Skip to content

Towards crypto & method agility: API updates, new buffer, new credential struct #1070

Towards crypto & method agility: API updates, new buffer, new credential struct

Towards crypto & method agility: API updates, new buffer, new credential struct #1070

name: Build and test
on:
push:
branches: [main]
tags: 'v*'
pull_request:
workflow_dispatch:
env:
CARGO_TERM_COLOR: always
jobs:
check-style:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Install Rust formatter
run: rustup component add rustfmt
- name: Check if code is well formatted
run: cargo fmt --check
unit-tests-default:
needs: check-style
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Run unit tests with default features
run: RUST_BACKTRACE=1 cargo test
unit-tests:
needs: check-style
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
crypto_backend: [lakers-crypto/psa, lakers-crypto/rustcrypto]
ead: [ead-none, ead-authz]
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Run unit tests with feature matrix # note that we only add `--package lakers-ead-authz` when testing with that config
run: RUST_BACKTRACE=1 cargo test -p lakers -p lakers-crypto -p lakers-shared ${{ matrix.ead == 'ead-authz' && '-p lakers-ead-authz' || '' }} --no-default-features --features="${{ matrix.crypto_backend }}, test-${{ matrix.ead }}" --no-fail-fast -- --test-threads 1
build-edhoc-package:
needs: unit-tests
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
crypto_backend: [lakers-crypto/psa, lakers-crypto/psa-baremetal, lakers-crypto/cryptocell310, lakers-crypto/rustcrypto]
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Install arm targets for Rust
run: rustup target add thumbv7m-none-eabi && rustup target add thumbv7em-none-eabihf
- name: Install arm gcc
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi
- name: Build
run: cargo build --package lakers --package lakers-crypto --package lakers-ead-authz --no-default-features --features="${{ matrix.crypto_backend }}" --release
generate-fstar:
runs-on: ubuntu-latest
steps:
- name: Checkout lakers
uses: actions/checkout@v3
- name: Generate fstar code over lakers and lakers-shared
run: |
docker run --rm -v ${{ github.workspace }}:/lakers docker.io/geonnave/hax bash -e -c "
cd lakers
# generate the fstar files
cargo-hax -C -p lakers --no-default-features --features='lakers-crypto/rustcrypto' --release \; into -i '-lakers::generate_connection_identifier_cbor -lakers::generate_connection_identifier' fstar
cargo-hax -C -p lakers-shared \; into -i '-lakers_shared::ffi::**' fstar
# even if fstar generation was ok, fail if something is not implemented
[ -z "$(find -name *.fst -type f | xargs grep 'something is not implemented yet')" ]
"
zip -j -r lakers-fstar.zip $(find . -name *fst)
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: fstar-code
path: ./lakers-fstar.zip
build-lakers-c:
needs: unit-tests
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
crypto_backend: [crypto-rustcrypto, crypto-psa-baremetal, crypto-cryptocell310]
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Install arm targets for Rust
run: rustup target add thumbv7em-none-eabihf
- name: Install arm gcc
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi
- name: Build static library, generate headers, and zip to file
run: cd lakers-c && ./build.sh "${{ matrix.crypto_backend }}"
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: lakers-c
path: ./target/lakers-c-*.zip
build-lakers-c-example:
needs: unit-tests
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Checkout libcoap
uses: actions/checkout@v3
with:
repository: obgm/libcoap
path: libcoap
- name: Install libcoap
run: |
cd libcoap && ./autogen.sh
./configure --disable-doxygen --disable-manpages --disable-dtls --disable-oscore
make && sudo make install
- name: Install arm targets for Rust
run: rustup target add thumbv7em-none-eabihf
- name: Install arm gcc
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi
- name: Build static library and generate headers
run: cd lakers-c && ./build.sh crypto-rustcrypto
- name: Build and run native C eaxmple
run: |
cd examples/lakers-c-native
make all LAKERS_EAD=authz
test-lakers-python:
needs: check-style
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: set up python
uses: actions/setup-python@v5
with:
python-version: '3.10'
- name: Test Python package
run: |
cd lakers-python
python3 -m venv .venv
source .venv/bin/activate
pip install --upgrade pip
pip install -U maturin pytest cbor2
pip freeze
maturin develop && pytest
run-example-on-qemu:
needs: unit-tests
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
crypto_backend: [crypto-psa]
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Install arm targets for Rust
run: rustup target add thumbv7m-none-eabi
- name: Install arm gcc
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi
- name: Install QEMU ARM emulator
run: sudo apt-get -y install qemu-system-arm
- name: Run tests in QEMU
run: cd examples/lakers-no_std && cargo run --target="thumbv7m-none-eabi" --no-default-features --features="${{ matrix.crypto_backend }}" --release
build-example-for-cortex-m4:
needs: unit-tests
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
crypto_backend: [crypto-psa, crypto-cryptocell310]
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Install arm targets for Rust
run: rustup target add thumbv7em-none-eabihf
- name: Install arm gcc
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi
- name: Build example
run: cd examples/lakers-no_std && cargo build --target="thumbv7em-none-eabihf" --no-default-features --features="${{ matrix.crypto_backend }}, rtt" --release
build-coap-example:
needs: unit-tests
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Build server
run: cargo build --bin coapserver
- name: Build client
run: cargo build --bin coapclient
- name: Build coap-handler based server
run: cargo build --bin coapserver-coaphandler
release:
runs-on: ubuntu-latest
needs: [
build-edhoc-package, build-lakers-c,
generate-fstar,
build-example-for-cortex-m4, build-coap-example, build-lakers-c-example,
run-example-on-qemu,
]
if: >-
github.event_name == 'push' &&
startsWith(github.event.ref, 'refs/tags')
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Download artifacts
uses: actions/download-artifact@v3
with:
name: fstar-code
path: ./release-artifacts
- name: Download artifacts
uses: actions/download-artifact@v3
with:
name: lakers-c
path: ./release-artifacts
- name: Release
uses: ncipollo/release-action@v1
with:
generateReleaseNotes: true
artifacts: "release-artifacts/*"
token: ${{ secrets.RELEASE_TOKEN }}