Merge pull request #22 from dgarske/more_testing

Additional CI tests

Author: JacobBarthelmeh

.github/workflows/build-workflow.yml

@@ -0,0 +1,66 @@
+name: wolfPKCS11 Build Workflow
+
+on:
+
+    workflow_call:
+      inputs:
+        config:
+          required: false
+          type: string
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+#pull wolfPKCS11
+    - uses: actions/checkout@v3
+      with:
+        submodules: true
+
+#setup wolfssl
+    - uses: actions/checkout@v3
+      with:
+        repository: wolfssl/wolfssl
+        path: wolfssl
+    - name: wolfssl autogen
+      working-directory: ./wolfssl
+      run: ./autogen.sh
+    - name: wolfssl configure
+      working-directory: ./wolfssl
+      run: |
+        ./configure --enable-cryptonly --enable-aescfb --enable-rsapss --enable-keygen --enable-pwdbased --enable-scrypt \
+            C_EXTRA_FLAGS="-DWOLFSSL_PUBLIC_MP -DWC_RSA_DIRECT"
+    - name: wolfssl make install
+      working-directory: ./wolfssl
+      run: make
+    - name: wolfssl make install
+      working-directory: ./wolfssl
+      run: |
+          sudo make install
+          sudo ldconfig
+
+#setup wolfPKCS11
+    - name: wolfpkcs11 autogen
+      run: ./autogen.sh
+    - name: wolfpkcs11 configure
+      run: ./configure ${{inputs.config}}
+    - name: wolfpkcs11 make
+      run: make
+    - name: wolfpkcs11 make check
+      run: make check
+    - name: wolfpkcs11 make install
+      run: sudo make install
+    - name: wolfpkcs11 make dist
+      run: make dist
+
+# capture logs on failure
+    - name: Upload failure logs
+      if: failure() || cancelled()
+      uses: actions/upload-artifact@v3
+      with:
+        name: wolfpkcs11-test-logs
+        path: |
+          test-suite.log
+        retention-days: 5

.github/workflows/unit-test.yml

@@ -7,56 +7,67 @@ on:
     branches: [ '*' ]
 
 jobs:
-  build:
 
-    runs-on: ubuntu-latest
+  defaults_all:
+    uses: ./.github/workflows/build-workflow.yml
 
-    steps:
-#pull wolfPKCS11
-    - uses: actions/checkout@v3
+  no_rsa:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: --disable-rsa
+  no_rsaoaep:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: --disable-rsaoaep
+  no_rsapss:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: --disable-rsapss
+  no_ecc:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: --disable-ecc
+  no_dh:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: --disable-dh
+  no_keygen:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: --disable-keygen
+  no_keystore:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: CFLAGS="-DWOLFPKCS11_NO_STORE"
+  no_aesgcm:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: --disable-aesgcm
+  no_sha512:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: --disable-sha512
+  no_sha384:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: --disable-sha384
+  no_sha224:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: --disable-sha224
+  no_sha1:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: --disable-sha1
+  no_md5:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: --disable-md5
+  no_hmac:
+    uses: ./.github/workflows/build-workflow.yml
+    with:
+      config: --disable-hmac
 
-#setup wolfssl
-    - uses: actions/checkout@v3
-      with:
-        repository: wolfssl/wolfssl
-        path: wolfssl
-    - name: wolfssl autogen
-      working-directory: ./wolfssl
-      run: ./autogen.sh
-    - name: wolfssl configure
-      working-directory: ./wolfssl
-      run: |
-        ./configure --enable-wolftpm --enable-rsapss --enable-keygen --enable-pwdbased --enable-scrypt \
-            C_EXTRA_FLAGS="-DWOLFSSL_PUBLIC_MP -DWC_RSA_DIRECT"
-    - name: wolfssl make install
-      working-directory: ./wolfssl
-      run: make
-    - name: wolfssl make install
-      working-directory: ./wolfssl
-      run: |
-          sudo make install
-          sudo ldconfig
-
-#setup wolfPKCS11
-    - name: wolfpkcs11 autogen
-      run: ./autogen.sh
-    - name: wolfpkcs11 configure
-      run: ./configure
-    - name: wolfpkcs11 make
-      run: make
-    - name: wolfpkcs11 make check
-      run: make check
-    - name: wolfpkcs11 make install
-      run: sudo make install
-    - name: wolfpkcs11 make dist
-      run: make dist
-
-# capture logs on failure
-    - name: Upload failure logs
-      if: failure()
-      uses: actions/upload-artifact@v3
-      with:
-        name: wolfpkcs11-test-logs
-        path: |
-          test-suite.log
-        retention-days: 5
+  #TODO: --disable-aes            Enable AES (default: enabled)
+  #TODO: --disable-aescbc         Enable AES-CBC (default: enabled)
+  #TODO: --disable-sha256         Enable SHA-256 (default: enabled)

README.md

@@ -9,7 +9,7 @@ PKCS#11 library that implements cryptographic algorithms using wolfSSL.
 
