pax_global_header00006660000000000000000000000064151100446670014516gustar00rootroot0000000000000052 comment=b453e32b63cba57b0dff61ac3a5d0bc3d8442b08 rnp-0.18.1/000077500000000000000000000000001511004466700124045ustar00rootroot00000000000000rnp-0.18.1/.cirrus.yml000066400000000000000000000144551511004466700145250ustar00rootroot00000000000000# Copyright (c) 2023 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. freebsd_instance: image: freebsd-13-4-release-amd64 task: name: build only_if: $CIRRUS_BRANCH == 'main' || $CIRRUS_BRANCH =~ 'release/.*' || $CIRRUS_PR != '' skip: "!changesInclude('.cirrus.yml') && changesIncludeOnly('/*.sh', '/.*', '/_*', 'Brewfile', 'docs/**', '**.adoc', '**.md', '**.nix', 'flake.lock', 'version.txt', '.github/**') || $CIRRUS_CHANGE_MESSAGE =~ '.*skip ci.*'" env: matrix: - { CIRRUS_CLONE_SUBMODULES: true, CRYPTO_BACKEND: openssl, CRYPTO_LIB_INSTALL: openssl, SHARED_LIBS: on, RNP_LOG_CONSOLE: 1 } - { CIRRUS_CLONE_SUBMODULES: true, CRYPTO_BACKEND: botan, CRYPTO_LIB_INSTALL: botan3, SHARED_LIBS: on, RNP_LOG_CONSOLE: 1 } - { CIRRUS_CLONE_SUBMODULES: true, CRYPTO_BACKEND: botan, CRYPTO_LIB_INSTALL: botan3, SHARED_LIBS: off, RNP_LOG_CONSOLE: 1 } dependencies_script: | pkg install -y gcc cmake pkgconf googletest gnupg $CRYPTO_LIB_INSTALL json-c rubygem-asciidoctor user_script: | pw useradd -n rnpuser -m printf "\nrnpuser ALL=(ALL) NOPASSWD: ALL\n" > /usr/local/etc/sudoers.d/rnpuser chown -R rnpuser:rnpuser "$PWD" configure_script: | su rnpuser -c 'cmake . -B build \ -DBUILD_SHARED_LIBS=$SHARED_LIBS \ -DCMAKE_BUILD_TYPE=Release \ -DDOWNLOAD_GTEST=OFF \ -DCRYPTO_BACKEND=$CRYPTO_BACKEND' build_script: | su rnpuser -c 'cmake --build build --config Release --parallel $(sysctl -n hw.ncpu)' test_script: | su rnpuser -c 'mkdir -p build/Testing/Temporary' su rnpuser -c 'cp cmake/CTestCostData.txt build/Testing/Temporary' su rnpuser -c 'PATH=$PWD/build/src/lib:$PATH \ ctest --parallel $(sysctl -n hw.ncpu) --test-dir build -C Debug --output-on-failure' task: name: package_source only_if: $CIRRUS_BRANCH == 'main' || $CIRRUS_BRANCH =~ 'release/.*' || $CIRRUS_PR != '' skip: "!changesInclude('.cirrus.yml') && changesIncludeOnly('/*.sh', '/.*', '/_*', 'Brewfile', 'docs/**', '**.adoc', '**.md', '**.nix', 'flake.lock', '.github/**') || $CIRRUS_CHANGE_MESSAGE =~ '.*skip ci.*'" env: CIRRUS_CLONE_SUBMODULES: true dependencies_script: | pkg install -y gcc cmake pkgconf botan3 json-c rubygem-asciidoctor configure_script: | cmake . -B build \ -DBUILD_SHARED_LIBS=ON \ -DCMAKE_BUILD_TYPE=Release \ -DBUILD_TESTING=OFF \ -DCRYPTO_BACKEND=botan3 \ -DCMAKE_INSTALL_PREFIX=/usr package_script: | cpack -B build/source-pkg -G FREEBSD --config build/CPackSourceConfig.cmake package_source_artifacts: path: "build/source-pkg/*.pkg" tests_artifacts: path: "ci/tests/**" task: name: package_binary depends_on: [ package_source ] only_if: $CIRRUS_BRANCH == 'main' || $CIRRUS_BRANCH =~ 'release/.*' || $CIRRUS_PR != '' skip: "!changesInclude('.cirrus.yml') && changesIncludeOnly('/*.sh', '/.*', '/_*', 'Brewfile', 'docs/**', '**.adoc', '**.md', '**.nix', 'flake.lock', '.github/**') || $CIRRUS_CHANGE_MESSAGE =~ '.*skip ci.*'" clone_script: | echo "Not cloning rnp repo" dependencies_script: | pkg install -y wget unzip gcc cmake pkgconf botan3 json-c rubygem-asciidoctor bzip2 download_script: | wget -q https://api.cirrus-ci.com/v1/artifact/build/$CIRRUS_BUILD_ID/package_source.zip unzip package_source.zip pkg add --relocate "$PWD" "$(ls ./build/source-pkg/*.pkg)" configure_script: | cmake usr/local -B build \ -DBUILD_SHARED_LIBS=ON \ -DCMAKE_BUILD_TYPE=Release \ -DBUILD_TESTING=OFF \ -DCRYPTO_BACKEND=botan3 \ -DCMAKE_INSTALL_PREFIX=/usr build_script: | cmake --build build --config Release --parallel $(sysctl -n hw.ncpu) install_script: | cmake --install build package_script: | cpack -B build/binary-pkg -G FREEBSD --config build/CPackConfig.cmake package_binary_artifacts: path: "build/binary-pkg/*.pkg" task: name: test_binary depends_on: [ package_binary ] only_if: $CIRRUS_BRANCH == 'main' || $CIRRUS_BRANCH =~ 'release/.*' || $CIRRUS_PR != '' skip: "!changesInclude('.cirrus.yml') && changesIncludeOnly('/*.sh', '/.*', '/_*', 'Brewfile', 'docs/**', '**.adoc', '**.md', '**.nix', 'flake.lock', '.github/**') || $CIRRUS_CHANGE_MESSAGE =~ '.*skip ci.*'" clone_script: | echo "Not cloning rnp repo" dependencies_script: | pkg install -y bash wget git botan3 json-c bzip2 download_script: | wget -q https://api.cirrus-ci.com/v1/artifact/build/$CIRRUS_BUILD_ID/package_binary.zip unzip -j package_binary.zip download_tests_script: | wget -q https://api.cirrus-ci.com/v1/artifact/build/$CIRRUS_BUILD_ID/tests.zip unzip tests.zip setup_shunit_script: | git clone --depth 1 https://github.com/kward/shunit2 ci/tests/shunit2 test_script: | ln -s /usr/local/bin/bash /bin/bash chmod +x ci/tests/pkg-tests.sh ci/tests/pkg-tests.sh rnp-0.18.1/.clang-format000066400000000000000000000035461511004466700147670ustar00rootroot00000000000000--- Language: Cpp # BasedOnStyle: Mozilla AlignAfterOpenBracket: Align AlignConsecutiveAssignments: false AlignConsecutiveDeclarations: true AlignEscapedNewlinesLeft: true AlignOperands: true AlignTrailingComments: true AllowAllParametersOfDeclarationOnNextLine: true AllowShortBlocksOnASingleLine: false AllowShortCaseLabelsOnASingleLine: false AllowShortFunctionsOnASingleLine: None AllowShortIfStatementsOnASingleLine: false AllowShortLoopsOnASingleLine: false AlwaysBreakAfterDefinitionReturnType: All AlwaysBreakAfterReturnType: AllDefinitions AlwaysBreakBeforeMultilineStrings: false BinPackArguments: false BinPackParameters: false BraceWrapping: AfterControlStatement: false AfterEnum: false AfterFunction: true AfterStruct: false AfterUnion: false BeforeElse: false IndentBraces: false BreakBeforeBinaryOperators: None BreakBeforeBraces: Custom BreakBeforeTernaryOperators: false BreakStringLiterals: true ColumnLimit: 95 ContinuationIndentWidth: 2 DerivePointerAlignment: false DisableFormat: false ExperimentalAutoDetectBinPacking: false IncludeIsMainRegex: '$' IndentCaseLabels: false IndentWidth: 4 IndentWrappedFunctionNames: false KeepEmptyLinesAtTheStartOfBlocks: false MacroBlockBegin: '' MacroBlockEnd: '' MaxEmptyLinesToKeep: 1 PenaltyBreakBeforeFirstCallParameter: 19 PenaltyBreakComment: 300 PenaltyBreakString: 1000 PenaltyExcessCharacter: 1000000 PenaltyReturnTypeOnItsOwnLine: 200 PointerAlignment: Right ReflowComments: true SortIncludes: false SpaceAfterCStyleCast: true SpaceBeforeAssignmentOperators: true SpaceBeforeParens: ControlStatements SpaceInEmptyParentheses: false SpacesBeforeTrailingComments: 1 SpacesInContainerLiterals: true SpacesInCStyleCastParentheses: false SpacesInParentheses: false SpacesInSquareBrackets: false Standard: Auto TabWidth: 8 UseTab: Never ... rnp-0.18.1/.codespellrc000066400000000000000000000001161511004466700147020ustar00rootroot00000000000000[codespell] ignore-words-list = fpr,keypair,keypairs skip = src/tests/data/** rnp-0.18.1/.editorconfig000066400000000000000000000005731511004466700150660ustar00rootroot00000000000000# top-most EditorConfig file root = true # Unix-style newlines with a newline ending every file [*] end_of_line = lf insert_final_newline = true [*.{c,cpp,h{,.in}}] indent_style = space indent_size = 4 [*.{cmake{,.in},json,sh,yml}] indent_style = space indent_size = 2 [CMakeLists.txt] indent_style = space indent_size = 2 [*.{adoc,md}] indent_style = space indent_size = 2 rnp-0.18.1/.gitattributes000066400000000000000000000000211511004466700152700ustar00rootroot00000000000000.gitignore -text rnp-0.18.1/.github/000077500000000000000000000000001511004466700137445ustar00rootroot00000000000000rnp-0.18.1/.github/issue_template.md000066400000000000000000000003021511004466700173040ustar00rootroot00000000000000## Description Describe the problem here. ## Steps to Reproduce 1. 