Skip to content

Commit

Permalink
Update GitHub Actions workflows for stateful signatures (#1692)
Browse files Browse the repository at this point in the history
Co-authored-by: Duc Nguyen <ductri.nguyen@sandboxquantum.com>
  • Loading branch information
2 people authored and cothan committed Apr 2, 2024
1 parent 9cf2467 commit 912d165
Show file tree
Hide file tree
Showing 6 changed files with 55 additions and 26 deletions.
4 changes: 3 additions & 1 deletion .github/workflows/android.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,10 @@ jobs:
fail-fast: false
matrix:
abi: [armeabi-v7a, arm64-v8a, x86, x86_64]
stfl_opt: [ON, OFF]

steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Build project
run: ./scripts/build-android.sh $ANDROID_NDK_HOME -a ${{ matrix.abi }}
run: ./scripts/build-android.sh $ANDROID_NDK_HOME -a ${{ matrix.abi }} -f "-DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_KEY_SIG_GEN=${{ matrix.stfl_opt }}"
5 changes: 4 additions & 1 deletion .github/workflows/apple.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,13 @@ jobs:
fail-fast: false
matrix:
platform: [OS64, TVOS]
stfl_opt: [OFF, ON]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Generate project
run: cmake -B build --toolchain .CMake/apple.cmake -DOQS_USE_OPENSSL=OFF -DPLATFORM=${{ matrix.platform }} .
run: |
cmake -B build --toolchain .CMake/apple.cmake -DOQS_USE_OPENSSL=OFF -DPLATFORM=${{ matrix.platform }} \
-DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_KEY_SIG_GEN=${{ matrix.stfl_opt }} .
- name: Build project
run: cmake --build build
22 changes: 17 additions & 5 deletions .github/workflows/unix.yml
Original file line number Diff line number Diff line change
Expand Up @@ -74,15 +74,19 @@ jobs:
include:
- name: alpine
container: openquantumsafe/ci-alpine-amd64:latest
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON -DOQS_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py
- name: alpine-no-stfl-key-sig-gen
container: openquantumsafe/ci-alpine-amd64:latest
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON -DOQS_ENABLE_SIG_STFL_KEY_SIG_GEN=OFF -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py
- name: alpine-openssl-all
container: openquantumsafe/ci-alpine-amd64:latest
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON -DOQS_USE_AES_OPENSSL=ON -DOQS_USE_SHA2_OPENSSL=ON -DOQS_USE_SHA3_OPENSSL=ON
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON -DOQS_USE_AES_OPENSSL=ON -DOQS_USE_SHA2_OPENSSL=ON -DOQS_USE_SHA3_OPENSSL=ON -DOQS_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py
- name: alpine-noopenssl
container: openquantumsafe/ci-alpine-amd64:latest
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=OFF
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=OFF -DOQS_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py
- name: focal-nistr4-openssl
container: openquantumsafe/ci-ubuntu-focal-x86_64:latest
Expand All @@ -94,7 +98,11 @@ jobs:
PYTEST_ARGS: --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py
- name: address-sanitizer
container: openquantumsafe/ci-ubuntu-focal-x86_64:latest
CMAKE_ARGS: -DCMAKE_C_COMPILER=clang-9 -DCMAKE_BUILD_TYPE=Debug -DUSE_SANITIZER=Address
CMAKE_ARGS: -DCMAKE_C_COMPILER=clang-9 -DCMAKE_BUILD_TYPE=Debug -DUSE_SANITIZER=Address -DOQS_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_distbuild.py --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py --numprocesses=auto --maxprocesses=10
- name: address-sanitizer-no-stfl-key-sig-gen
container: openquantumsafe/ci-ubuntu-focal-x86_64:latest
CMAKE_ARGS: -DCMAKE_C_COMPILER=clang-9 -DCMAKE_BUILD_TYPE=Debug -DUSE_SANITIZER=Address -DOQS_ENABLE_SIG_STFL_KEY_SIG_GEN=OFF -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_distbuild.py --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py --numprocesses=auto --maxprocesses=10
container:
image: ${{ matrix.container }}
Expand Down Expand Up @@ -133,7 +141,11 @@ jobs:
include:
- name: armhf
ARCH: armhf
CMAKE_ARGS: -DOQS_ENABLE_SIG_SPHINCS=OFF -DOQS_USE_OPENSSL=OFF -DOQS_OPT_TARGET=generic
CMAKE_ARGS: -DOQS_ENABLE_SIG_SPHINCS=OFF -DOQS_USE_OPENSSL=OFF -DOQS_OPT_TARGET=generic -DOQS_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py
- name: armhf-no-stfl-key-sig-gen
ARCH: armhf
CMAKE_ARGS: -DOQS_ENABLE_SIG_SPHINCS=OFF -DOQS_USE_OPENSSL=OFF -DOQS_OPT_TARGET=generic -DOQS_ENABLE_SIG_STFL_KEY_SIG_GEN=OFF -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON
PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py
# no longer supporting armel
# - name: armel
Expand Down
8 changes: 6 additions & 2 deletions .github/workflows/windows.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,13 @@ jobs:

