mirror of https://github.com/briansmith/webpki
Compare commits
14 Commits
5e4471ae60
...
97659c4271
Author | SHA1 | Date |
---|---|---|
Stefan Arentz | 97659c4271 | |
Brian Smith | 94e6e88ed9 | |
Brian Smith | 9613e5d115 | |
Brian Smith | 8f81719df5 | |
Brian Smith | fe5bbc1ee0 | |
Brian Smith | 8df253ec56 | |
Brian Smith | 1f74481e02 | |
Brian Smith | 425ee4a7a0 | |
Brian Smith | cace8bb895 | |
Brian Smith | de56edcf40 | |
Stefan Arentz | e4d2683da8 | |
Stefan Arentz | 3c1abded71 | |
Stefan Arentz | db24fe8153 | |
Stefan Arentz | 706f20f2d7 |
|
@ -9,27 +9,21 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
|
||||
steps:
|
||||
- uses: briansmith/actions-rs-toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
profile: minimal
|
||||
components: rustfmt
|
||||
- uses: briansmith/actions-checkout@v2
|
||||
- run: rustup --version
|
||||
|
||||
- uses: briansmith/actions-checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- run: cargo fmt --all -- --check
|
||||
|
||||
clippy:
|
||||
runs-on: ubuntu-22.04
|
||||
|
||||
steps:
|
||||
- uses: briansmith/actions-rs-toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
profile: minimal
|
||||
components: clippy
|
||||
- run: rustup --version
|
||||
|
||||
- uses: briansmith/actions-checkout@v2
|
||||
- uses: briansmith/actions-checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
|
@ -39,22 +33,19 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
|
||||
steps:
|
||||
- uses: briansmith/actions-rs-toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
profile: minimal
|
||||
- run: rustup --version
|
||||
|
||||
- uses: briansmith/actions-cache@v2
|
||||
- uses: briansmith/actions-cache@v3
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/bin/cargo-audit
|
||||
~/.cargo/.crates.toml
|
||||
~/.cargo/.crates2.json
|
||||
key: ${{ runner.os }}-v2-cargo-audit-0.13.1
|
||||
key: ${{ runner.os }}-v2-cargo-audit-locked-0.18.3
|
||||
|
||||
- run: cargo install cargo-audit --vers "0.13.1"
|
||||
- run: cargo install cargo-audit --locked --vers "0.18.3"
|
||||
|
||||
- uses: briansmith/actions-checkout@v2
|
||||
- uses: briansmith/actions-checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
|
@ -66,22 +57,19 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
|
||||
steps:
|
||||
- uses: briansmith/actions-rs-toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
profile: minimal
|
||||
- run: rustup --version
|
||||
|
||||
- uses: briansmith/actions-cache@v2
|
||||
- uses: briansmith/actions-cache@v3
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/bin/cargo-deny
|
||||
~/.cargo/.crates.toml
|
||||
~/.cargo/.crates2.json
|
||||
key: ${{ runner.os }}-v2-cargo-deny-locked-0.8.5
|
||||
key: ${{ runner.os }}-v2-cargo-deny-locked-0.14.3
|
||||
|
||||
- run: cargo install cargo-deny --locked --vers "0.8.5"
|
||||
- run: cargo install cargo-deny --locked --vers "0.14.3"
|
||||
|
||||
- uses: briansmith/actions-checkout@v2
|
||||
- uses: briansmith/actions-checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
|
@ -91,24 +79,10 @@ jobs:
|
|||
rustdoc:
|
||||
runs-on: ubuntu-22.04
|
||||
|
||||
strategy:
|
||||
matrix:
|
||||
rust_channel:
|
||||
- stable
|
||||
- beta
|
||||
- nightly
|
||||
|
||||
include:
|
||||
- target: x86_64-unknown-linux-gnu
|
||||
|
||||
steps:
|
||||
- uses: briansmith/actions-rs-toolchain@v1
|
||||
with:
|
||||
override: true
|
||||
target: ${{ matrix.target }}
|
||||
toolchain: ${{ matrix.rust_channel }}
|
||||
- run: rustup --version
|
||||
|
||||
- uses: briansmith/actions-checkout@v2
|
||||
- uses: briansmith/actions-checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
|
@ -119,12 +93,9 @@ jobs:
|
|||
runs-on: ubuntu-22.04
|
||||
|
||||
steps:
|
||||
- uses: briansmith/actions-rs-toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
profile: minimal
|
||||
- run: rustup --version
|
||||
|
||||
- uses: briansmith/actions-checkout@v2
|
||||
- uses: briansmith/actions-checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
|
@ -147,9 +118,12 @@ jobs:
|
|||
# portable.
|
||||
# Specifically choose `aarch64-pc-windows-msvc` since it was new in
|
||||
# *ring* 0.17.
|
||||
- aarch64-apple-darwin
|
||||
- aarch64-pc-windows-msvc
|
||||
- arm-unknown-linux-gnueabihf
|
||||
- i686-pc-windows-msvc
|
||||
- riscv64gc-unknown-linux-gnu
|
||||
- wasm32-wasi
|
||||
- x86_64-unknown-linux-musl
|
||||
- x86_64-unknown-linux-gnu
|
||||
|
||||
|
@ -165,12 +139,10 @@ jobs:
|
|||
|
||||
- beta
|
||||
|
||||
exclude:
|
||||
# 1.46.0 doesn't support `-Clink-self-contained`.
|
||||
- target: x86_64-unknown-linux-musl
|
||||
rust_channel: 1.46.0
|
||||
|
||||
include:
|
||||
- target: aarch64-apple-darwin
|
||||
host_os: macos-14
|
||||
|
||||
- target: aarch64-pc-windows-msvc
|
||||
host_os: windows-latest
|
||||
# GitHub Actions doesn't have a way to run this target yet.
|
||||
|
@ -182,32 +154,44 @@ jobs:
|
|||
- target: i686-pc-windows-msvc
|
||||
host_os: windows-latest
|
||||
|
||||
- target: riscv64gc-unknown-linux-gnu
|
||||
host_os: ubuntu-22.04
|
||||
|
||||
- target: wasm32-wasi
|
||||
host_os: ubuntu-22.04
|
||||
|
||||
- target: x86_64-unknown-linux-musl
|
||||
host_os: ubuntu-22.04
|
||||
|
||||
- target: x86_64-unknown-linux-gnu
|
||||
host_os: ubuntu-22.04
|
||||
|
||||
# rcgen requires *ring* 0.16 which doesn't support this target.
|
||||
- target: aarch64-pc-windows-msvc
|
||||
skip_rcgen: true
|
||||
- target: riscv64gc-unknown-linux-gnu
|
||||
skip_rcgen: true
|
||||
- target: wasm32-wasi
|
||||
skip_rcgen: true
|
||||
|
||||
- rust_channel: 1.61.0
|
||||
# rcgen requires Rust 1.67.
|
||||
skip_rcgen: true
|
||||
|
||||
steps:
|
||||
- if: ${{ contains(matrix.host_os, 'ubuntu') }}
|
||||
run: sudo apt-get update -y
|
||||
|
||||
- uses: briansmith/actions-checkout@v2
|
||||
- uses: briansmith/actions-checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- run: rustup toolchain add --profile=minimal ${{ matrix.rust_channel }}
|
||||
- run: rustup target add --toolchain=${{ matrix.rust_channel }} ${{ matrix.target }}
|
||||
|
||||
- if: ${{ !contains(matrix.host_os, 'windows') }}
|
||||
run: mk/install-build-tools.sh --target=${{ matrix.target }} ${{ matrix.features }}
|
||||
|
||||
- uses: briansmith/actions-rs-toolchain@v1
|
||||
with:
|
||||
override: true
|
||||
target: ${{ matrix.target }}
|
||||
toolchain: ${{ matrix.rust_channel }}
|
||||
|
||||
- if: ${{ matrix.target == 'aarch64-apple-darwin' }}
|
||||
run: echo "DEVELOPER_DIR=/Applications/Xcode_12.2.app/Contents/Developer" >> $GITHUB_ENV
|
||||
|
||||
- if: ${{ matrix.target == 'aarch64-pc-windows-msvc' }}
|
||||
run: |
|
||||
echo "C:\Program Files (x86)\Microsoft Visual Studio\2022\Enterprise\VC\Tools\Llvm\x64\bin" >> $GITHUB_PATH
|
||||
|
@ -215,21 +199,20 @@ jobs:
|
|||
|
||||
- if: ${{ !contains(matrix.host_os, 'windows') }}
|
||||
run: |
|
||||
mk/cargo.sh test -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
||||
mk/cargo.sh +${{ matrix.rust_channel }} test -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
||||
|
||||
- if: ${{ contains(matrix.host_os, 'windows') }}
|
||||
run: |
|
||||
cargo test -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
||||
cargo +${{ matrix.rust_channel }} test -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