2. 3. ## Expected Behavior What is the expected behavior? ## Actual Behavior What behavior did you observe instead? rnp-0.18.1/.github/workflows/000077500000000000000000000000001511004466700160015ustar00rootroot00000000000000rnp-0.18.1/.github/workflows/centos-and-fedora.yml000066400000000000000000000372271511004466700220300ustar00rootroot00000000000000name: centos-and-fedora on: push: branches: - main - 'release/**' paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' - '.github/workflows/*.yml' - '!.github/workflows/centos-and-fedora.yml' pull_request: paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' cancel-in-progress: true env: CORES: 2 RNP_LOG_CONSOLE: 1 CODECOV_TOKEN: dbecf176-ea3f-4832-b743-295fd71d0fad jobs: tests: name: ${{ matrix.image.name }} [CC ${{ matrix.env.CC }}; backend ${{ matrix.image.backend }} ${{ matrix.image.botan_ver }}; gpg ${{ matrix.image.gpg_ver }}; build ${{ matrix.env.BUILD_MODE }}; SM2 ${{ matrix.image.sm2 }}; IDEA ${{ matrix.image.idea }}] runs-on: ubuntu-latest timeout-minutes: 120 strategy: fail-fast: false matrix: env: - { CC: gcc, CXX: g++, BUILD_MODE: normal, SHARED_LIBS: on } # normal --> Release build; sanitize --> Debug build so theoretically test conditions are different # - { CC: clang, CXX: clang++, BUILD_MODE: normal } - { CC: clang, CXX: clang++, BUILD_MODE: sanitize, SHARED_LIBS: on } # All cotainers have gpg stable and lts installed # centos-9-amd64 has botan 2.19.3 installed # fedora-39-amd64 has botan 2.19.4 installed # Any other version has to be built explicitly ! # Pls refer to https://github.com/rnpgp/rnp-ci-containers#readme for more image details image: - { name: 'CentOS 9', container: 'centos-9-amd64', backend: 'Botan', botan_ver: 'system', gpg_ver: 'system' } - { name: 'CentOS 9', container: 'centos-9-amd64', backend: 'Botan', botan_ver: 'system', sm2: Off, gpg_ver: 'lts' } - { name: 'Fedora 39', container: 'fedora-39-amd64', backend: 'Botan', botan_ver: 'system', gpg_ver: 'system' } - { name: 'Fedora 40', container: 'fedora-40-amd64', backend: 'Botan', botan_ver: 'system', gpg_ver: 'system' } - { name: 'Fedora 40', container: 'fedora-40-amd64', backend: 'Botan', botan_ver: '3.1.1', gpg_ver: 'system' } - { name: 'Fedora 40', container: 'fedora-40-amd64', backend: 'Botan', botan_ver: 'head', gpg_ver: 'system' } - { name: 'Fedora 40', container: 'fedora-40-amd64', backend: 'Botan', botan_ver: '3.3.0', pqc: On, gpg_ver: 'system' } - { name: 'CentOS 9', container: 'centos-9-amd64', backend: 'OpenSSL', gpg_ver: 'lts' } - { name: 'Fedora 39', container: 'fedora-39-amd64', backend: 'OpenSSL', gpg_ver: 'system' } - { name: 'Fedora 40', container: 'fedora-40-amd64', backend: 'OpenSSL', gpg_ver: 'system' } - { name: 'RHEL 8', container: 'redhat-8-ubi', backend: 'OpenSSL', gpg_ver: 'system' } - { name: 'RHEL 9', container: 'redhat-9-ubi', backend: 'OpenSSL', gpg_ver: 'system' } include: # Coverage report for Botan 2.x backend - image: { name: 'CentOS 9 Coverage', container: 'centos-9-amd64', gpg_ver: stable, backend: Botan, botan_ver: 'system' } env: { CC: gcc, CXX: g++, BUILD_MODE: coverage, SHARED_LIBS: on } # Coverage report for Botan 3.x backend - image: { name: 'Fedora 40 Coverage', container: 'fedora-40-amd64', gpg_ver: stable, backend: Botan, botan_ver: '3.3.0' } env: { CC: gcc, CXX: g++, BUILD_MODE: coverage, SHARED_LIBS: on } # Coverage report for OpenSSL 3.0 backend - image: { name: 'Fedora 40 Coverage', container: 'fedora-40-amd64', gpg_ver: stable, backend: OpenSSL } env: { CC: gcc, CXX: g++, BUILD_MODE: coverage, SHARED_LIBS: on } # Coverage report for OpenSSL 3.0 backend with disabled algos - image: { name: 'Fedora 40 Coverage', container: 'fedora-40-amd64', gpg_ver: stable, backend: OpenSSL, idea: Off, sm2: Off, two: Off, blow: Off, rmd: Off, bp: Off } env: { CC: gcc, CXX: g++, BUILD_MODE: coverage, SHARED_LIBS: on } # Coverage report for Botan backend with disabled algos - image: { name: 'Fedora 40 Coverage', container: 'fedora-40-amd64', gpg_ver: stable, backend: Botan, idea: Off, sm2: Off, two: Off, blow: Off, rmd: Off, bp: Off } env: { CC: gcc, CXX: g++, BUILD_MODE: coverage, SHARED_LIBS: on } # Coverage report for OpenSSL 1.1.1 backend within RHEL 8 - image: { name: 'RHEL 8 Coverage', container: 'redhat-8-ubi', gpg_ver: stable, backend: OpenSSL } env: { CC: gcc, CXX: g++, BUILD_MODE: coverage, SHARED_LIBS: on } # Coverage report for PQC - not running yet due to very low coverage #- image: { name: 'Fedora 40 PQC Coverage', container: 'fedora-40-amd64', gpg_ver: stable, backend: Botan, botan_ver: '3.3.0', pqc: On } # env: { CC: gcc, CXX: g++, BUILD_MODE: coverage, SHARED_LIBS: off } container: ghcr.io/rnpgp/ci-rnp-${{ matrix.image.container }} env: ${{ matrix.env }} steps: - name: Checkout uses: actions/checkout@v4 with: submodules: true - name: Setup environment run: | set -o errexit -o pipefail -o noclobber -o nounset /opt/tools/tools.sh select_crypto_backend_for_gha ${{ matrix.image.backend }} /opt/tools/tools.sh select_gpg_version_for_gha ${{ matrix.image.gpg_ver }} /opt/tools/tools.sh select_botan_version_for_gha ${{ matrix.image.botan_ver }} echo "ENABLE_SM2=${{ matrix.image.sm2 }}" >> $GITHUB_ENV echo "ENABLE_IDEA=${{ matrix.image.idea }}" >> $GITHUB_ENV echo "ENABLE_TWOFISH=${{ matrix.image.two }}" >> $GITHUB_ENV echo "ENABLE_BLOWFISH=${{ matrix.image.blow }}" >> $GITHUB_ENV echo "ENABLE_RIPEMD160=${{ matrix.image.rmd }}" >> $GITHUB_ENV echo "ENABLE_BRAINPOOL=${{ matrix.image.bp }}" >> $GITHUB_ENV echo "ENABLE_PQC=${{ matrix.image.pqc }}" >> $GITHUB_ENV echo CORES="$(nproc --all)" >> $GITHUB_ENV useradd rnpuser printf "\nrnpuser\tALL=(ALL)\tNOPASSWD:\tALL" > /etc/sudoers.d/rnpuser printf "\nrnpuser\tsoft\tnproc\tunlimited\n" > /etc/security/limits.d/30-rnpuser.conf # Need to build HEAD version since it is always different - name: Build gpg head if: matrix.image.gpg_ver == 'head' run: /opt/tools/tools.sh build_and_install_gpg head - name: Build botan head if: matrix.image.botan_ver == 'head' run: | /opt/tools/tools.sh build_and_install_botan head - name: Configure run: | set -o errexit -o pipefail -o noclobber -o nounset [[ "${{ env.BUILD_MODE }}" = "coverage" ]] && cov_opt=(-DENABLE_COVERAGE=yes) [[ "${{ env.BUILD_MODE }}" = "sanitize" ]] && san_opt=(-DENABLE_SANITIZERS=yes) [ -n "$ENABLE_SM2" ] && sm2_opt=(-DENABLE_SM2="$ENABLE_SM2") [ -n "$ENABLE_IDEA" ] && idea_opt=(-DENABLE_IDEA="$ENABLE_IDEA") [ -n "$ENABLE_TWOFISH" ] && two_opt=(-DENABLE_TWOFISH="$ENABLE_TWOFISH") [ -n "$ENABLE_BLOWFISH" ] && blow_opt=(-DENABLE_BLOWFISH="$ENABLE_BLOWFISH") [ -n "$ENABLE_RIPEMD160" ] && rmd_opt=(-DENABLE_RIPEMD160="$ENABLE_RIPEMD160") [ -n "$ENABLE_BRAINPOOL" ] && bp_opt=(-DENABLE_BRAINPOOL="$ENABLE_BRAINPOOL") [ -n "$ENABLE_PQC" ] && pqc_opt=(-DENABLE_PQC="$ENABLE_PQC" -DENABLE_CRYPTO_REFRESH="$ENABLE_PQC") cmake -B build \ -DBUILD_SHARED_LIBS=${{ env.SHARED_LIBS }} \ -DDOWNLOAD_GTEST=ON \ -DCMAKE_BUILD_TYPE=Release \ -DCRYPTO_BACKEND=${{ matrix.image.backend }} \ ${sm2_opt:-} ${idea_opt:-} ${two_opt:-} ${blow_opt:-} ${rmd_opt:-} ${bp_opt:-} ${pqc_opt[@]:-} ${cov_opt:-} ${san_opt:-} . - name: Build run: cmake --build build --parallel ${{ env.CORES }} - name: Test run: | mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" chown -R rnpuser:rnpuser $PWD exec su rnpuser -c "ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" - name: Coverage if: env.BUILD_MODE == 'coverage' run: | curl https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring --keyring trustedkeys.gpg --import # One-time step curl -Os https://uploader.codecov.io/latest/linux/codecov curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig gpgv codecov.SHA256SUM.sig codecov.SHA256SUM shasum -a 256 -c codecov.SHA256SUM chmod +x codecov find "build" -type f -name '*.gcno' -exec gcov -p {} + ./codecov - name: Install if: env.BUILD_MODE != 'coverage' && env.SHARED_LIBS == 'on' run: cmake --install build - name: Checkout shell test framework if: env.BUILD_MODE != 'coverage' && env.SHARED_LIBS == 'on' uses: actions/checkout@v4 with: repository: kward/shunit2 path: ci/tests/shunit2 - name: Run additional ci tests if: env.BUILD_MODE != 'coverage' && env.SHARED_LIBS == 'on' run: RNP_INSTALL=/usr/local ci/tests/ci-tests.sh package-source: runs-on: ubuntu-latest container: ghcr.io/rnpgp/ci-rnp-${{ matrix.image.container }} timeout-minutes: 30 # needs: tests strategy: fail-fast: false matrix: image: - { name: 'CentOS 9', container: 'centos-9-amd64' } - { name: 'Fedora 39', container: 'fedora-39-amd64' } - { name: 'Fedora 40', container: 'fedora-40-amd64' } name: Package ${{ matrix.image.name }} SRPM steps: - name: Install rpm tools run: yum -y install rpm-build - name: Checkout uses: actions/checkout@v4 with: submodules: true - name: Configure run: cmake -B build -DBUILD_SHARED_LIBS=ON -DBUILD_TESTING=OFF - name: Package SRPM run: cpack -B build/SRPM -G RPM --config build/CPackSourceConfig.cmake - name: Upload SRPM uses: actions/upload-artifact@v4 with: name: 'SRPM ${{ matrix.image.name }}' path: 'build/SRPM/*.src.rpm' retention-days: 5 - name: Stash packaging tests uses: actions/upload-artifact@v4 with: name: 'tests-${{ matrix.image.name }}' path: 'ci/tests/**' retention-days: 1 package: runs-on: ubuntu-latest container: ghcr.io/rnpgp/ci-rnp-${{ matrix.image.container }} timeout-minutes: 30 needs: package-source strategy: fail-fast: false matrix: image: - { name: 'CentOS 9', container: 'centos-9-amd64' } - { name: 'Fedora 39', container: 'fedora-39-amd64' } - { name: 'Fedora 40', container: 'fedora-40-amd64' } name: Package ${{ matrix.image.name }} RPM steps: - name: Install rpm tools run: yum -y install rpm-build - name: Download SRPM uses: actions/download-artifact@v4 with: name: 'SRPM ${{ matrix.image.name }}' path: ~/rpmbuild/SRPMS - name: Extract SRPM run: | rpm -i -v ~/rpmbuild/SRPMS/*.src.rpm tar xzf ~/rpmbuild/SOURCES/*.tar.gz --strip 1 -C ~/rpmbuild/SOURCES - name: Build rnp run: | cmake ~/rpmbuild/SOURCES -B ~/rpmbuild/SOURCES/BUILD -DBUILD_SHARED_LIBS=ON -DBUILD_TESTING=OFF \ -DCMAKE_INSTALL_PREFIX=/usr cmake --build ~/rpmbuild/SOURCES/BUILD --config Release - name: Package rpm run: cpack -G RPM -B ~/rpmbuild/SOURCES/RPMS --config ~/rpmbuild/SOURCES/BUILD/CPackConfig.cmake - name: Upload Artifact uses: actions/upload-artifact@v4 with: name: 'RPM ${{ matrix.image.name}}' path: '~/rpmbuild/SOURCES/RPMS/*.rpm' retention-days: 5 # The main purpose of this step is to test the RPMS in a pristine environment (as for the end user). # ci-scripts are deliberately not used, as they recreate the development environment, # and this is something we proudly reject here rpm-tests: runs-on: ubuntu-latest needs: package container: ${{ matrix.image.container }} timeout-minutes: 30 strategy: fail-fast: false matrix: image: - { name: 'CentOS 9', container: 'quay.io/centos/centos:stream9' } # Fedora 39 is disabled since it has cmake issue which prevents man pages to be packaged. # Please see package step for error message. #- { name: 'Fedora 39', container: 'fedora:39' } - { name: 'Fedora 40', container: 'fedora:40' } name: RPM test on ${{ matrix.image.name }} steps: - name: Install prerequisites run: yum -y install sudo wget binutils # Fedora 39/40 packages depend on botan.so.19 that comes Fedora package, that is available by default # CentOS 9 depend on botan.so.19 and needs EPEL9 repo that needs to be installed - name: Install epel-release if: matrix.image.container == 'quay.io/centos/centos:stream9' run: | sudo dnf -y install 'dnf-command(config-manager)' sudo dnf config-manager --set-enabled crb sudo dnf -y install epel-release - name: Install xargs if: matrix.image.container == 'fedora:39' run: sudo yum -y install findutils - name: Download rnp rpms uses: actions/download-artifact@v4 with: name: 'RPM ${{ matrix.image.name}}' - name: Checkout shell test framework uses: actions/checkout@v4 with: repository: kward/shunit2 path: ci/tests/shunit2 - name: Unstash tests if: matrix.image.container != 'centos:7' uses: actions/download-artifact@v4 with: name: tests-${{ matrix.image.name }} path: ci/tests - name: Run rpm tests # RPM tests # - no source checkout or upload [we get only test scripts from the previous step using GHA artifacts] # - no environment set up with rnp scripts # - no dependencies setup, we test that yum can install whatever is required run: | chmod +x ci/tests/rpm-tests.sh ci/tests/rpm-tests.sh - name: Run symbol visibility tests run: | chmod +x ci/tests/ci-tests.sh sudo yum -y localinstall librnp0-0*.*.rpm librnp0-devel-0*.*.rpm rnp0-0*.*.rpm ci/tests/ci-tests.sh sudo yum -y erase $(rpm -qa | grep rnp) - name: Setup minimalistic build environment run: | sudo yum -y install make gcc gcc-c++ zlib-devel bzip2-devel botan2-devel mkdir cmake wget https://github.com/Kitware/CMake/releases/download/v3.12.0/cmake-3.12.0-Linux-x86_64.sh -O cmake/cmake.sh sudo sh cmake/cmake.sh --skip-license --prefix=/usr/local # el8, el9, fr35, fr36 provide json-c-devel (version 12+) - name: Setup json-c run: sudo yum -y install json-c-devel - name: Run packaging tests run: | chmod +x ci/tests/pk-tests.sh ci/tests/pk-tests.sh rnp-0.18.1/.github/workflows/codeql.yml000066400000000000000000000046221511004466700177770ustar00rootroot00000000000000name: "CodeQL" on: push: branches: [ "main" ] pull_request: branches: [ "main" ] schedule: - cron: "21 15 * * 6" jobs: analyze: name: Analyze runs-on: ubuntu-latest permissions: actions: read contents: read security-events: write strategy: fail-fast: false matrix: language: [ python, cpp ] steps: - name: Checkout uses: actions/checkout@v4 with: submodules: true - name: Install Packages (cpp) if: ${{ matrix.language == 'cpp' }} run: | sudo apt-get update sudo apt-get install --yes libbz2-dev libjson-c-dev libgtest-dev - name: After Prepare (cpp) if: ${{ matrix.language == 'cpp' }} run: | set -eux mkdir botan_build mkdir botan_install export BOTAN_INSTALL=$(pwd)/botan_install && echo "BOTAN_INSTALL=$BOTAN_INSTALL" >> $GITHUB_ENV export BOTAN_MODULES=$(<$(pwd)/ci/botan-modules tr '\n' ',') && echo "BOTAN_MODULES=$BOTAN_MODULES" >> $GITHUB_ENV git clone --depth 1 --branch 2.17.3 https://github.com/randombit/botan botan_build pushd botan_build ./configure.py --prefix=${BOTAN_INSTALL} --with-debug-info --cxxflags="-fno-omit-frame-pointer" --without-documentation --without-openssl --build-targets=shared --minimized-build --enable-modules="$BOTAN_MODULES" make -j2 install popd mkdir cmake314 wget --quiet -O - https://cmake.org/files/v3.18/cmake-3.18.6-Linux-x86_64.tar.gz | tar --strip-components=1 -xz -C cmake314 export PATH=$(pwd)/cmake314/bin:${PATH} && echo "PATH=$PATH" >> $GITHUB_ENV - name: Initialize CodeQL uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} queries: +security-and-quality - name: Autobuild uses: github/codeql-action/autobuild@v3 if: ${{ matrix.language == 'python' }} - name: Build cpp if: ${{ matrix.language == 'cpp' }} run: | pwd mkdir rnp-build; pushd rnp-build cmake $GITHUB_WORKSPACE -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_PREFIX_PATH="${BOTAN_INSTALL}" -DDOWNLOAD_GTEST=Off make -j2 - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: category: "/language:${{ matrix.language }}" rnp-0.18.1/.github/workflows/coverity.yml000066400000000000000000000022751511004466700203760ustar00rootroot00000000000000name: coverity on: schedule: # every day at 9:00 