windows-arm64:
runs-on: windows-2022
strategy:
matrix:
stfl_opt: [ON, OFF]
steps:
- uses: actions/checkout@v3
- name: Generate Project
run: cmake -B build --toolchain .CMake/toolchain_windows_arm64.cmake .
run: cmake -B build --toolchain .CMake/toolchain_windows_arm64.cmake -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_KEY_SIG_GEN=${{ matrix.stfl_opt }} .
- name: Build Project
run: cmake --build build

Expand All @@ -19,10 +22,11 @@ jobs:
fail-fast: false
matrix:
toolchain: [.CMake/toolchain_windows_x86.cmake, .CMake/toolchain_windows_amd64.cmake]
stfl_opt: [ON, OFF]
steps:
- uses: actions/checkout@v3
- name: Generate Project
run: cmake -B build --toolchain ${{ matrix.toolchain }} .
run: cmake -B build --toolchain ${{ matrix.toolchain }} -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_KEY_SIG_GEN=${{ matrix.stfl_opt }} .
- name: Build Project
run: cmake --build build
- name: Test dependencies
Expand Down
9 changes: 6 additions & 3 deletions scripts/build-android.sh
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,13 @@ set -e

show_help() {
echo ""
echo " Usage: ./build-android <ndk-dir> -a [abi] -b [build-directory] -s [sdk-version]"
echo " Usage: ./build-android <ndk-dir> -a [abi] -b [build-directory] -s [sdk-version] -f [extra-cmake-flags]"

echo " ndk-dir: the directory of the Android NDK (required)"
echo " abi: the Android ABI to target for the build"
echo " build-directory: the directory in which to build the project"
echo " sdk-version: the minimum Android SDK version to target"
echo " extra-cmake-flags: extra flags to use for CMake configuration"
echo ""
exit 0
}
Expand Down Expand Up @@ -52,12 +53,13 @@ MINSDKVERSION=21
BUILDDIR="build"

OPTIND=2
while getopts "a:s:b:" flag
while getopts "a:s:b:f:" flag
do
case $flag in
a) ABI=$OPTARG;;
s) MINSDKVERSION=$OPTARG;;
b) BUILDDIR=$OPTARG;;
f) EXTRAFLAGS="$OPTARG";;
*) exit 1
esac
done
Expand Down Expand Up @@ -107,7 +109,8 @@ cmake .. -DOQS_USE_OPENSSL=OFF \
-DBUILD_SHARED_LIBS=ON \
-DCMAKE_TOOLCHAIN_FILE="$NDK"/build/cmake/android.toolchain.cmake \
-DANDROID_ABI="$ABI" \
-DANDROID_NATIVE_API_LEVEL="$MINSDKVERSION"
-DANDROID_NATIVE_API_LEVEL="$MINSDKVERSION" \
$EXTRAFLAGS
cmake --build ./

