Skip to content

Sync

Sync #71

Workflow file for this run

name: FIPS
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
env:
BUILD_TYPE: Release
jobs:
format_check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
# If any *.c *.h *.md file(except:libspdm) have Tab, the check will fail.
- name: Check code format
run: |
if grep -rn " " * --include=*.c --include=*.h --include=*.md;
then exit 1
fi
gcc_mbedtls_build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
- name: Build
run: |
mkdir build
cd build
cmake -E env CFLAGS="-DLIBSPDM_FIPS_MODE=1 -DLIBSPDM_FIPS_TEST_AT_LOAD=1 -DLIBSPDM_DEBUG_LIBSPDM_ASSERT_CONFIG=3" cmake -DARCH=x64 -DTOOLCHAIN=GCC -DTARGET=Release -DCRYPTO=mbedtls ..
make copy_sample_key
make -j`nproc`
- name: Emu_Test
run: |
cd build/bin
test_port=2323
TCPListeningnum=`netstat -an | grep ":$test_port " | awk '/^tcp.*/ && $NF == "LISTEN" {print $0}' | wc -l`
UDPListeningnum=`netstat -an | grep ":$test_port " | awk '/^udp.*/ && $NF == "0.0.0.0:*" {print $0}' | wc -l`
Listeningnum=$((TCPListeningnum + UDPListeningnum))
if [ $Listeningnum -eq 0 ]; then
echo "port is not used"
else
echo "port is used"
fi
./spdm_responder_emu &
./spdm_requester_emu >requester.log
filename=./requester.log
if [ ! -f "$filename" ];
then
echo "Gen requester.log fail"
exit 1
fi
if grep "Connect Error - 6f" requester.log
then
sleep 100s
echo -e "\n try connect again!!! \n"
./spdm_responder_emu &
./spdm_requester_emu >requester.log
if [ ! -f "$filename" ];
then
echo "Second Gen requester.log fail"
exit 1
fi
fi
minsize=1070000
if [ `stat -c%s "$filename"` -lt $minsize ] ||
! grep "libspdm_stop_session - (nil)" requester.log;
then
echo "requester run fail"
cat -n "$filename"
echo "requester.log size is `stat -c%s "$filename"`"
exit 1
fi
- name: Responder_validator_Test
run: |
cd build/bin
./spdm_responder_emu &
./spdm_device_validator_sample
- name: Test_RECORD_TRANSCRIPT_DATA_consistent
# open LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT flag
# mkdir build1 folder, gen spdm_requester_emu.exe and spdm_responder_emu.exe
# check the log size and end of log to ensure that hashes/signatures over transcripts are consistent
run: |
sed -i '17a add_definitions(-DLIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT=1)' CMakeLists.txt
mkdir build1
cd build1
cmake -DARCH=x64 -DTOOLCHAIN=GCC -DTARGET=Release -DCRYPTO=mbedtls ..
make copy_sample_key
make -j`nproc`
cd bin
echo "requester (DATA_SUPPORT = 0) <=> responder (DATA_SUPPORT = 1)"
./spdm_responder_emu &
./../../build/bin/spdm_requester_emu >requester.log
filename=./../../build/bin/requester.log
if [ ! -f "$filename" ];
then
echo "Gen requester.log fail"
exit 1
fi
if grep "Connect Error - 6f" requester.log
then
sleep 100s
echo -e "\n try connect again!!! \n"
./spdm_responder_emu &
./../../build/bin/spdm_requester_emu >requester.log
if [ ! -f "$filename" ];
then
echo "Second Gen requester.log fail"
exit 1
fi
fi
minsize=1070000
if [ `stat -c%s "$filename"` -lt $minsize ] ||
! grep "libspdm_stop_session - (nil)" requester.log;
then
echo "requester run fail"
cat -n "$filename"
echo "requester.log size is `stat -c%s "$filename"`"
exit 1
fi
sleep 10s
echo "requester (DATA_SUPPORT = 1) <=> responder (DATA_SUPPORT = 0)"
./../../build/bin/spdm_responder_emu &
./spdm_requester_emu >requester.log
filename=./requester.log
if [ ! -f "$filename" ];
then
echo "Gen requester.log fail"
exit 1
fi
if grep "Connect Error - 6f" requester.log
then
sleep 100s
echo -e "\n try connect again!!! \n"
./../../build/bin/spdm_responder_emu &
./spdm_requester_emu >requester.log
if [ ! -f "$filename" ];
then
echo "Second Gen requester.log fail"
exit 1
fi
fi
minsize=1070000
if [ `stat -c%s "$filename"` -lt $minsize ] ||
! grep "libspdm_stop_session - (nil)" requester.log;
then
echo "requester run fail"
cat -n "$filename"
echo "requester.log size is `stat -c%s "$filename"`"
exit 1
fi
gcc_openssl_build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
- name: Build
run: |
mkdir build
cd build
cmake -E env CFLAGS="-DLIBSPDM_FIPS_MODE=1 -DLIBSPDM_FIPS_TEST_AT_LOAD=0 -DLIBSPDM_DEBUG_LIBSPDM_ASSERT_CONFIG=3" cmake -DARCH=x64 -DTOOLCHAIN=GCC -DTARGET=Release -DCRYPTO=openssl ..
make copy_sample_key
make -j`nproc`
- name: Emu_Test
run: |
cd build/bin
test_port=2323
TCPListeningnum=`netstat -an | grep ":$test_port " | awk '/^tcp.*/ && $NF == "LISTEN" {print $0}' | wc -l`
UDPListeningnum=`netstat -an | grep ":$test_port " | awk '/^udp.*/ && $NF == "0.0.0.0:*" {print $0}' | wc -l`