||||
|
||||
# rcgen-based tests require Rust 1.67.
|
||||
- if: ${{ !contains(matrix.host_os, 'windows') && !contains(matrix.rust_channel, '1.61.0') }}
|
||||
- if: ${{ !contains(matrix.host_os, 'windows') && !contains(matrix.skip_rcgen, 'true') }}
|
||||
run: |
|
||||
mk/cargo.sh test -p rcgen-tests -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
||||
mk/cargo.sh +${{ matrix.rust_channel }} test -p rcgen-tests -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
||||
|
||||
# rcgen-based tests require Rust 1.67, and uses *ring* 0.16 which doesn't build for aarch64-pc-windows-msvc.
|
||||
- if: ${{ contains(matrix.host_os, 'windows') && !contains(matrix.rust_channel, '1.61.0') && !contains(matrix.target, 'aarch64-pc-windows-msvc') }}
|
||||
- if: ${{ contains(matrix.host_os, 'windows') && !contains(matrix.skip_rcgen, 'true') }}
|
||||
run: |
|
||||
cargo test -vv -p rcgen-tests --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
||||
cargo +${{ matrix.rust_channel }} test -vv -p rcgen-tests --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
||||
|
||||
coverage:
|
||||
runs-on: ${{ matrix.host_os }}
|
||||
|
@ -259,27 +242,21 @@ jobs:
|
|||
- if: ${{ contains(matrix.host_os, 'ubuntu') }}
|
||||
run: sudo apt-get update -y
|
||||
|
||||
- uses: briansmith/actions-checkout@v2
|
||||
- uses: briansmith/actions-checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- run: rustup toolchain add --profile=minimal ${{ matrix.rust_channel }}
|
||||
- run: rustup target add --toolchain=${{ matrix.rust_channel }} ${{ matrix.target }}
|
||||
|
||||
- if: ${{ !contains(matrix.host_os, 'windows') }}
|
||||
run: RING_COVERAGE=1 mk/install-build-tools.sh --target=${{ matrix.target }} ${{ matrix.features }}
|
||||
|
||||
- uses: briansmith/actions-rs-toolchain@v1
|
||||
with:
|
||||
override: true
|
||||
target: ${{ matrix.target }}
|
||||
toolchain: ${{ matrix.rust_channel }}
|
||||
|
||||
- if: ${{ matrix.target == 'aarch64-apple-darwin' }}
|
||||
run: echo "DEVELOPER_DIR=/Applications/Xcode_12.2.app/Contents/Developer" >> $GITHUB_ENV
|
||||
|
||||
- if: ${{ !contains(matrix.host_os, 'windows') }}
|
||||
run: |
|
||||
RING_COVERAGE=1 mk/cargo.sh +${{ matrix.rust_channel }} test --workspace -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
||||
|
||||
- uses: briansmith/codecov-codecov-action@v1
|
||||
- uses: briansmith/codecov-codecov-action@v3
|
||||
with:
|
||||
directory: ./target/${{ matrix.target }}/debug/coverage/reports
|
||||
fail_ci_if_error: true
|
||||
|
|
96
mk/cargo.sh
96
mk/cargo.sh
|
@ -19,8 +19,17 @@ IFS=$'\n\t'
|
|||
|
||||
rustflags_self_contained="-Clink-self-contained=yes -Clinker=rust-lld"
|
||||
qemu_aarch64="qemu-aarch64 -L /usr/aarch64-linux-gnu"
|
||||
qemu_arm="qemu-arm -L /usr/arm-linux-gnueabihf"
|
||||
qemu_arm_gnueabi="qemu-arm -L /usr/arm-linux-gnueabi"
|
||||
qemu_arm_gnueabihf="qemu-arm -L /usr/arm-linux-gnueabihf"
|
||||
qemu_mips="qemu-mips -L /usr/mips-linux-gnu"
|
||||
qemu_mips64="qemu-mips64 -L /usr/mips64-linux-gnuabi64"
|
||||
qemu_mips64el="qemu-mips64el -L /usr/mips64el-linux-gnuabi64"
|
||||
qemu_mipsel="qemu-mipsel -L /usr/mipsel-linux-gnu"
|
||||
qemu_powerpc="qemu-ppc -L /usr/powerpc-linux-gnu"
|
||||
qemu_powerpc64="qemu-ppc64 -L /usr/powerpc64-linux-gnu"
|
||||
qemu_powerpc64le="qemu-ppc64le -L /usr/powerpc64le-linux-gnu"
|
||||
qemu_riscv64="qemu-riscv64 -L /usr/riscv64-linux-gnu"
|
||||
qemu_s390x="qemu-s390x -L /usr/s390x-linux-gnu"