# Provide rudimentary information following build
Expand Down
33 changes: 19 additions & 14 deletions tests/kat_sig_stfl.c
Original file line number Diff line number Diff line change
Expand Up @@ -300,30 +300,33 @@ OQS_STATUS sig_stfl_kat(const char *method_name, const char *katfile) {
goto err;
}

//Echo back the signature read to keep the test tool happy.
// Echo back the signature read to keep the test tool happy.
fprintf(fh, "smlen = %zu\n", sig->length_signature);
fprintBstr(fh, "sm = ", signature_kat, sig->length_signature);
OQS_fprintBstr(fh, "sm = ", signature_kat, sig->length_signature);

rc = OQS_SIG_STFL_verify(sig, msg, msg_len, signature_kat, signature_len, public_key);
if (rc != OQS_SUCCESS) {
fprintf(stderr, "[kat_stfl_sig] %s ERROR: OQS_SIG_STFL_verify failed!\n", method_name);
goto err;
}

rc = OQS_SIG_STFL_sigs_remaining(sig, &sigs_remain, secret_key);
if (rc != OQS_SUCCESS) {
// Echo back remain
if (FindMarker(fp_rsp, "remain = ")) {
fscanf(fp_rsp, "%lld", &sigs_remain);
fprintf(fh, "remain = %llu\n", sigs_remain);
} else {
fprintf(stderr, "[kat_stfl_sig] %s ERROR: OQS_SIG_STFL_sigs_remaining failed!\n", method_name);
goto err;
}
//Update value to keep the test tool happy
fprintf(fh, "remain = %llu\n", sigs_remain - 1);

rc = OQS_SIG_STFL_sigs_total(sig, &sigs_maximum, secret_key);
if (rc != OQS_SUCCESS) {
// Echo back max
if (FindMarker(fp_rsp, "max = ")) {
fscanf(fp_rsp, "%lld", &sigs_maximum);
fprintf(fh, "max = %llu", sigs_maximum);
} else {
fprintf(stderr, "[kat_stfl_sig] %s ERROR: OQS_SIG_STFL_sigs_total failed!\n", method_name);
goto err;
}
fprintf(fh, "max = %llu", sigs_maximum);

ret = OQS_SUCCESS;
goto cleanup;
Expand All @@ -347,7 +350,9 @@ OQS_STATUS sig_stfl_kat(const char *method_name, const char *katfile) {
OQS_MEM_insecure_free(msg_rand);
OQS_SIG_STFL_free(sig);
OQS_KAT_PRNG_free(prng);
fclose(fp_rsp);
if (fp_rsp != NULL) {
fclose(fp_rsp);
}
return ret;
}

Expand Down Expand Up @@ -430,7 +435,7 @@ static OQS_STATUS test_lms_kat(const char *method_name, const char *katfile) {
goto err;
}

//Verify KAT
// Verify KAT
rc = OQS_SIG_STFL_verify(sig, msg, msg_len, sm, sig->length_signature, public_key);
if (rc != OQS_SUCCESS) {
fprintf(stderr, "ERROR: Verify test vector failed: %s\n", method_name);
Expand Down Expand Up @@ -477,10 +482,10 @@ int main(int argc, char **argv) {

char *alg_name = argv[1];
char *katfile = argv[2];
if (strncmp(alg_name, "LMS", 3) != 0) {
rc = sig_stfl_kat(alg_name, katfile);
} else {
if (strncmp(alg_name, "LMS", 3) == 0) {
rc = test_lms_kat(alg_name, katfile);
} else {
rc = sig_stfl_kat(alg_name, katfile);
}
if (rc != OQS_SUCCESS) {
OQS_destroy();
Expand Down

0 comments on commit 912d165

Please sign in to comment.