UTC - cron: '0 9 * * *' workflow_dispatch: jobs: scan: runs-on: ubuntu-latest container: image: ubuntu:25.04 timeout-minutes: 20 steps: - name: Install dependencies run: | apt-get -y update apt-get -y install git bash build-essential autoconf automake clang cmake \ zlib1g-dev libbz2-dev libjson-c-dev libbotan-3-dev asciidoctor curl - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 1 submodules: true - name: Configure run: | echo CORES="$(nproc --all)" >> $GITHUB_ENV cmake -B build -DBUILD_SHARED_LIBS=ON \ -DCRYPTO_BACKEND=botan \ -DDOWNLOAD_GTEST=Off \ -DBUILD_TESTING=Off \ -DCMAKE_BUILD_TYPE=Release . - name: Coverity Scan uses: vapier/coverity-scan-action@v1 with: email: packaging@ribose.com token: ${{ secrets.COVERITY_SCAN_TOKEN }} command: cmake --build build --parallel $CORES rnp-0.18.1/.github/workflows/debian.yml000066400000000000000000000076011511004466700177520ustar00rootroot00000000000000name: debian on: push: branches: - main - 'release/**' paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' - '.github/workflows/*.yml' - '!.github/workflows/debian.yml' pull_request: paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' cancel-in-progress: true env: CORES: 2 LANG: C.UTF-8 LC_ALL: C.UTF-8 LC_LANG: C.UTF-8 RNP_LOG_CONSOLE: 1 jobs: tests: name: ${{ matrix.image.container }} [CC ${{ matrix.env.CC }}; backend ${{ matrix.image.backend }}; GnuPG system-shipped] runs-on: ubuntu-latest if: "!contains(github.event.head_commit.message, 'skip ci')" timeout-minutes: 120 strategy: fail-fast: false matrix: image: - { container: 'debian-10-i386', cpu: 'i386', backend: 'botan' } - { container: 'debian-11-i386', cpu: 'i386', backend: 'botan' } - { container: 'debian-11-i386', cpu: 'i386', backend: 'openssl' } - { container: 'debian-11-amd64', cpu: 'x86_64', backend: 'botan' } - { container: 'debian-11-amd64', cpu: 'x86_64', backend: 'openssl' } - { container: 'debian-12-amd64', cpu: 'x86_64', backend: 'botan' } - { container: 'debian-12-amd64', cpu: 'x86_64', backend: 'openssl' } - { container: 'debian-13-amd64', cpu: 'x86_64', backend: 'botan3' } - { container: 'debian-13-amd64', cpu: 'x86_64', backend: 'openssl' } - { container: 'debian-13-amd64', cpu: 'x86_64', backend: 'botan3', pqc: 'On' } - { container: 'debian-13-i386', cpu: 'i386', backend: 'botan3', pqc: 'On' } env: - { CC: 'gcc', CXX: 'g++' } - { CC: 'clang', CXX: 'clang++' } container: ghcr.io/rnpgp/ci-rnp-${{ matrix.image.container }} env: ${{ matrix.env }} steps: - name: Checkout uses: actions/checkout@v4 with: submodules: true - name: Setup environment shell: bash # rnpuser is only needed for rnpkeys_generatekey_verifykeyHomeDirNoPermission test run: | echo "ENABLE_PQC=${{ matrix.image.pqc }}" >> $GITHUB_ENV useradd rnpuser printf "\nrnpuser\tALL=(ALL)\tNOPASSWD:\tALL" > /etc/sudoers.d/rnpuser printf "\nrnpuser\tsoft\tnproc\tunlimited\n" > /etc/security/limits.d/30-rnpuser.conf - name: Configure shell: bash run: | set -eux [ -n "$ENABLE_PQC" ] && pqc_opt=(-DENABLE_PQC="$ENABLE_PQC" -DENABLE_CRYPTO_REFRESH="$ENABLE_PQC") cmake -B build \ -DBUILD_SHARED_LIBS=ON \ -DCRYPTO_BACKEND=${{ matrix.image.backend }} \ -DDOWNLOAD_GTEST=ON \ -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_CXX_FLAGS_RELEASE="-UNDEBUG" \ -DCMAKE_C_FLAGS_RELEASE="-UNDEBUG" \ ${pqc_opt[@]:-} - name: Build run: cmake --build build --parallel ${{ env.CORES }} -- VERBOSE=1 - name: Test run: | mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" chown -R rnpuser:rnpuser $PWD exec su rnpuser -c "ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" - name: Package run: cpack -G DEB -B debian --config build/CPackConfig.cmake rnp-0.18.1/.github/workflows/dispatch.yml000066400000000000000000000036301511004466700203250ustar00rootroot00000000000000# Copyright (c) 2023 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. name: dispatch on: push: branches: - main - 'release/**' workflow_dispatch: jobs: dispatch: name: Dispatch dependent repositories strategy: fail-fast: false matrix: repo: [ 'ruby-rnp', 'php-rnp', 'py-rnp' ] runs-on: ubuntu-latest steps: - name: Dispatch dependent repositories uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RNP_CI_PAT_TOKEN }} repository: rnpgp/${{ matrix.repo }} event-type: 'rnp update' client-payload: '{ "tag": "${{ github.ref_name }}" }' rnp-0.18.1/.github/workflows/fuzzing.yml000066400000000000000000000017231511004466700202230ustar00rootroot00000000000000name: fuzzing on: pull_request: paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' cancel-in-progress: true jobs: fuzzing: runs-on: ubuntu-latest steps: - name: Build Fuzzers id: build uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master with: oss-fuzz-project-name: 'rnp' dry-run: false - name: Run Fuzzers uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master with: oss-fuzz-project-name: 'rnp' fuzz-seconds: 300 dry-run: false - name: Upload Crash uses: actions/upload-artifact@v4 if: failure() && steps.build.outcome == 'success' with: name: artifacts path: ./out/artifacts rnp-0.18.1/.github/workflows/lint.yml000066400000000000000000000040441511004466700174740ustar00rootroot00000000000000name: lint on: push: branches: - main pull_request: paths-ignore: - '/.*' - '/_*' - '!.clang-format' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' jobs: clang-format: runs-on: ubuntu-latest if: "!contains(github.event.head_commit.message, 'skip ci')" steps: - uses: actions/checkout@v4 with: fetch-depth: 1 submodules: true - uses: DoozyX/clang-format-lint-action@v0.18.2 with: clangFormatVersion: 11.0.0 shellcheck: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: fetch-depth: 1 submodules: true - uses: ludeeus/action-shellcheck@master with: scandir: './ci' env: SHELLCHECK_OPTS: -x typos: runs-on: ubuntu-latest steps: - name: Checkout Actions Repository uses: actions/checkout@v4 with: fetch-depth: 1 submodules: true - uses: crate-ci/typos@master version-cmake-up-to-date: runs-on: ubuntu-latest if: "!contains(github.event.head_commit.message, 'skip ci')" timeout-minutes: 10 steps: - uses: actions/checkout@v4 with: fetch-depth: 1 path: rnp - name: Download latest version.cmake uses: actions/checkout@v4 with: repository: rnpgp/cmake-versioning fetch-depth: 1 path: cmake-versioning - name: Compare run: | set -x diff "rnp/cmake/version.cmake" "cmake-versioning/version.cmake" version-text: runs-on: ubuntu-latest if: "!contains(github.event.head_commit.message, 'skip ci')" timeout-minutes: 3 steps: - uses: actions/checkout@v4 with: fetch-depth: 1 path: rnp sparse-checkout: version.txt - name: Check version.txt contents run: | set -eux pwd [[ "$(cat ./rnp/version.txt)" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; rnp-0.18.1/.github/workflows/macos.yml000066400000000000000000000153451511004466700176360ustar00rootroot00000000000000# Copyright (c) 2023-2024 [Ribose Inc](https://www.ribose.com). # All rights reserved. # This file is a part of rnp # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. name: macos on: push: branches: - main - 'release/**' paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' - '.github/workflows/*.yml' - '!.github/workflows/macos.yml' pull_request: paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' cancel-in-progress: true env: BOTAN_VERSION: 2.19.4 CORES: 3 jobs: tests: name: ${{ matrix.os }} [ backend ${{ matrix.backend }}, shared libs ${{ matrix.shared_libs }} ] runs-on: ${{ matrix.os }} strategy: fail-fast: false matrix: # On MacOS gcc is alias of clang these days os: [ macos-13, macos-14 ] backend: [ 'botan' ] shared_libs: [ 'on' ] include: - { os: 'macos-13', backend: 'openssl@1.1', shared_libs: 'on' } - { os: 'macos-14', backend: 'openssl@3', shared_libs: 'on' } - { os: 'macos-14', backend: 