|
||||
|
||||
# Avoid putting the Android tools in `$PATH` because there are tools in this
|
||||
# directory like `clang` that would conflict with the same-named tools that may
|
||||
|
@ -45,7 +54,7 @@ for arg in $*; do
|
|||
done
|
||||
|
||||
# See comments in install-build-tools.sh.
|
||||
llvm_version=15
|
||||
llvm_version=18
|
||||
|
||||
case $target in
|
||||
aarch64-linux-android)
|
||||
|
@ -66,22 +75,35 @@ case $target in
|
|||
export CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_RUSTFLAGS="$rustflags_self_contained"
|
||||
export CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_RUNNER="$qemu_aarch64"
|
||||
;;
|
||||
arm-unknown-linux-gnueabi)
|
||||
export CC_arm_unknown_linux_gnueabi=arm-linux-gnueabi-gcc
|
||||
export AR_arm_unknown_linux_gnueabi=arm-linux-gnueabi-gcc-ar
|
||||
export CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABI_LINKER=arm-linux-gnueabi-gcc
|
||||
export CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABI_RUNNER="$qemu_arm_gnueabi"
|
||||
;;
|
||||
arm-unknown-linux-gnueabihf)
|
||||
# XXX: clang cannot build the sha256 and x25519 assembly.
|
||||
export CC_arm_unknown_linux_gnueabihf=arm-linux-gnueabihf-gcc
|
||||
export AR_arm_unknown_linux_gnueabihf=arm-linux-gnueabihf-gcc-ar
|
||||
export CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_LINKER=arm-linux-gnueabihf-gcc
|
||||
export CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_RUNNER="$qemu_arm"
|
||||
export CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_RUNNER="$qemu_arm_gnueabihf"
|
||||
;;
|
||||
armv7-linux-androideabi)
|
||||
export CC_armv7_linux_androideabi=$android_tools/armv7a-linux-androideabi19-clang
|
||||
export AR_armv7_linux_androideabi=$android_tools/llvm-ar
|
||||
export CARGO_TARGET_ARMV7_LINUX_ANDROIDEABI_LINKER=$android_tools/armv7a-linux-androideabi19-clang
|
||||
;;
|
||||
armv7-unknown-linux-gnueabihf)
|
||||
export CC_armv7_unknown_linux_gnueabihf=arm-linux-gnueabihf-gcc
|
||||
export AR_armv7_unknown_linux_gnueabihf=arm-linux-gnueabihf-gcc-ar
|
||||
export CARGO_TARGET_ARMV7_UNKNOWN_LINUX_GNUEABIHF_LINKER=arm-linux-gnueabihf-gcc
|
||||
export CARGO_TARGET_ARMV7_UNKNOWN_LINUX_GNUEABIHF_RUNNER="$qemu_arm_gnueabihf"
|
||||
;;
|
||||
armv7-unknown-linux-musleabihf)
|
||||
export CC_armv7_unknown_linux_musleabihf=clang-$llvm_version
|
||||
export AR_armv7_unknown_linux_musleabihf=llvm-ar-$llvm_version
|
||||
export CARGO_TARGET_ARMV7_UNKNOWN_LINUX_MUSLEABIHF_RUSTFLAGS="$rustflags_self_contained"
|
||||
export CARGO_TARGET_ARMV7_UNKNOWN_LINUX_MUSLEABIHF_RUNNER="$qemu_arm"
|
||||
