_MODE" = "sonarqube" ]; then
+ MAKE_PREFIX="./build-wrapper-linux-x86/build-wrapper-linux-x86-64 --out-dir bw-outputs"
fi
-# build
-if [ "${TARGETOS:0:3}" = "ios" ]; then
- xcrun --sdk iphoneos make -j 2
-elif [ "$BUILD_MODE" = "sonarqube" ]; then
- ./build-wrapper-linux-x86/build-wrapper-linux-x86-64 --out-dir bw-outputs make -j 2
-else
- make -j 2
-fi
+# configure
+./configure.py "${CFG_FLAGS[@]}"
-# Show post-build ccache stats
-if [ "$BUILD_MODE" != "sonarqube" ]; then
- ccache --show-stats
-fi
+# pre-build ccache stats
+ccache --show-stats
+
+# build!
+echo $MAKE_PREFIX make -j $BUILD_JOBS
+time $MAKE_PREFIX make -j $BUILD_JOBS
+
+# post-build ccache stats
+ccache --show-stats
# Run SonarQube analysis
-if [ "$TRAVIS_BRANCH" = "master" ] && [ "$TRAVIS_PULL_REQUEST" = "false" ] && [ "$BUILD_MODE" = "sonarqube" ]; then
- # => This will run a full analysis of the project and push results to the SonarQube server.
- #
- # Analysis is done only on master so that build of branches don't push analyses to the same project and therefore "pollute" the results
- echo "Starting analysis by SonarQube..."
- sonar-scanner -Dsonar.login=$SONAR_TOKEN
-fi
-# PR analysis deactivated at least until custom quality profiles can be created
-#elif [ "$TRAVIS_PULL_REQUEST" != "false" ] && [ -n "${GITHUB_TOKEN-}" ] && [ "$BUILD_MODE" = "sonarqube" ]; then
- # => This will analyse the PR and display found issues as comments in the PR, but it won't push results to the SonarQube server
- #
- # For security reasons environment variables are not available on the pull requests
- # coming from outside repositories
- # http://docs.travis-ci.com/user/pull-requests/#Security-Restrictions-when-testing-Pull-Requests
- # That's why the analysis does not need to be executed if the variable GITHUB_TOKEN is not defined.
-# echo "Starting Pull Request analysis by SonarQube..."
-# sonar-scanner -Dsonar.login=$SONAR_TOKEN \
-# -Dsonar.analysis.mode=preview \
-# -Dsonar.github.oauth=$GITHUB_TOKEN \
-# -Dsonar.github.repository=$TRAVIS_REPO_SLUG \
-# -Dsonar.github.pullRequest=$TRAVIS_PULL_REQUEST
-#fi
-# When neither on master branch nor on a non-external pull request => nothing to do
-
-if [ "$MODULES" != "min" ] && [ "${TARGETOS:0:3}" != "ios" ] && [ "$BUILD_MODE" != "sonarqube" ]; then
- ./botan-test
+if [ "$BUILD_MODE" = "sonarqube" ]; then
+
+ if [ "$TRAVIS_BRANCH" = "master" ] && [ "$TRAVIS_PULL_REQUEST" = "false" ]; then
+ # => This will run a full analysis of the project and push results to the SonarQube server.
+ #
+ # Analysis is done only on master so that build of branches don't push analyses to the same project and therefore "pollute" the results
+ echo "Starting analysis by SonarQube..."
+ sonar-scanner "-Dsonar.login=$SONAR_TOKEN"
+
+ # PR analysis deactivated at least until custom quality profiles can be created
+ elif false && [ "$TRAVIS_PULL_REQUEST" != "false" ] && [ -n "${GITHUB_TOKEN-}" ]; then
+ # => This will analyse the PR and display found issues as comments in the PR, but it won't push results to the SonarQube server
+ #
+ # For security reasons environment variables are not available on the pull requests
+ # coming from outside repositories
+ # http://docs.travis-ci.com/user/pull-requests/#Security-Restrictions-when-testing-Pull-Requests
+ # That's why the analysis does not need to be executed if the variable GITHUB_TOKEN is not defined.