Listeningnum=$((TCPListeningnum + UDPListeningnum))
if [ $Listeningnum -eq 0 ]; then
echo "port is not used"
else
echo "port is used"
fi
./spdm_responder_emu &
./spdm_requester_emu >requester.log
filename=./requester.log
if [ ! -f "$filename" ];
then
echo "Gen requester.log fail"
exit 1
fi
if grep "Connect Error - 6f" requester.log
then
sleep 100s
echo -e "\n try connect again!!! \n"
./spdm_responder_emu &
./spdm_requester_emu >requester.log
if [ ! -f "$filename" ];
then
echo "Second Gen requester.log fail"
exit 1
fi
fi
minsize=1070000
if [ `stat -c%s "$filename"` -lt $minsize ] ||
! grep "libspdm_stop_session - (nil)" requester.log;
then
echo "requester run fail"
cat -n "$filename"
echo "requester.log size is `stat -c%s "$filename"`"
exit 1
fi
- name: Responder_validator_Test
run: |
cd build/bin
./spdm_responder_emu &
./spdm_device_validator_sample
- name: Test_RECORD_TRANSCRIPT_DATA_consistent
# open LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT flag
# mkdir build1 folder, gen spdm_requester_emu.exe and spdm_responder_emu.exe
# check the log size and the end of log to ensure that hashes/signatures over transcripts are consistent
run: |
sed -i '17a add_definitions(-DLIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT=1)' CMakeLists.txt
mkdir build1
cd build1
cmake -DARCH=x64 -DTOOLCHAIN=GCC -DTARGET=Release -DCRYPTO=openssl ..
make copy_sample_key
make -j`nproc`
cd bin
echo "requester (DATA_SUPPORT = 0) <=> responder (DATA_SUPPORT = 1)"
./spdm_responder_emu &
./../../build/bin/spdm_requester_emu >requester.log
filename=./../../build/bin/requester.log
if [ ! -f "$filename" ];
then
echo "Gen requester.log fail"
exit 1
fi
if grep "Connect Error - 6f" requester.log
then
sleep 100s
echo -e "\n try connect again!!! \n"
./spdm_responder_emu &
./../../build/bin/spdm_requester_emu >requester.log
if [ ! -f "$filename" ];
then
echo "Second Gen requester.log fail"
exit 1
fi
fi
minsize=1070000
if [ `stat -c%s "$filename"` -lt $minsize ] ||
! grep "libspdm_stop_session - (nil)" requester.log;
then
echo "requester run fail"
cat -n "$filename"
echo "requester.log size is `stat -c%s "$filename"`"
exit 1
fi
sleep 10s
echo "requester (DATA_SUPPORT = 1) <=> responder (DATA_SUPPORT = 0)"
./../../build/bin/spdm_responder_emu &
./spdm_requester_emu >requester.log
filename=./requester.log
if [ ! -f "$filename" ];
then
echo "Gen requester.log fail"
exit 1
fi
if grep "Connect Error - 6f" requester.log
then
sleep 100s
echo -e "\n try connect again!!! \n"
./../../build/bin/spdm_responder_emu &
./spdm_requester_emu >requester.log
if [ ! -f "$filename" ];
then
echo "Second Gen requester.log fail"
exit 1
fi
fi
minsize=1070000
if [ `stat -c%s "$filename"` -lt $minsize ] ||
! grep "libspdm_stop_session - (nil)" requester.log;
then
echo "requester run fail"
cat -n "$filename"
echo "requester.log size is `stat -c%s "$filename"`"
exit 1
fi
VS2019_mbedtls_build:
runs-on: windows-latest
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
#ilammy/msvc-dev-cmd@v1 is GitHub Action for configuring Developer Command Prompt for Microsoft Visual Studio on Windows.
#This sets up the environment for compiling C/C++ code from command line.
- name: Add msbuild to PATH
uses: ilammy/msvc-dev-cmd@v1
with:
arch: x64
- name: Build
run: |
mkdir build
cd build
cmake -E env CFLAGS="-DLIBSPDM_FIPS_MODE=1 -DLIBSPDM_FIPS_TEST_AT_LOAD=0 -DLIBSPDM_DEBUG_LIBSPDM_ASSERT_CONFIG=3" cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Release -DCRYPTO=mbedtls ..
nmake copy_sample_key
nmake
- name: Emu_Test
run: |
cd build/bin
./spdm_responder_emu &
./spdm_requester_emu
- name: Responder_validator_Test
run: |
cd build/bin
./spdm_responder_emu &
./spdm_device_validator_sample
VS2019_openssl_build:
runs-on: windows-latest
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
#ilammy/msvc-dev-cmd@v1 is GitHub Action for configuring Developer Command Prompt for Microsoft Visual Studio on Windows.
#This sets up the environment for compiling C/C++ code from command line.
- name: Add msbuild to PATH
uses: ilammy/msvc-dev-cmd@v1
with:
arch: x64
- name: Build
run: |
mkdir build
cd build
cmake -E env CFLAGS="-DLIBSPDM_FIPS_MODE=1 -DLIBSPDM_FIPS_TEST_AT_LOAD=1 -DLIBSPDM_DEBUG_LIBSPDM_ASSERT_CONFIG=3" cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Release -DCRYPTO=openssl ..
nmake copy_sample_key
nmake
- name: Emu_Test
run: |
cd build/bin
./spdm_responder_emu &
./spdm_requester_emu
- name: Responder_validator_Test
run: |
cd build/bin
./spdm_responder_emu &
./spdm_device_validator_sample