export CARGO_TARGET_ARMV7_UNKNOWN_LINUX_MUSLEABIHF_RUNNER="$qemu_arm_gnueabihf"
|
||||
;;
|
||||
i686-unknown-linux-gnu)
|
||||
export CC_i686_unknown_linux_gnu=clang-$llvm_version
|
||||
|
@ -93,12 +115,67 @@ case $target in
|
|||
export AR_i686_unknown_linux_musl=llvm-ar-$llvm_version
|
||||
export CARGO_TARGET_I686_UNKNOWN_LINUX_MUSL_RUSTFLAGS="$rustflags_self_contained"
|
||||
;;
|
||||
mips-unknown-linux-gnu)
|
||||
export CC_mips_unknown_linux_gnu=mips-linux-gnu-gcc
|
||||
export AR_mips_unknown_linux_gnu=mips-linux-gnu-gcc-ar
|
||||
export CARGO_TARGET_MIPS_UNKNOWN_LINUX_GNU_LINKER=mips-linux-gnu-gcc
|
||||
export CARGO_TARGET_MIPS_UNKNOWN_LINUX_GNU_RUNNER="$qemu_mips"
|
||||
;;
|
||||
mips64-unknown-linux-gnuabi64)
|
||||
export CC_mips64_unknown_linux_gnuabi64=mips64-linux-gnuabi64-gcc
|
||||
export AR_mips64_unknown_linux_gnuabi64=mips64-linux-gnuabi64-gcc-ar
|
||||
export CARGO_TARGET_MIPS64_UNKNOWN_LINUX_GNUABI64_LINKER=mips64-linux-gnuabi64-gcc
|
||||
export CARGO_TARGET_MIPS64_UNKNOWN_LINUX_GNUABI64_RUNNER="$qemu_mips64"
|
||||
;;
|
||||
mips64el-unknown-linux-gnuabi64)
|
||||
export CC_mips64el_unknown_linux_gnuabi64=mips64el-linux-gnuabi64-gcc
|
||||
export AR_mips64el_unknown_linux_gnuabi64=mips64el-linux-gnuabi64-gcc-ar
|
||||
export CARGO_TARGET_MIPS64EL_UNKNOWN_LINUX_GNUABI64_LINKER=mips64el-linux-gnuabi64-gcc
|
||||
export CARGO_TARGET_MIPS64EL_UNKNOWN_LINUX_GNUABI64_RUNNER="$qemu_mips64el"
|
||||
;;
|
||||
mipsel-unknown-linux-gnu)
|
||||
export CC_mipsel_unknown_linux_gnu=mipsel-linux-gnu-gcc
|
||||
export AR_mipsel_unknown_linux_gnu=mipsel-linux-gnu-gcc-ar
|
||||
export CARGO_TARGET_MIPSEL_UNKNOWN_LINUX_GNU_LINKER=mipsel-linux-gnu-gcc
|
||||
export CARGO_TARGET_MIPSEL_UNKNOWN_LINUX_GNU_RUNNER="$qemu_mipsel"
|
||||
;;
|
||||
powerpc-unknown-linux-gnu)
|
||||
export CC_powerpc_unknown_linux_gnu=clang-$llvm_version
|
||||
export AR_powerpc_unknown_linux_gnu=llvm-ar-$llvm_version
|
||||
export CFLAGS_powerpc_unknown_linux_gnu="--sysroot=/usr/powerpc-linux-gnu"
|
||||
export CARGO_TARGET_POWERPC_UNKNOWN_LINUX_GNU_LINKER=powerpc-linux-gnu-gcc
|
||||
export CARGO_TARGET_POWERPC_UNKNOWN_LINUX_GNU_RUNNER="$qemu_powerpc"
|
||||
;;
|
||||
powerpc64-unknown-linux-gnu)
|
||||
export CC_powerpc64_unknown_linux_gnu=clang-$llvm_version
|
||||
export AR_powerpc64_unknown_linux_gnu=llvm-ar-$llvm_version
|
||||
export CFLAGS_powerpc64_unknown_linux_gnu="--sysroot=/usr/powerpc64-linux-gnu"
|
||||
export CARGO_TARGET_POWERPC64_UNKNOWN_LINUX_GNU_LINKER=powerpc64-linux-gnu-gcc
|
||||
export CARGO_TARGET_POWERPC64_UNKNOWN_LINUX_GNU_RUNNER="$qemu_powerpc64"
|
||||
;;
|
||||
powerpc64le-unknown-linux-gnu)
|
||||