 Build wolfSSL:
 
-```
+```sh
 git clone https://github.com/wolfSSL/wolfssl.git
 cd wolfssl
 ./autogen.sh
@@ -24,7 +24,7 @@ autogen.sh requires: automake and libtool: `sudo apt-get install automake libtoo
 
 Build wolfPKCS11:
 
-```
+```sh
 git clone https://github.com/wolfSSL/wolfPKCS11.git
 cd wolfPKCS11
 ./autogen.sh

configure.ac

@@ -1,11 +1,11 @@
 # configure.ac
 #
-# Copyright (C) 2018 wolfSSL Inc.
+# Copyright (C) 2023 wolfSSL Inc.
 # All right reserved.
 #
 # This file is part of wolfPKCS11.
 #
-AC_COPYRIGHT([Copyright (C) 2014-2018 wolfSSL Inc.])
+AC_COPYRIGHT([Copyright (C) 2014-2023 wolfSSL Inc.])
 AC_PREREQ([2.63])
 AC_INIT([wolfpkcs11],[1.1.0],[https://github.com/wolfssl/wolfpkcs11/issues],[wolfpkcs11],[http://www.wolfssl.com])
 AC_CONFIG_AUX_DIR([build-aux])
@@ -367,7 +367,7 @@ rm -f $OPTION_FILE
 echo "/* wolfpkcs11 options.h" > $OPTION_FILE
 echo " * generated from configure options" >> $OPTION_FILE
 echo " *" >> $OPTION_FILE
-echo " * Copyright (C) 2006-2021 wolfSSL Inc." >> $OPTION_FILE
+echo " * Copyright (C) 2006-2023 wolfSSL Inc." >> $OPTION_FILE
 echo " *" >> $OPTION_FILE
 echo " * * This file is part of wolfPKCS11." >> $OPTION_FILE
 echo " *" >> $OPTION_FILE
@@ -479,7 +479,7 @@ echo "   * AES:                        $ENABLED_AES"
 echo "   * AES-CBC:                    $ENABLED_AESCBC"
 echo "   * AES-GCM:                    $ENABLED_AESGCM"
 echo "   * MD5:                        $ENABLED_MD5"
-echo "   * SHA:                        $ENABLED_SHA"
+echo "   * SHA:                        $ENABLED_SHA1"
 echo "   * SHA-224:                    $ENABLED_SHA224"
 echo "   * SHA-256:                    $ENABLED_SHA256"
 echo "   * SHA-384:                    $ENABLED_SHA384"

src/crypto.c

@@ -1,6 +1,6 @@
 /* crypto.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfPKCS11.
  *
@@ -488,6 +488,7 @@ static CK_RV AddObject(WP11_Session* session, WP11_Object* object,
     return CKR_OK;
 }
 
+#ifndef NO_RSA
 /**
  * Create an RSA private key object in the session or on the token associated with the session.
  *
@@ -606,6 +607,7 @@ static CK_RV AddRSAPrivateKeyObject(WP11_Session* session,
 
     return rv;
 }
+#endif
 
 /**
  * Create an object in the session or on the token associated with the session.
@@ -3853,7 +3855,7 @@ CK_RV C_WrapKey(CK_SESSION_HANDLE hSession,
         return rv;
 
     switch (keyType) {
-
+#if !defined(NO_RSA) && !defined(WOLFPKCS11_NO_STORE)
         case CKK_RSA:
             ret = WP11_Rsa_SerializeKeyPTPKC8(key, NULL, &serialSize);
             if (ret != 0)
@@ -3868,17 +3870,17 @@ CK_RV C_WrapKey(CK_SESSION_HANDLE hSession,
                 rv = CKR_FUNCTION_FAILED;
                 goto err_out;
             }
-
             break;
+#endif
         default:
             rv = CKR_KEY_NOT_WRAPPABLE;
             goto err_out;
     }
 
     switch (pMechanism->mechanism) {
+#ifndef NO_AES
         /* These unwrap mechanisms can be supported with high level C_Encrypt */
         case CKM_AES_CBC_PAD:
-
             if (wrapkeyType != CKK_AES) {
                 rv = CKR_WRAPPING_KEY_TYPE_INCONSISTENT;
                 goto err_out;
@@ -3893,10 +3895,12 @@ CK_RV C_WrapKey(CK_SESSION_HANDLE hSession,
                 goto err_out;
 
             break;
+#endif
         default:
             rv = CKR_MECHANISM_INVALID;
             break;
     }
+    (void)pWrappedKey;
 
 err_out:
 
@@ -4024,11 +4028,12 @@ CK_RV C_UnwrapKey(CK_SESSION_HANDLE hSession,
     }
 
     switch (keyType) {
+#ifndef NO_RSA
         case CKK_RSA:
-
             rv = AddRSAPrivateKeyObject(session, pTemplate, ulAttributeCount,
                 workBuffer, ulUnwrappedLen, phKey);
             break;
+#endif
         default:
             rv = CKR_KEY_NOT_WRAPPABLE;
             goto err_out;

src/internal.c

@@ -1,6 +1,6 @@
 /* internal.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfPKCS11.
  *

src/slot.c

@@ -1,6 +1,6 @@
 /* slot.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfPKCS11.
  *

src/wolfpkcs11.c

@@ -1,6 +1,6 @@
 /* wolfpkcs11.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfPKCS11.
  *

tests/pkcs11mtt.c

@@ -1,6 +1,6 @@
 /* pkcs11mtt.c - unit tests
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfPKCS11.
  *