sync validator #296
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: FIPS | |
on: | |
push: | |
branches: [ main ] | |
pull_request: | |
branches: [ main ] | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
env: | |
BUILD_TYPE: Release | |
jobs: | |
format_check: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
# If any *.c *.h *.md file(except:libspdm) have Tab, the check will fail. | |
- name: Check code format | |
run: | | |
if grep -rn " " * --include=*.c --include=*.h --include=*.md; | |
then exit 1 | |
fi | |
gcc_mbedtls_build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
- name: Build | |
run: | | |
mkdir build | |
cd build | |
cmake -E env CFLAGS="-DLIBSPDM_FIPS_MODE=1 -DLIBSPDM_FIPS_TEST_AT_LOAD=1 -DLIBSPDM_DEBUG_LIBSPDM_ASSERT_CONFIG=3" cmake -DARCH=x64 -DTOOLCHAIN=GCC -DTARGET=Release -DCRYPTO=mbedtls .. | |
make copy_sample_key | |
make -j`nproc` | |
- name: Emu_Test | |
run: | | |
cd build/bin | |
test_port=2323 | |
TCPListeningnum=`netstat -an | grep ":$test_port " | awk '/^tcp.*/ && $NF == "LISTEN" {print $0}' | wc -l` | |
UDPListeningnum=`netstat -an | grep ":$test_port " | awk '/^udp.*/ && $NF == "0.0.0.0:*" {print $0}' | wc -l` | |
Listeningnum=$((TCPListeningnum + UDPListeningnum)) | |
if [ $Listeningnum -eq 0 ]; then | |
echo "port is not used" | |
else | |
echo "port is used" | |
fi | |
./spdm_responder_emu & | |
sleep 5s | |
./spdm_requester_emu >requester.log | |
- name: Responder_validator_Test | |
run: | | |
cd build/bin | |
./spdm_responder_emu & | |
sleep 5s | |
./spdm_device_validator_sample | |
- name: Test_RECORD_TRANSCRIPT_DATA_consistent | |
# open LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT flag | |
# mkdir build1 folder, gen spdm_requester_emu.exe and spdm_responder_emu.exe | |
# check the log size and end of log to ensure that hashes/signatures over transcripts are consistent | |
run: | | |
sed -i '17a add_definitions(-DLIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT=1)' CMakeLists.txt | |
mkdir build1 | |
cd build1 | |
cmake -DARCH=x64 -DTOOLCHAIN=GCC -DTARGET=Release -DCRYPTO=mbedtls .. | |
make copy_sample_key | |
make -j`nproc` | |
cd bin | |
echo "requester (DATA_SUPPORT = 0) <=> responder (DATA_SUPPORT = 1)" | |
./spdm_responder_emu & | |
sleep 5s | |
./../../build/bin/spdm_requester_emu >requester.log | |
sleep 10s | |
echo "requester (DATA_SUPPORT = 1) <=> responder (DATA_SUPPORT = 0)" | |
./../../build/bin/spdm_responder_emu & | |
sleep 5s | |
./spdm_requester_emu >requester.log | |
gcc_openssl_build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
- name: Build | |
run: | | |
mkdir build | |
cd build | |
cmake -E env CFLAGS="-DLIBSPDM_FIPS_MODE=1 -DLIBSPDM_FIPS_TEST_AT_LOAD=0 -DLIBSPDM_DEBUG_LIBSPDM_ASSERT_CONFIG=3" cmake -DARCH=x64 -DTOOLCHAIN=GCC -DTARGET=Release -DCRYPTO=openssl .. | |
make copy_sample_key | |
make -j`nproc` | |
- name: Emu_Test | |
run: | | |
cd build/bin | |
test_port=2323 | |
TCPListeningnum=`netstat -an | grep ":$test_port " | awk '/^tcp.*/ && $NF == "LISTEN" {print $0}' | wc -l` | |
UDPListeningnum=`netstat -an | grep ":$test_port " | awk '/^udp.*/ && $NF == "0.0.0.0:*" {print $0}' | wc -l` | |