+ echo "Starting Pull Request analysis by SonarQube..."
+ sonar-scanner -Dsonar.login=$SONAR_TOKEN \
+ -Dsonar.analysis.mode=preview \
+ -Dsonar.github.oauth=$GITHUB_TOKEN \
+ -Dsonar.github.repository=$TRAVIS_REPO_SLUG \
+ -Dsonar.github.pullRequest=$TRAVIS_PULL_REQUEST
+ fi
+ # When neither on master branch nor on a non-external pull request => nothing to do
+ fi
+
+if [ "$BUILD_MODE" == "sonarqube" ] || \
+ ( [ "${BUILD_MODE:0:5}" == "cross" ] && [ "$TRAVIS_OS_NAME" == "osx" ] ); then
+ echo "Running tests disabled on this build type"
+else
+ echo Running $TEST_PREFIX $TEST_EXE
+ time $TEST_PREFIX $TEST_EXE
fi
-if [ "$MODULES" != "min" ] && [ "$BUILD_MODE" = "shared" ] && [ "$TARGETOS" = "native" ]
+# Run Python tests (need shared libs)
+if [ "$BUILD_MODE" = "shared" ]
then
- python2 --version
- python3 --version
- LD_LIBRARY_PATH=. python2 src/python/botan.py
- LD_LIBRARY_PATH=. python3 src/python/botan.py
+ # TODO: find all things in PATH that begin with python- and execute them :)
+ for py in python2 python3
+ do
+ $py --version
+ LD_LIBRARY_PATH=. $py src/python/botan.py
+ done
fi
+# Test make install
make install
diff --git a/src/scripts/ci/travis/install.sh b/src/scripts/ci/travis/install.sh
index a9d38ed80..987438127 100755
--- a/src/scripts/ci/travis/install.sh
+++ b/src/scripts/ci/travis/install.sh
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
set -ev
which shellcheck > /dev/null && shellcheck "$0" # Run shellcheck on this if available
@@ -18,13 +18,38 @@ if [ "$BUILD_MODE" = "sonarqube" ]; then
unzip build-wrapper-linux-x86.zip
fi
+if [ "$TRAVIS_OS_NAME" = "linux" ]; then
+ if [ "$BUILD_MODE" = "valgrind" ] || [ "${BUILD_MODE:0:5}" = "cross" ]; then
+ sudo apt-get -qq update
+
+ if [ "$BUILD_MODE" = "valgrind" ]; then
+ sudo apt-get install valgrind
+ elif [ "$BUILD_MODE" = "cross-arm32" ]; then
+ sudo apt-get install g++-4.8-arm-linux-gnueabihf libc6-dev-armhf-cross qemu-user
+ elif [ "$BUILD_MODE" = "cross-arm64" ]; then
+ sudo apt-get install g++-4.8-aarch64-linux-gnu libc6-dev-arm64-cross qemu-user
+ elif [ "$BUILD_MODE" = "cross-ppc32" ]; then
+ sudo apt-get install g++-4.8-powerpc-linux-gnu libc6-dev-powerpc-cross qemu-user
+ elif [ "$BUILD_MODE" = "cross-ppc64" ]; then
+ sudo apt-get install g++-4.8-powerpc64le-linux-gnu libc6-dev-ppc64el-cross qemu-user
+ elif [ "$BUILD_MODE" = "cross-win32" ]; then
+ sudo apt-get install g++-mingw-w64-i686 mingw-w64-i686-dev
+
+ # See https://github.com/travis-ci/travis-ci/issues/6460
+ sudo dpkg --add-architecture i386
+ sudo apt-get -qq update # have to update again due to adding i386 above
+ sudo apt-get install wine
+ fi
+ fi
+fi
+
if [ "$TRAVIS_OS_NAME" = "osx" ]; then
# Workaround for https://github.com/Homebrew/homebrew/issues/42553
brew update || brew update
brew install ccache
- if [ "$TARGETOS" = "native" ]; then
+ if [ "$BUILD_MODE" != "cross-arm32" ] && [ "$BUILD_MODE" != "cross-arm64" ]; then
brew install xz
brew install python # python2
brew install python3
diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp
index 7f1182fe0..d48111683 100644
--- a/src/tests/test_ffi.cpp
+++ b/src/tests/test_ffi.cpp
@@ -406,13 +406,38 @@ class FFI_Unit_Tests : public Test
TEST_FFI_OK(botan_pubkey_export, (pub, pubkey.data(), &pubkey_len, BOTAN_PRIVKEY_EXPORT_FLAG_PEM));
// export private key
+ std::vector<uint8_t> privkey;
size_t privkey_len = 0;
+
+ /*
+ * botan_privkey_export is bogus for several reasons. first it hardcodes a 300 msec
+ * pbkdf, instead of taking that as an argument. secondly, calling it twice not only
+ * returns different results (due to the encryption) but they may have different sizes,
+ * if the number of PBKDF iterations that is used in the two runs differs greatly, and
+ * ends up encoding as fewer bytes in the variable length ASN.1 encoding used in PKCS #8
+ * private key encryption.