export CC_powerpc64le_unknown_linux_gnu=clang-$llvm_version
|
||||
export AR_powerpc64le_unknown_linux_gnu=llvm-ar-$llvm_version
|
||||
export CFLAGS_powerpc64le_unknown_linux_gnu="--sysroot=/usr/powerpc64le-linux-gnu"
|
||||
export CARGO_TARGET_POWERPC64LE_UNKNOWN_LINUX_GNU_LINKER=powerpc64le-linux-gnu-gcc
|
||||
export CARGO_TARGET_POWERPC64LE_UNKNOWN_LINUX_GNU_RUNNER="$qemu_powerpc64le"
|
||||
;;
|
||||
riscv64gc-unknown-linux-gnu)
|
||||
export CC_riscv64gc_unknown_linux_gnu=clang-$llvm_version
|
||||
export AR_riscv64gc_unknown_linux_gnu=llvm-ar-$llvm_version
|
||||
export CARGO_TARGET_RISCV64GC_UNKNOWN_LINUX_GNU_LINKER=riscv64-linux-gnu-gcc
|
||||
export CARGO_TARGET_RISCV64GC_UNKNOWN_LINUX_GNU_RUNNER="$qemu_riscv64"
|
||||
;;
|
||||
s390x-unknown-linux-gnu)
|
||||
export CC_s390x_unknown_linux_gnu=clang-$llvm_version
|
||||
export AR_s390x_unknown_linux_gnu=llvm-ar-$llvm_version
|
||||
# XXX: Using -march=zEC12 to work around a z13 instruction bug in
|
||||
# QEMU 8.0.2 and earlier that causes `test_constant_time` to fail
|
||||
# (https://lists.gnu.org/archive/html/qemu-devel/2023-05/msg06965.html).
|
||||
export CFLAGS_s390x_unknown_linux_gnu="--sysroot=/usr/s390x-linux-gnu -march=zEC12"
|
||||
export CARGO_TARGET_S390X_UNKNOWN_LINUX_GNU_LINKER=s390x-linux-gnu-gcc
|
||||
export CARGO_TARGET_S390X_UNKNOWN_LINUX_GNU_RUNNER="$qemu_s390x"
|
||||
;;
|
||||
x86_64-unknown-linux-musl)
|
||||
export CC_x86_64_unknown_linux_musl=clang-$llvm_version
|
||||
export AR_x86_64_unknown_linux_musl=llvm-ar-$llvm_version
|
||||
|
@ -109,6 +186,11 @@ case $target in
|
|||
export CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_RUSTFLAGS="$rustflags_self_contained"
|
||||
fi
|
||||
;;
|
||||
loongarch64-unknown-linux-gnu)
|
||||
export CC_loongarch64_unknown_linux_gnu=clang-$llvm_version
|
||||
export AR_loongarch64_unknown_linux_gnu=llvm-ar-$llvm_version
|
||||
export CARGO_TARGET_LOONGARCH64_UNKNOWN_LINUX_GNU_LINKER=clang-$llvm_version
|
||||
;;
|
||||
wasm32-unknown-unknown)
|
||||
# The first two are only needed for when the "wasm_c" feature is enabled.
|
||||
export CC_wasm32_unknown_unknown=clang-$llvm_version
|
||||
|
@ -116,6 +198,12 @@ case $target in
|
|||
export CARGO_TARGET_WASM32_UNKNOWN_UNKNOWN_RUNNER=wasm-bindgen-test-runner
|
||||
export WASM_BINDGEN_TEST_TIMEOUT=60
|
||||
;;
|
||||
wasm32-wasi)
|
||||
# The first two are only needed for when the "wasm_c" feature is enabled.
|
||||
export CC_wasm32_wasi=clang-$llvm_version
|
||||
export AR_wasm32_wasi=llvm-ar-$llvm_version
|
||||
export CARGO_TARGET_WASM32_WASI_RUNNER=target/tools/linux-x86_64/wasmtime/wasmtime