Listeningnum=$((TCPListeningnum + UDPListeningnum)) | |
if [ $Listeningnum -eq 0 ]; then | |
echo "port is not used" | |
else | |
echo "port is used" | |
fi | |
./spdm_responder_emu & | |
sleep 5s | |
./spdm_requester_emu >requester.log | |
- name: Responder_validator_Test | |
run: | | |
cd build/bin | |
./spdm_responder_emu & | |
sleep 5s | |
./spdm_device_validator_sample | |
- name: Test_RECORD_TRANSCRIPT_DATA_consistent | |
# open LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT flag | |
# mkdir build1 folder, gen spdm_requester_emu.exe and spdm_responder_emu.exe | |
# check the log size and the end of log to ensure that hashes/signatures over transcripts are consistent | |
run: | | |
sed -i '17a add_definitions(-DLIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT=1)' CMakeLists.txt | |
mkdir build1 | |
cd build1 | |
cmake -DARCH=x64 -DTOOLCHAIN=GCC -DTARGET=Release -DCRYPTO=openssl .. | |
make copy_sample_key | |
make -j`nproc` | |
cd bin | |
echo "requester (DATA_SUPPORT = 0) <=> responder (DATA_SUPPORT = 1)" | |
./spdm_responder_emu & | |
sleep 5s | |
./../../build/bin/spdm_requester_emu >requester.log | |
sleep 10s | |
echo "requester (DATA_SUPPORT = 1) <=> responder (DATA_SUPPORT = 0)" | |
./../../build/bin/spdm_responder_emu & | |
sleep 5s | |
./spdm_requester_emu >requester.log | |
VS2019_mbedtls_build: | |
runs-on: windows-latest | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
#ilammy/msvc-dev-cmd@v1 is GitHub Action for configuring Developer Command Prompt for Microsoft Visual Studio on Windows. | |
#This sets up the environment for compiling C/C++ code from command line. | |
- name: Add msbuild to PATH | |
uses: ilammy/msvc-dev-cmd@v1 | |
with: | |
arch: x64 | |
- name: Build | |
run: | | |
mkdir build | |
cd build | |
cmake -E env CFLAGS="-DLIBSPDM_FIPS_MODE=1 -DLIBSPDM_FIPS_TEST_AT_LOAD=0 -DLIBSPDM_DEBUG_LIBSPDM_ASSERT_CONFIG=3" cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Release -DCRYPTO=mbedtls .. | |
nmake copy_sample_key | |
nmake | |
- name: Emu_Test | |
run: | | |
cd build/bin | |
./spdm_responder_emu & | |
sleep 5s | |
./spdm_requester_emu | |
- name: Responder_validator_Test | |
run: | | |
cd build/bin | |
./spdm_responder_emu & | |
sleep 5s | |
./spdm_device_validator_sample | |
VS2019_openssl_build: | |
runs-on: windows-latest | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
#ilammy/msvc-dev-cmd@v1 is GitHub Action for configuring Developer Command Prompt for Microsoft Visual Studio on Windows. | |
#This sets up the environment for compiling C/C++ code from command line. | |
- name: Add msbuild to PATH | |
uses: ilammy/msvc-dev-cmd@v1 | |
with: | |
arch: x64 | |
- name: Build | |
run: | | |
mkdir build | |
cd build | |
cmake -E env CFLAGS="-DLIBSPDM_FIPS_MODE=1 -DLIBSPDM_FIPS_TEST_AT_LOAD=1 -DLIBSPDM_DEBUG_LIBSPDM_ASSERT_CONFIG=3" cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Release -DCRYPTO=openssl .. | |
nmake copy_sample_key | |
nmake | |
- name: Emu_Test | |
run: | | |
cd build/bin | |
./spdm_responder_emu & | |
sleep 5s | |
./spdm_requester_emu | |
- name: Responder_validator_Test | |
run: | | |
cd build/bin | |
./spdm_responder_emu & | |
sleep 5s | |
./spdm_device_validator_sample |