'botan', shared_libs: 'off' } - { os: 'macos-14', backend: 'botan3', shared_libs: 'on' } if: "!contains(github.event.head_commit.message, 'skip ci')" timeout-minutes: 250 steps: - uses: actions/checkout@v4 with: fetch-depth: 1 submodules: true - name: Configure openssl 1.1 backend if: matrix.backend == 'openssl@1.1' run: | echo "brew \"openssl@1.1\"" >> Brewfile echo "OPENSSL_ROOT_DIR=$(brew --prefix openssl@1.1)" >> $GITHUB_ENV echo "CRYPTO_BACKEND=openssl" >> $GITHUB_ENV # Harsh workaround against CLang adding /usr/local/include path, where OpenSSL 3.0 headers are rm -r /usr/local/include/openssl - name: Configure openssl 3 backend if: matrix.backend == 'openssl@3' run: | echo "brew \"openssl@3\"" >> Brewfile echo "OPENSSL_ROOT_DIR=$(brew --prefix openssl@3)" >> $GITHUB_ENV echo "CRYPTO_BACKEND=openssl" >> $GITHUB_ENV - name: Install dependencies run: | brew bundle -f - name: Botan2 cache id: cache uses: actions/cache@v4 if: matrix.backend == 'botan' with: path: Botan-${{ env.BOTAN_VERSION }} key: ${{ matrix.os }}-Botan-${{ env.BOTAN_VERSION }} - name: Build Botan2 if: matrix.backend == 'botan' && steps.cache.outputs.cache-hit != 'true' run: | wget -qO- https://botan.randombit.net/releases/Botan-${{ env.BOTAN_VERSION }}.tar.xz | tar xvJ cd Botan-${{ env.BOTAN_VERSION }} ./configure.py --prefix=/usr/local make cd .. - name: Install Botan2 if: matrix.backend == 'botan' run: | cd Botan-${{ env.BOTAN_VERSION }} sudo make install cd .. - name: Install Botan3 if: matrix.backend == 'botan3' run: | brew install botan - name: Configure run: | echo "CORES=$(sysctl -n hw.ncpu)" >> $GITHUB_ENV echo "RNP_INSTALL=$PWD/rnp-install" >> $GITHUB_ENV cmake -B build -DBUILD_SHARED_LIBS=${{ matrix.shared_libs }} \ -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_INSTALL_PREFIX="$PWD/rnp-install" \ -DDOWNLOAD_GTEST=OFF \ -DCMAKE_CXX_FLAGS="-DS2K_MINIMUM_TUNING_RATIO=4"\ -DCRYPTO_BACKEND=${{ env.CRYPTO_BACKEND }} . - name: Build run: cmake --build build --config Release --parallel ${{ env.CORES }} - name: Install run: cmake --install build - name: Test run: | mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" ctest --parallel ${{ env.CORES }} --test-dir build -C Debug --output-on-failure - name: Configure and build with botan-config.cmake if: matrix.backend == 'botan3' run: | rm -rf build rm -rf ./cmake/Modules/FindBotan.cmake shopt -s nullglob files=(/opt/homebrew/lib/cmake/Botan-*/botan-config.cmake) shopt -u nullglob if [[ ${#files[@]} -eq 0 ]]; then echo "Error: No botan-config.cmake found." >&2 exit 1 fi brew install asciidoctor cmake -B build -DBUILD_SHARED_LIBS=${{ matrix.shared_libs }} \ -DCMAKE_BUILD_TYPE=Release \ -DDOWNLOAD_GTEST=OFF \ -DCRYPTO_BACKEND=botan3 . cmake --build build --config Release --parallel ${{ env.CORES }} sudo cmake --install build - name: Checkout shell test framework if: matrix.shared_libs == 'on' uses: actions/checkout@v4 with: repository: kward/shunit2 path: ci/tests/shunit2 - name: Run additional ci tests if: matrix.shared_libs == 'on' run: zsh -o shwordsplit -- ci/tests/ci-tests.sh rnp-0.18.1/.github/workflows/nix.yml000066400000000000000000000021471511004466700173260ustar00rootroot00000000000000name: nix on: push: branches: - main - 'release/**' paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'docs/**' - '**.adoc' - '**.md' - 'ci/**' - '.github/workflows/*.yml' - '!.github/workflows/nix.yml' pull_request: paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'docs/**' - '**.adoc' - '**.md' - 'ci/**' jobs: build: runs-on: ${{ matrix.os }} strategy: fail-fast: false matrix: os: [ubuntu-latest, macos-latest] if: "!contains(github.event.head_commit.message, 'skip ci')" steps: - uses: actions/checkout@v4 with: fetch-depth: 1 submodules: true - name: Install Nix (Linux) if: runner.os == 'Linux' uses: cachix/install-nix-action@v31 with: nix_path: nixpkgs=channel:nixos-unstable - name: Install Nix (macOS) if: runner.os == 'macOS' uses: cachix/install-nix-action@v31 with: nix_path: nixpkgs=channel:nixos-unstable - run: nix build .?submodules=1 rnp-0.18.1/.github/workflows/opensuse.yml000066400000000000000000000063421511004466700203720ustar00rootroot00000000000000name: opensuse on: push: branches: - main - 'release/**' paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' - '.github/workflows/*.yml' - '!.github/workflows/opensuse.yml' pull_request: paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' cancel-in-progress: true env: CORES: 2 LANG: C.UTF-8 LC_ALL: C.UTF-8 LC_LANG: C.UTF-8 RNP_LOG_CONSOLE: 1 jobs: tests: name: ${{ matrix.image.container }} [CC ${{ matrix.env.CC }}; backend ${{ matrix.image.backend }}; GnuPG system-shipped] runs-on: ubuntu-latest if: "!contains(github.event.head_commit.message, 'skip ci')" timeout-minutes: 120 strategy: fail-fast: false matrix: image: - { container: 'opensuse-leap', backend: 'botan' } - { container: 'opensuse-tumbleweed', backend: 'openssl', cxx_std: '17' } - { container: 'opensuse-tumbleweed', backend: 'botan', cxx_std: '17' } env: - { CC: 'gcc', CXX: 'g++' } - { CC: 'clang', CXX: 'clang++' } container: ghcr.io/rnpgp/ci-rnp-${{ matrix.image.container }} env: ${{ matrix.env }} steps: - name: Checkout uses: actions/checkout@v4 with: submodules: true - name: Setup environment shell: bash # rnpuser is only needed for rnpkeys_generatekey_verifykeyHomeDirNoPermission test run: | echo "CXX_STD=${{ matrix.image.cxx_std }}" >> $GITHUB_ENV groupadd rnpuser useradd -g rnpuser -m rnpuser printf "\nrnpuser\tALL=(ALL)\tNOPASSWD:\tALL" > /etc/sudoers.d/rnpuser if [ -d /etc/security/limits.d ]; then printf "\nrnpuser\tsoft\tnproc\tunlimited\n" > /etc/security/limits.d/30-rnpuser.conf fi - name: Configure shell: bash run: | set -eux [ -n "$CXX_STD" ] && cxx_opt=(-DCMAKE_CXX_STANDARD=${CXX_STD}) cmake -B build \ -DBUILD_SHARED_LIBS=ON \ -DCRYPTO_BACKEND=${{ matrix.image.backend }} \ -DDOWNLOAD_GTEST=Off \ -DCMAKE_CXX_FLAGS_RELEASE="-UNDEBUG" \ -DCMAKE_C_FLAGS_RELEASE="-UNDEBUG" \ ${cxx_opt[@]:-} \ -DCMAKE_BUILD_TYPE=Release . - name: Build run: cmake --build build --parallel ${{ env.CORES }} - name: Test run: | mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" chown -R rnpuser:rnpuser $PWD exec su rnpuser -c "ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" rnp-0.18.1/.github/workflows/time-machine.yml000066400000000000000000000152501511004466700210670ustar00rootroot00000000000000# Copyright (c) 2024 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. name: time-machine on: push: branches: - main paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' - '.github/workflows/*.yml' - '!.github/workflows/time-machine.yml' pull_request: paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' - '.github/workflows/*.yml' - '!.github/workflows/time-machine.yml' workflow_dispatch: concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' cancel-in-progress: true env: RNP_LOG_CONSOLE: 1 jobs: build: name: ${{ matrix.image.name }} [CC ${{ matrix.env.CC }}; backend ${{ matrix.image.backend }}] runs-on: ubuntu-latest timeout-minutes: 120 strategy: fail-fast: false matrix: env: - { CC: clang, CXX: clang++ } # This workflow keeps all capabilities from the base one (centos-and-fedora.yml) # but uses just few of tehm # Pls refer to https://github.com/rnpgp/rnp-ci-containers#readme for image details image: - { name: 'Fedora 40', container: 'fedora-40-amd64', backend: 'Botan' } - { name: 'Fedora 40', container: 'fedora-40-amd64', backend: 'OpenSSL' } container: ghcr.io/rnpgp/ci-rnp-${{ matrix.image.container }} env: ${{ matrix.env }} steps: - name: Checkout uses: actions/checkout@v4 with: submodules: true - name: Setup environment run: | set -o errexit -o pipefail -o noclobber -o nounset /opt/tools/tools.sh select_crypto_backend_for_gha ${{ matrix.image.backend }} /opt/tools/tools.sh select_gpg_version_for_gha 'system' /opt/tools/tools.sh select_botan_version_for_gha 'system' echo CORES="$(nproc --all)" >> $GITHUB_ENV useradd rnpuser printf "\nrnpuser\tALL=(ALL)\tNOPASSWD:\tALL" > /etc/sudoers.d/rnpuser printf "\nrnpuser\tsoft\tnproc\tunlimited\n" > /etc/security/limits.d/30-rnpuser.conf - name: Configure run: | cmake -B build \ -DBUILD_SHARED_LIBS=ON \ -DDOWNLOAD_GTEST=ON \ -DCMAKE_BUILD_TYPE=Release \ -DCRYPTO_BACKEND=${{ matrix.image.backend }} - name: Build run: cmake --build build --parallel ${{ env.CORES }} - name: Archive build files run: tar -czvf build.tar.gz build - name: Upload build files uses: actions/upload-artifact@v4 with: name: 'build-${{ matrix.env.CC }}-${{ matrix.image.backend }}' path: 'build.tar.gz' retention-days: 5 test: name: ${{ matrix.image.name }} [CC ${{ matrix.env.CC }}; backend ${{ matrix.image.backend }}; date offset ${{ matrix.date-offset }}] runs-on: ubuntu-latest needs: build timeout-minutes: 120 strategy: fail-fast: false matrix: env: - { CC: clang, CXX: clang++ } # Pls refer to https://github.com/rnpgp/rnp-ci-containers#readme for image details image: - { name: 'Fedora 40', container: 'fedora-40-amd64', backend: 'Botan' } - { name: 'Fedora 40', container: 'fedora-40-amd64', backend: 'OpenSSL' } date-offset: - '+0y' - '+1y' - '+5y' container: ghcr.io/rnpgp/ci-rnp-${{ matrix.image.container }} env: ${{ matrix.env }} steps: - name: Install tools run: dnf -y install libfaketime - name: Checkout uses: actions/checkout@v4 with: submodules: true - name: Setup environment run: | set -o errexit -o pipefail -o noclobber -o nounset /opt/tools/tools.sh select_crypto_backend_for_gha ${{ matrix.image.backend }} /opt/tools/tools.sh select_gpg_version_for_gha 'system' /opt/tools/tools.sh select_botan_version_for_gha 'system' echo CORES="$(nproc --all)" >> $GITHUB_ENV useradd rnpuser printf "\nrnpuser\tALL=(ALL)\tNOPASSWD:\tALL" > /etc/sudoers.d/rnpuser printf "\nrnpuser\tsoft\tnproc\tunlimited\n" > /etc/security/limits.d/30-rnpuser.conf - name: Download build files uses: actions/download-artifact@v4 with: name: 'build-${{ matrix.env.CC }}-${{ matrix.image.backend }}' - name: Extract build files run: tar -xzvf build.tar.gz - name: Configure fake time run: | set -o errexit -o pipefail -o noclobber -o nounset echo FAKETIME="${{ matrix.date-offset }}" >> $GITHUB_ENV - name: Test run: | set -o errexit -o pipefail -o noclobber -o nounset mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" chown -R rnpuser:rnpuser $PWD echo Running tests for "$(LD_PRELOAD=/usr/lib64/faketime/libfaketime.so.1 date)" exec su rnpuser -c "LD_PRELOAD=/usr/lib64/faketime/libfaketime.so.1 ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" rnp-0.18.1/.github/workflows/ubuntu.yml000066400000000000000000000312261511004466700200520ustar00rootroot00000000000000# Copyright (c) 2023 [Ribose Inc](https://www.ribose.com). # All rights reserved. # This file is a part of rnp # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. name: ubuntu on: push: branches: - main - 'release/**' paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - '.github/workflows/*.yml' - '!.github/workflows/ubuntu.yml' pull_request: paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' cancel-in-progress: true jobs: tests: name: ${{ matrix.os }} [CC ${{ matrix.env.CC }}; ${{ matrix.backend.name }}; shared libs ${{ matrix.shared_libs }}; GnuPG stable] runs-on: ${{ matrix.os }} strategy: fail-fast: false matrix: os: [ ubuntu-latest ] shared_libs: [ 'on' ] backend: - { name: 'botan', package: 'libbotan-2-dev' } - { name: 'openssl', package: 'libssl-dev' } env: - { CC: gcc, CXX: g++ } - { CC: clang, CXX: clang++ } include: # Since ubuntu-20.04 runner is deprecated we do not test OpenSSL 1.1.1 here. - os: ubuntu-22.04 shared_libs: 'on' backend: { name: 'openssl', package: 'libssl-dev' } env: { CC: gcc, CXX: g++ } - os: ubuntu-latest shared_libs: 'off' backend: { name: 'botan', package: 'libbotan-2-dev' } env: { CC: gcc, CXX: g++ } if: "!contains(github.event.head_commit.message, 'skip ci')" env: ${{ matrix.env }} timeout-minutes: 50 steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 1 submodules: true - name: Install dependencies # Already installed on GHA: build-essential libbz2-dev zlib1g-dev run: | sudo apt-get -y update sudo apt-get -y install cmake libbz2-dev libjson-c-dev ${{ matrix.backend.package }} asciidoctor - name: Configure run: | echo CORES="$(nproc --all)" >> $GITHUB_ENV cmake -B build -DBUILD_SHARED_LIBS=${{ matrix.shared_libs}} \ -DCRYPTO_BACKEND=${{ matrix.backend.name }} \ -DDOWNLOAD_GTEST=ON \ -DCMAKE_BUILD_TYPE=Release . - name: Build run: cmake --build build --parallel ${{ env.CORES }} - name: Test run: | mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure cmake-offline-googletest-src: runs-on: ubuntu-latest if: "!contains(github.event.head_commit.message, 'skip ci')" timeout-minutes: 30 steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 1 submodules: true - name: Install dependencies run: | sudo apt-get -y update sudo apt-get -y install cmake libbz2-dev libjson-c-dev libbotan-2-dev asciidoctor googletest - name: Configure run: | echo CORES="$(nproc --all)" >> $GITHUB_ENV cmake -B build -DBUILD_SHARED_LIBS=ON \ -DCRYPTO_BACKEND=botan \ -DDOWNLOAD_GTEST=OFF \ -DGTEST_SOURCES=/usr/src/googletest \ -DCMAKE_BUILD_TYPE=Release . - name: Build run: cmake --build build --parallel ${{ env.CORES }} - name: Test run: | mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure - name: Check googletest run: | [ -d "build/src/tests" ] [ -d "build/src/tests/googletest-build" ] [ ! -d "build/src/tests/googletest-src" ] cmake-offline-googletest: runs-on: ubuntu-latest if: "!contains(github.event.head_commit.message, 'skip ci')" timeout-minutes: 30 steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 1 submodules: true - name: Install dependencies run: | sudo apt-get -y update sudo apt-get -y install cmake libbz2-dev libjson-c-dev libbotan-2-dev asciidoctor googletest - name: Build googletest run: | cmake -B googletest-build /usr/src/googletest cmake --build googletest-build sudo cmake --install googletest-build - name: Configure run: | echo CORES="$(nproc --all)" >> $GITHUB_ENV cmake -B build -DBUILD_SHARED_LIBS=ON \ -DCRYPTO_BACKEND=botan \ -DDOWNLOAD_GTEST=OFF \ -DCMAKE_BUILD_TYPE=Release . - name: Build run: cmake --build build --parallel ${{ env.CORES }} - name: Test run: | mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure - name: Check googletest run: | [ -d "build/src/tests" ] [ ! -d "build/src/tests/googletest-build" ] [ ! -d "build/src/tests/googletest-src" ] cmake-system-sexpp: name: system-sexpp, sexpp shared libs ${{ matrix.sexpp_shared_libs }}, rnp shared libs ${{ matrix.rnp_shared_libs }} runs-on: ubuntu-latest if: "!contains(github.event.head_commit.message, 'skip ci')" timeout-minutes: 30 strategy: fail-fast: false matrix: sexpp_shared_libs: [ 'on', 'off' ] rnp_shared_libs: ['on', 'off'] steps: - name: Install dependencies run: | sudo apt-get -y update sudo apt-get -y install cmake libbz2-dev libjson-c-dev libbotan-2-dev asciidoctor - name: Checkout sexpp uses: actions/checkout@v4 with: repository: rnpgp/sexpp path: sexpp - name: Configure sexpp run: | echo CORES="$(nproc --all)" >> $GITHUB_ENV cmake -S sexpp -B sexpp/build \ -DCMAKE_BUILD_TYPE=Release \ -DDOWNLOAD_GTEST=OFF \ -DWITH_SEXP_TESTS=OFF \ -DBUILD_SHARED_LIBS=${{ matrix.sexpp_shared_libs}} - name: Build sexpp run: cmake --build sexpp/build --parallel ${{ env.CORES }} - name: Install sexpp run: sudo cmake --install sexpp/build - name: Clean sexpp run: rm -rf sexpp - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 1 