version: 2.1 # CircleCI doesn't handle large file sets properly for local builds # https://github.com/CircleCI-Public/circleci-cli/issues/281#issuecomment-472808051 localCheckout: &localCheckout run: |- git config --global --add safe.directory /tmp/_circleci_local_build_repo PROJECT_PATH=$(cd ${CIRCLE_WORKING_DIRECTORY}; pwd) mkdir -p ${PROJECT_PATH} cd /tmp/_circleci_local_build_repo git ls-files -z | xargs -0 -s 2090860 tar -c | tar -x -C ${PROJECT_PATH} cp -a /tmp/_circleci_local_build_repo/.git ${PROJECT_PATH} jobs: ubuntu: description: A template for running OQS-OpenSSL tests on x64 Ubuntu Docker VMs parameters: IMAGE: description: "docker image to use." type: string CMAKE_ARGS: description: "Arguments to pass to CMake." type: string OPENSSL_PREINSTALL: description: "OpenSSL version preinstalled." type: string docker: - image: << parameters.IMAGE >> steps: - setup_remote_docker - checkout # change this from "checkout" to "*localCheckout" when running CircleCI locally - run: name: Clone and build liboqs (<< parameters.CMAKE_ARGS >>) command: | git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git && cd liboqs && mkdir _build && cd _build && cmake -GNinja << parameters.CMAKE_ARGS >> -DCMAKE_INSTALL_PREFIX=$(pwd)/../../.local .. && ninja install && cd .. && cd .. && pwd - when: condition: not: equal: [ openssl@3, << parameters.OPENSSL_PREINSTALL >> ] steps: - run: name: Clone and build OpenSSL(3) command: | git clone --branch master git://git.openssl.org/openssl.git openssl && cd openssl && ./config --prefix=$(echo $(pwd)/../.local) && make -j 18 && make install_sw && cd .. - run: name: Build OQS-OpenSSL provider (<< parameters.CMAKE_ARGS >> with QSC encoding support) command: | mkdir _build && cd _build && cmake -GNinja << parameters.CMAKE_ARGS >> -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd .. - when: condition: equal: [ openssl@3, << parameters.OPENSSL_PREINSTALL >> ] steps: - run: name: Build OQS-OpenSSL provider (<< parameters.CMAKE_ARGS >> with QSC encoding support) command: | mkdir _build && cd _build && cmake -GNinja << parameters.CMAKE_ARGS >> -DUSE_ENCODING_LIB=ON -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd .. - run: name: Run tests command: | ./scripts/runtests.sh -V - run: name: Run tests (with encodings, positive and negative test) command: | ./scripts/runtests_encodings.sh -V > log if [ grep "Skipping testing of buggy OpenSSL" -eq 1 ]; then cat log ! OQS_ENCODING_DILITHIUM2=foo OQS_ENCODING_DILITHIUM2_ALGNAME=bar ./scripts/runtests.sh -V else cat log fi - run: name: Build OQS-OpenSSL provider (<< parameters.CMAKE_ARGS >>) with NOPUBKEY_IN_PRIVKEY and QSC encoding support command: | rm -rf _build && mkdir _build && cd _build && cmake -GNinja << parameters.CMAKE_ARGS >> -DNOPUBKEY_IN_PRIVKEY=ON -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja - run: name: Run tests (-DNOPUBKEY_IN_PRIVKEY=ON) command: | ./scripts/runtests.sh -V - run: name: Run tests (-DNOPUBKEY_IN_PRIVKEY=ON, with encodings, positive and negative test) command: | ./scripts/runtests_encodings.sh -V if [ grep "Skipping testing of buggy OpenSSL" -eq 1 ]; then cat log ! OQS_ENCODING_DILITHIUM2=foo OQS_ENCODING_DILITHIUM2_ALGNAME=bar ./scripts/runtests.sh -V else cat log fi macOS: description: A template for running tests on macOS parameters: CMAKE_ARGS: description: "Arguments to pass to CMake." type: string OPENSSL_PREINSTALL: description: "OpenSSL version preinstalled." type: string macos: xcode: "13.2.1" steps: - checkout # change this from "checkout" to "*localCheckout" when running CircleCI locally - run: name: Install dependencies command: env HOMEBREW_NO_AUTO_UPDATE=1 brew install cmake ninja << parameters.OPENSSL_PREINSTALL >> - run: name: Get system information command: sysctl -a | grep machdep.cpu && cc --version - run: name: Clone and build liboqs command: | git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git && export LIBOQS_INSTALLPATH=$(pwd)/.local && cd liboqs && mkdir _build && cd _build && cmake -GNinja -DCMAKE_INSTALL_PREFIX=$LIBOQS_INSTALLPATH << parameters.CMAKE_ARGS >> .. && ninja install && cd .. && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$LIBOQS_INSTALLPATH/lib" >> "$BASH_ENV" - when: condition: not: equal: [ openssl@3, << parameters.OPENSSL_PREINSTALL >> ] steps: - run: name: Clone and build OpenSSL(3) master command: | git clone --branch master git://git.openssl.org/openssl.git openssl && cd openssl && ./config --prefix=$(echo $(pwd)/../.local) && make -j 18 && make install_sw && cd .. - run: name: Build OQS-OpenSSL provider command: | export OPENSSL_INSTALL=$(pwd)/.local && mkdir _build && cd _build && cmake -GNinja -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local << parameters.CMAKE_ARGS >> .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV" - when: condition: equal: [ openssl@3, << parameters.OPENSSL_PREINSTALL >> ] steps: - run: name: Build OQS-OpenSSL provider command: | export OPENSSL_INSTALL=`brew config | grep HOMEBREW_PREFIX | sed -e "s/HOMEBREW_PREFIX: //g"`/opt/openssl@3 && mkdir _build && cd _build && liboqs_DIR=`pwd`/../.local cmake -GNinja -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV" && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$OPENSSL_INSTALL/lib" >> "$BASH_ENV" - run: name: Run tests command: | ./scripts/runtests.sh -V - run: name: Build OQS-OpenSSL provider with QSC encoding support command: | rm -rf _build && mkdir _build && cd _build && cmake -GNinja -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local << parameters.CMAKE_ARGS >> .. && ninja - run: name: Run tests command: | ./scripts/runtests.sh -V - run: name: Run tests (with encodings) command: | ./scripts/runtests_encodings.sh -V > log if [ grep "Skipping testing of buggy OpenSSL" -eq 1 ]; then cat log ! OQS_ENCODING_DILITHIUM2=foo OQS_ENCODING_DILITHIUM2_ALGNAME=bar ./scripts/runtests.sh -V else cat log fi workflows: version: 2.1 build: jobs: - ubuntu: name: ubuntu-focal context: openquantumsafe IMAGE: openquantumsafe/ci-ubuntu-focal-x86_64:latest CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=OFF OPENSSL_PREINSTALL: openssl@1 - ubuntu: name: ubuntu-jammy context: openquantumsafe IMAGE: openquantumsafe/ci-ubuntu-jammy:latest CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_ALGS_ENABLED=STD OPENSSL_PREINSTALL: openssl@3 - macOS: name: macOS-noopenssl CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=OFF OPENSSL_PREINSTALL: openssl - macOS: name: macOS-shared CMAKE_ARGS: -DBUILD_SHARED_LIBS=ON -DOQS_DIST_BUILD=OFF -DOQS_ENABLE_KEM_CLASSIC_MCELIECE=OFF OPENSSL_PREINSTALL: openssl@3