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
# TODO: Lock this down to a specific commit instead of always using the latest.
|
||||
git clone `
|
||||
--branch windows `
|
||||
--depth 1 `
|
||||
https://github.com/briansmith/ring-toolchain `
|
||||
target/tools/windows
|
|
@ -70,7 +70,13 @@ case $target in
|
|||
install_packages \
|
||||
qemu-user
|
||||
;;
|
||||
--target=arm-unknown-linux-gnueabihf)
|
||||
--target=arm-unknown-linux-gnueabi)
|
||||
install_packages \
|
||||
qemu-user \
|
||||
gcc-arm-linux-gnueabi \
|
||||
libc6-dev-armel-cross
|
||||
;;
|
||||
--target=arm-unknown-linux-gnueabihf|--target=armv7-unknown-linux-gnueabihf)
|
||||
install_packages \
|
||||
qemu-user \
|
||||
gcc-arm-linux-gnueabihf \
|
||||
|
@ -85,16 +91,81 @@ case $target in
|
|||
--target=i686-unknown-linux-musl|--target=x86_64-unknown-linux-musl)
|
||||
use_clang=1
|
||||
;;
|
||||
--target=loongarch64-unknown-linux-gnu)
|
||||
use_clang=1
|
||||
;;
|
||||
--target=mips-unknown-linux-gnu)
|
||||
install_packages \
|
||||
gcc-mips-linux-gnu \
|
||||
libc6-dev-mips-cross \
|
||||
qemu-user
|
||||
;;
|
||||
--target=mips64-unknown-linux-gnuabi64)
|
||||
install_packages \
|
||||
gcc-mips64-linux-gnuabi64 \
|
||||
libc6-dev-mips64-cross \
|
||||
qemu-user
|
||||
;;
|
||||
--target=mips64el-unknown-linux-gnuabi64)
|
||||
install_packages \
|
||||
gcc-mips64el-linux-gnuabi64 \
|
||||
libc6-dev-mips64el-cross \
|
||||
qemu-user
|
||||
;;
|
||||
--target=mipsel-unknown-linux-gnu)
|
||||
install_packages \
|
||||
gcc-mipsel-linux-gnu \
|
||||
libc6-dev-mipsel-cross \
|
||||
qemu-user
|
||||
;;
|
||||
--target=powerpc-unknown-linux-gnu)
|
||||
use_clang=1
|
||||
install_packages \
|
||||
gcc-powerpc-linux-gnu \
|
||||
libc6-dev-powerpc-cross \
|
||||
qemu-user
|
||||
;;
|
||||
--target=powerpc64-unknown-linux-gnu)
|
||||
use_clang=1
|
||||
install_packages \
|
||||
gcc-powerpc64-linux-gnu \
|
||||
libc6-dev-ppc64-cross \
|
||||
qemu-user
|
||||
;;
|
||||
--target=powerpc64le-unknown-linux-gnu)
|
||||
use_clang=1
|
||||
install_packages \
|
||||
gcc-powerpc64le-linux-gnu \
|
||||
libc6-dev-ppc64el-cross \
|
||||
qemu-user
|
||||
;;
|
||||
--target=riscv64gc-unknown-linux-gnu)
|
||||
use_clang=1
|
||||
install_packages \
|
||||
gcc-riscv64-linux-gnu \
|
||||
libc6-dev-riscv64-cross \
|
||||
qemu-user
|
||||
;;
|
||||
--target=s390x-unknown-linux-gnu)