+ *
+ * here request the size but then add 10 bytes. this is an attempt to avoid occasional
+ * cases on CI where the above case occurs, and the build fails because on the second
+ * call, more space was required than the first call had returned.
+ */
+ const size_t privkey_size_slop = 10;
+
+ // call with nullptr to query the length
TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_privkey_export, (priv, nullptr, &privkey_len, BOTAN_PRIVKEY_EXPORT_FLAG_DER));
- std::vector<uint8_t> privkey(privkey_len);
+ privkey.resize(privkey_len + privkey_size_slop);
+ privkey_len = privkey.size(); // set buffer size
+
TEST_FFI_OK(botan_privkey_export, (priv, privkey.data(), &privkey_len, BOTAN_PRIVKEY_EXPORT_FLAG_DER));
+ privkey.resize(privkey_len);
+
+ result.test_lt("Reasonable size", 64, privkey.size());
+
+ // Now again for PEM
privkey_len = 0;
+
TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_privkey_export, (priv, nullptr, &privkey_len, BOTAN_PRIVKEY_EXPORT_FLAG_PEM));
privkey.resize(privkey_len);
@@ -422,9 +447,10 @@ class FFI_Unit_Tests : public Test
privkey_len = 0;
TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_privkey_export_encrypted, (priv, nullptr, &privkey_len, rng, "password", "", BOTAN_PRIVKEY_EXPORT_FLAG_DER));
- privkey.resize(privkey_len);
- TEST_FFI_OK(botan_privkey_export_encrypted, (priv, privkey.data(), &privkey_len, rng, "password", "", BOTAN_PRIVKEY_EXPORT_FLAG_DER));
+ privkey.resize(privkey_len + privkey_size_slop);
+ privkey_len = privkey.size();
+ TEST_FFI_OK(botan_privkey_export_encrypted, (priv, privkey.data(), &privkey_len, rng, "password", "", BOTAN_PRIVKEY_EXPORT_FLAG_DER));
privkey_len = 0;
TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_privkey_export_encrypted, (priv, nullptr, &privkey_len, rng, "password", "", BOTAN_PRIVKEY_EXPORT_FLAG_PEM));
@@ -642,6 +668,7 @@ class FFI_Unit_Tests : public Test
Test::Result result("FFI");
botan_privkey_t priv;
+#if defined(BOTAN_HAS_MCELIECE)
if (TEST_FFI_OK(botan_privkey_create_mceliece, (&priv, rng, 2048, 50)))
{
botan_pubkey_t pub;
@@ -683,6 +710,10 @@ class FFI_Unit_Tests : public Test
TEST_FFI_OK(botan_pubkey_destroy, (pub));
TEST_FFI_OK(botan_privkey_destroy, (priv));
}
+#else
+ // Not included, test that calling the FFI function work (and returns an error)
+ TEST_FFI_RC(BOTAN_FFI_ERROR_NOT_IMPLEMENTED, botan_privkey_create_mceliece, (&priv, rng, 2048, 50));
+#endif
return result;
}