|
||||
# Clang is needed for code coverage.
|
||||
use_clang=1
|
||||
install_packages \
|
||||
qemu-user \
|
||||
gcc-s390x-linux-gnu \
|
||||
libc6-dev-s390x-cross
|
||||
;;
|
||||
--target=wasm32-unknown-unknown)
|
||||
cargo install wasm-bindgen-cli --bin wasm-bindgen-test-runner
|
||||
use_clang=1
|
||||
;;
|
||||
--target=wasm32-wasi)
|
||||
use_clang=1
|
||||
git clone \
|
||||
--branch linux-x86_64 \
|
||||
--depth 1 \
|
||||
https://github.com/briansmith/ring-toolchain \
|
||||
target/tools/linux-x86_64
|
||||
;;
|
||||
--target=*)
|
||||
;;
|
||||
esac
|
||||
|
@ -102,7 +173,7 @@ esac
|
|||
case "$OSTYPE" in
|
||||
linux*)
|
||||
ubuntu_codename=$(lsb_release --codename --short)
|
||||
llvm_version=15
|
||||
llvm_version=18
|
||||
sudo apt-key add mk/llvm-snapshot.gpg.key
|
||||
sudo add-apt-repository "deb http://apt.llvm.org/$ubuntu_codename/ llvm-toolchain-$ubuntu_codename-$llvm_version main"
|
||||
sudo apt-get update
|
||||
|
|
77
src/der.rs
77
src/der.rs
|
@ -14,7 +14,7 @@
|
|||
|
||||
use crate::{calendar, time, Error};
|
||||
pub use ring::io::{
|
||||
der::{nested, Tag, CONSTRUCTED},
|
||||
der::{nested, Tag},
|
||||
Positive,
|
||||
};
|
||||
|
||||
|
@ -171,3 +171,78 @@ macro_rules! oid {
|
|||
[(40 * $first) + $second, $( $tail ),*]
|
||||
)
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
fn bytes_reader(bytes: &[u8]) -> untrusted::Reader {
|
||||
return untrusted::Reader::new(untrusted::Input::from(bytes));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_optional_boolean() {
|
||||
use super::{optional_boolean, Error};
|
||||
|
||||
// Empty input results in false
|
||||
assert_eq!(false, optional_boolean(&mut bytes_reader(&[])).unwrap());
|
||||
|
||||
// Optional, so another data type results in false
|
||||
assert_eq!(
|
||||
false,
|
||||
optional_boolean(&mut bytes_reader(&[0x05, 0x00])).unwrap()
|
||||
);
|
||||
|
||||
// Only 0x00 and 0xff are accepted values
|
||||
assert_eq!(
|
||||
Err(Error::BadDer),
|
||||
optional_boolean(&mut bytes_reader(&[0x01, 0x01, 0x42]))
|
||||
);
|
||||
|
||||
// True
|
||||
assert_eq!(
|
||||
true,
|
||||
optional_boolean(&mut bytes_reader(&[0x01, 0x01, 0xff])).unwrap()
|
||||
);
|
||||
|
||||
// False
|
||||
assert_eq!(
|
||||
false,
|
||||
optional_boolean(&mut bytes_reader(&[0x01, 0x01, 0x00])).unwrap()
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_bit_string_with_no_unused_bits() {
|
||||
use super::{bit_string_with_no_unused_bits, Error};
|
||||
|
||||
// Unexpected type
|
||||
assert_eq!(
|
||||
Err(Error::BadDer),
|
||||
bit_string_with_no_unused_bits(&mut bytes_reader(&[0x01, 0x01, 0xff]))
|
||||
);
|
||||
|
||||
// Unexpected nonexistent type
|
||||
assert_eq!(
|
||||
Err(Error::BadDer),
|
||||
bit_string_with_no_unused_bits(&mut bytes_reader(&[0x42, 0xff, 0xff]))
|
||||
);
|
||||
|
||||
// Unexpected empty input
|
||||
assert_eq!(
|
||||
Err(Error::BadDer),
|
||||
bit_string_with_no_unused_bits(&mut bytes_reader(&[]))
|
||||
);
|
||||
|
||||
// Valid input with non-zero unused bits
|
||||
assert_eq!(
|
||||
Err(Error::BadDer),
|
||||
bit_string_with_no_unused_bits(&mut bytes_reader(&[0x03, 0x03, 0x04, 0x12, 0x34]))
|
||||
);
|
||||
|
||||
// Valid input
|
||||
assert_eq!(
|
||||
untrusted::Input::from(&[0x12, 0x34]),
|
||||
bit_string_with_no_unused_bits(&mut bytes_reader(&[0x03, 0x03, 0x00, 0x12, 0x34]))
|
||||
.unwrap()
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -80,6 +80,7 @@ fn build_chain_inner(
|
|||
|
||||
// TODO: revocation.
|
||||
|
||||
#[allow(clippy::blocks_in_conditions)]
|
||||
match loop_while_non_fatal_error(trust_anchors, |trust_anchor: &TrustAnchor| {
|
||||
let trust_anchor_subject = untrusted::Input::from(trust_anchor.subject);
|
||||
if !equal(cert.issuer, trust_anchor_subject) {
|
||||
|
|
Loading…
Reference in New Issue