submodules: false - name: Configure run: | cmake -B build \ -DBUILD_SHARED_LIBS=${{ matrix.rnp_shared_libs }} \ -DCRYPTO_BACKEND=botan \ -DDOWNLOAD_GTEST=ON \ -DSYSTEM_LIBSEXPP=ON \ -DCMAKE_BUILD_TYPE=Release . - name: Build run: cmake --build build --parallel ${{ env.CORES }} - name: Test run: | mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" ctest --parallel ${{ env.CORES }} --test-dir build -R rnp_tests --output-on-failure package-source: runs-on: ubuntu-latest if: "!contains(github.event.head_commit.message, 'skip ci')" timeout-minutes: 30 steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 1 submodules: true - name: Install dependencies run: | sudo apt-get -y update sudo apt-get -y install cmake libbz2-dev libjson-c-dev libbotan-2-dev asciidoctor - name: Configure run: | cmake . -B build \ -DBUILD_SHARED_LIBS=ON \ -DBUILD_TESTING=OFF \ -DCMAKE_BUILD_TYPE=Release \ -DCRYPTO_BACKEND=botan \ -DCMAKE_INSTALL_PREFIX=/usr - name: Package source run: cpack -B build/source-deb -G DEB --config build/CPackSourceConfig.cmake - name: Upload source package uses: actions/upload-artifact@v4 with: name: 'source-debian' path: 'build/source-deb/*.deb' retention-days: 5 - name: Stash packaging tests uses: actions/upload-artifact@v4 with: name: tests path: 'ci/tests/**' retention-days: 1 package: runs-on: ubuntu-latest needs: package-source if: "!contains(github.event.head_commit.message, 'skip ci')" timeout-minutes: 30 steps: - name: Install dependencies run: | sudo apt-get -y update sudo apt-get -y install cmake libbz2-dev libjson-c-dev libbotan-2-dev asciidoctor - name: Download source package uses: actions/download-artifact@v4 with: name: 'source-debian' path: source-debian - name: Extract sources run: dpkg-deb --extract source-debian/*.deb rnp - name: Configure run: | echo CORES="$(nproc --all)" >> $GITHUB_ENV cmake rnp -B rnp/build \ -DBUILD_SHARED_LIBS=ON \ -DBUILD_TESTING=OFF \ -DCMAKE_BUILD_TYPE=Release \ -DCRYPTO_BACKEND=botan \ -DCMAKE_INSTALL_PREFIX=/usr - name: Build run: cmake --build rnp/build --config Release --parallel ${{ env.CORES }} - name: Create binary package run: cpack -G DEB -B debian --config rnp/build/CPackConfig.cmake - name: Upload binary package uses: actions/upload-artifact@v4 with: name: 'debian' path: 'debian/*.deb' retention-days: 5 debian-tests: runs-on: ubuntu-latest needs: package timeout-minutes: 30 steps: - name: Download enp deb file uses: actions/download-artifact@v4 with: name: 'debian' - name: Checkout shell test framework uses: actions/checkout@v4 with: repository: kward/shunit2 path: ci/tests/shunit2 - name: Unstash tests uses: actions/download-artifact@v4 with: name: tests path: ci/tests - name: Run debian tests # - no source checkout or upload [we get only test scripts from the previous step using GHA artifacts] # - no environment set up with rnp scripts # - no dependencies setup, we test that apt can install whatever is required run: | chmod +x ci/tests/deb-tests.sh ci/tests/deb-tests.sh rnp-0.18.1/.github/workflows/windows-msys2.yml000066400000000000000000000122351511004466700212740ustar00rootroot00000000000000# Copyright (c) 2023 [Ribose Inc](https://www.ribose.com). # All rights reserved. # This file is a part of rnp # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. name: windows-msys2 on: workflow_dispatch: push: branches: - main - 'release/**' paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' - '.github/workflows/*.yml' - '!.github/workflows/windows-msys2.yml' pull_request: paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' cancel-in-progress: true env: RNP_INSTALL: /home/runneradmin/rnp-install jobs: tests: name: windows-latest msys2 [msystem ${{ matrix.msystem }}; backend ${{ matrix.backend.name }}; build shared libs ${{ matrix.shared_libs }}; GnuPG stable] if: "!contains(github.event.head_commit.message, 'skip ci')" timeout-minutes: 70 runs-on: windows-latest defaults: run: shell: msys2 {0} strategy: fail-fast: false matrix: msystem: [ 'ucrt64', 'mingw64', 'clang64' ] shared_libs: [ 'on' ] backend: - { name: 'botan', lib: 'libbotan' } - { name: 'openssl', lib: 'openssl' } include: - msystem: 'ucrt64' shared_libs: 'off' backend: { name: 'botan', lib: 'libbotan' } steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 1 submodules: true - name: Install MSys uses: msys2/setup-msys2@v2 with: msystem: ${{ matrix.msystem }} update: true install: >- git base-devel p7zip pacboy: >- toolchain:p cmake:p ${{ matrix.backend.lib }}:p json-c:p asciidoctor:p gtest:p path-type: minimal - name: Configure run: | echo CORES="$(nproc --all)" >> $GITHUB_ENV echo CRYPTO_BACKEND=${{ matrix.backend.name }} >> $GITHUB_ENV cmake -B build -DBUILD_SHARED_LIBS=${{ matrix.shared_libs }} \ -DCRYPTO_BACKEND=${{ matrix.backend.name }} \ -DCMAKE_INSTALL_PREFIX=${{ env.RNP_INSTALL }} \ -DDOWNLOAD_GTEST=OFF \ -DCMAKE_BUILD_TYPE=Release . - name: Build run: cmake --build build --config "Release" --parallel ${{ env.CORES }} - name: Test run: | # Add mt.exe (manifest tool) to the PATH win_sdk=$(reg query "HKLM\SOFTWARE\Microsoft\Windows Kits\Installed Roots" | sort -r | head -n 1 | sed 's/.*\\//') echo "Windows SDK: $win_sdk" export PATH="/c/Program Files (x86)/Windows Kits/10/bin/$win_sdk/x64/":$PATH # Add manifest which forces utf-8 encoding for exe in "tests/rnp_tests" "rnp/rnp" "rnpkeys/rnpkeys"; do mt.exe -manifest ./ci/utf8-manifest "-outputresource:./build/src/${exe}.exe;1" > /dev/null done mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" export PATH="$PWD/build/src/lib:$PATH" export RNP_LOG_CONSOLE=1 ctest --parallel ${{ env.CORES }} --test-dir build -C Debug --output-on-failure - name: Install run: cmake --install build - name: Checkout shell test framework uses: actions/checkout@v4 with: repository: kward/shunit2 path: ci/tests/shunit2 - name: Run additional ci tests if: ${{ matrix.shared_libs == 'on' }} run: ci/tests/ci-tests.sh rnp-0.18.1/.github/workflows/windows-native.yml000066400000000000000000000233111511004466700215020ustar00rootroot00000000000000# Copyright (c) 2023-2024 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. name: windows-native on: push: branches: - main - 'release/**' paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' - '.github/workflows/*.yml' - '!.github/workflows/windows-native.yml' pull_request: paths-ignore: - '/*.sh' - '/.*' - '/_*' - 'Brewfile' - 'docs/**' - '**.adoc' - '**.md' - '**.nix' - 'flake.lock' - 'version.txt' concurrency: group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' cancel-in-progress: true env: VCPKG_DIR: C:/vcpkg VCPKG_DEFAULT_BINARY_CACHE: ${{github.workspace}}\cache RNP_TEST_DATA: ${{github.workspace}}\src\tests\data jobs: build_and_test: name: Windows-2022 [arch ${{ matrix.arch.name }}, toolset ${{ matrix.toolset }}, backend ${{ matrix.backend }}, build shared libs ${{ matrix.shared_libs }}, use CMake prefix path ${{ matrix.use_cmake_prefix_path }}, sanitizers ${{ matrix.sanitizers }}] runs-on: windows-2022 if: "!contains(github.event.head_commit.message, 'skip ci')" strategy: fail-fast: false matrix: arch: [ { name: 'x64', triplet: 'x64-windows' } ] toolset: [ 'v143', 'ClangCL' ] backend: [ 'botan', 'openssl' ] shared_libs: [ 'off'] use_cmake_prefix_path: [ 'on', 'off' ] sanitizers: [ 'off' ] include: - arch: { name: 'x64', triplet: 'x64-windows' } toolset: 'v143' backend: 'botan' use_cmake_prefix_path: 'off' shared_libs: 'off' sanitizers: 'on' - arch: { name: 'Win32', triplet: 'x86-windows' } toolset: 'ClangCL' backend: 'botan' use_cmake_prefix_path: 'on' shared_libs: 'off' sanitizers: 'off' - arch: { name: 'Win32', triplet: 'x86-windows' } toolset: 'v143' backend: 'openssl' use_cmake_prefix_path: 'off' shared_libs: 'off' sanitizers: 'off' steps: - name: Checkout uses: actions/checkout@v4 with: submodules: true lfs: true fetch-depth: 1 - name: vcpkg parameters run: | vcpkg version >> vcpkg.version mkdir -p ${{ env.VCPKG_DEFAULT_BINARY_CACHE }} - name: vcpkg cache uses: actions/cache@v4 with: path: ${{ env.VCPKG_DEFAULT_BINARY_CACHE }} key: vcpkg-${{ hashFiles('vcpkg.version') }}-${{ matrix.arch.triplet }}-${{ matrix.toolset }}-${{ matrix.backend }} - name: vcpkg packages shell: bash run: | dir_u=$(cygpath -u ${{ env.VCPKG_DIR }}) echo "VCPKG_DIR_U=$dir_u" >> $GITHUB_ENV # See https://github.com/microsoft/vcpkg/issues/41339#issuecomment-2394308597 for lines below. export SystemDrive="$SYSTEMDRIVE" export SystemRoot="$SYSTEMROOT" export windir="$WINDIR" vcpkg install --triplet ${{ matrix.arch.triplet }} bzip2 zlib json-c getopt dirent ${{ matrix.backend }} - name: Upload vcpkg logs on failure if: failure() uses: actions/upload-artifact@v4 with: name: vcpkg-error-logs path: | C:\vcpkg\buildtrees\*\*.log C:\vcpkg\installed\vcpkg\issue_body.md - name: Set OPENSSL_ROOT_DIR # Ensure consistent access to openssl installation for test_backend_version test # There is another one instance of ssl at /mingw and /mingw/bin is always at the first position at PATH # So we have to adjust PATH for each step below; changing $GITHUB_PATH does not work if: matrix.backend == 'openssl' shell: bash run: | echo OPENSSL_ROOT_DIR=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }} >> $GITHUB_ENV echo OPENSSL_MODULES=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }}/bin >> $GITHUB_ENV echo RNP_TESTS_OPENSSL_ROOT=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }} >> $GITHUB_ENV - name: Adjust settings for s2k_iteration_tuning test # This step adjusts s2k_iteration_tuning threshold for # s2k_iteration_tuning test (src/tests/cipher.cpp) # It looks like cl on Win32 does not provide robust response if: matrix.arch.name == 'Win32' && matrix.toolset == 'ClangCL' shell: bash run: echo CXXFLAGS="-DS2K_MINIMUM_TUNING_RATIO=4" >> $GITHUB_ENV - name: Configure using vpkg toolchain file if: matrix.use_cmake_prefix_path != 'on' shell: bash run: | echo CORES="$(nproc --all)" >> $GITHUB_ENV export PATH=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }}/bin:$PATH cmake -B build -G "Visual Studio 17 2022" \ -A ${{ matrix.arch.name }} \ -T ${{ matrix.toolset }} \ -DBUILD_SHARED_LIBS=${{ matrix.shared_libs}} \ -DENABLE_SANITIZERS=${{ matrix.sanitizers }} \ -DCRYPTO_BACKEND=${{ matrix.backend }} \ -DCMAKE_TOOLCHAIN_FILE=${{ env.VCPKG_DIR }}/scripts/buildsystems/vcpkg.cmake . - name: Configure using CMake prefix path if: matrix.use_cmake_prefix_path == 'on' shell: bash run: | echo CORES="$(nproc --all)" >> $GITHUB_ENV export PATH=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }}/bin:$PATH cmake -B build -G "Visual Studio 17 2022" \ -A ${{ matrix.arch.name }} \ -T ${{ matrix.toolset }} \ -DBUILD_SHARED_LIBS=${{ matrix.shared_libs}} \ -DENABLE_SANITIZERS=${{ matrix.sanitizers }} \ -DCRYPTO_BACKEND=${{ matrix.backend }} \ -DCMAKE_PREFIX_PATH=${{ env.VCPKG_DIR }}/installed/${{ matrix.arch.triplet }} . - name: Build shell: bash run: | export PATH=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }}/bin:$PATH cmake --build build --parallel ${{ env.CORES }} --config Release - name: Find Visual Studio root via vswhere if: matrix.sanitizers == 'on' shell: cmd # Not sure why but vswhere.exe cannot be run via bash, so using cmd instead. run: | FOR /F "delims=" %%i in ('C:\ProgramData\Chocolatey\bin\vswhere.exe -latest -products * -requires Microsoft.VisualStudio.Component.VC.Tools.x86.x64 -property installationPath') DO SET "VS_PATH=%%i" echo "Detected Visual Studio path: %VS_PATH%" echo VS_PATH=%VS_PATH%>> "%GITHUB_ENV%" - name: Test shell: bash # Sometimes running cli_tests in parallel causes instability [???] # ctest --test-dir build -R cli_tests -C Debug --output-on-failure # ctest --parallel ${{ env.CORES }} --test-dir build -R rnp_tests -C Debug --output-on-failure # ctest --parallel ${{ env.CORES }} --test-dir build -C Release --output-on-failure run: | export PATH=${{ env.VCPKG_DIR_U }}/installed/${{ matrix.arch.triplet }}/bin:$PATH if [[ "${{ matrix.sanitizers }}" == "on" ]]; then # Since VS 2022 we need to add path to sanitizers libs to PATH to load those. # For this we need to detect VS_PATH on the previous step via the vswhere vsp=$(cygpath -u "${VS_PATH}") ts_ver=$(<"$vsp/VC/Auxiliary/Build/Microsoft.VCToolsVersion.${{matrix.toolset}}.default.txt") lib_dir="${vsp}/VC/Tools/MSVC/${ts_ver}/bin/Hostx64/x64" if [[ ! -d "$lib_dir" ]]; then echo "Looks like directory with sanitizer libs changed from ${lib_dir}. Available ones:" ls -la "${vsp}/VC/Tools/MSVC" exit 1 fi export PATH=$lib_dir:$PATH fi mkdir -p "build/Testing/Temporary" cp "cmake/CTestCostData.txt" "build/Testing/Temporary" ctest --parallel ${{ env.CORES }} --test-dir build -C Release --output-on-failure rnp-0.18.1/.gitignore000066400000000000000000000147551511004466700144100ustar00rootroot00000000000000*.loT core.* vgcore.* src/lib/librnp-*.a src/lib/config.h src/lib/version.h librnp-*.pc rpm-ldconfig src/lib/rnp-config-version.cmake src/lib/rnp-config.cmake src/rnp/rnp src/rnpkeys/rnpkeys src/tests/rnp_tests* src/tests/googletest-* # CMake CPackConfig.cmake CPackSourceConfig.cmake DartConfiguration.tcl _CPack_Packages/ # VSCode .vscode/ .vs/ # VisualStudio CMakeSettings.json out/ # Nix result # Test framework ci/tests/shunit2 # Created by https://www.toptal.com/developers/gitignore/api/c,vim,c++,macos,linux,patch,cmake,emacs,vscode,python,windows,textmate,sublimetext # Edit at https://www.toptal.com/developers/gitignore?templates=c,vim,c++,macos,linux,patch,cmake,emacs,vscode,python,windows,textmate,sublimetext ### C ### # Prerequisites *.d # Object files *.o *.ko *.obj *.elf # Linker output *.ilk *.map *.exp # Precompiled Headers *.gch *.pch # Libraries *.lib *.a *.la *.lo # Shared objects (inc. Windows DLLs) *.dll *.so *.so.* *.dylib # Executables *.exe *.out *.app *.i*86 *.x86_64 *.hex # Debug files *.dSYM/ *.su *.idb *.pdb # Kernel Module Compile Results *.mod* *.cmd .tmp_versions/ modules.order Module.symvers Mkfile.old dkms.conf ### C++ ### # Prerequisites # Compiled Object files *.slo # Precompiled Headers # Linker files # Debugger Files # Compiled Dynamic libraries # Fortran module files *.mod *.smod # Compiled Static libraries *.lai # Executables ### CMake ### CMakeLists.txt.user CMakeCache.txt CMakeFiles CMakeScripts Testing Makefile cmake_install.cmake install_manifest.txt compile_commands.json CTestTestfile.cmake _deps CMakeUserPresets.json ### CMake Patch ### # External projects *-prefix/ ### Emacs ### # -*- mode: gitignore; -*- *~ \#*\# /.emacs.desktop /.emacs.desktop.lock *.elc auto-save-list tramp .\#* # Org-mode .org-id-locations *_archive ltximg/** # flymake-mode *_flymake.* # eshell files /eshell/history /eshell/lastdir # elpa packages /elpa/ # reftex files *.rel # AUCTeX auto folder /auto/ # cask packages .cask/ dist/ # Flycheck flycheck_*.el # server auth directory /server/ # projectiles files .projectile # directory configuration .dir-locals.el # network security /network-security.data ### Linux ### # temporary files which can be created if a process still has a handle open of a deleted file .fuse_hidden* # KDE directory preferences .directory # Linux trash folder which might appear on any partition or disk .Trash-* # .nfs files are created when an open file is removed but is still being accessed .nfs* ### macOS ### # General .DS_Store .AppleDouble .LSOverride # Icon must end with two \r Icon # Thumbnails ._* # Files that might appear in the root of a volume .DocumentRevisions-V100 .fseventsd .Spotlight-V100 .TemporaryItems .Trashes .VolumeIcon.icns .com.apple.timemachine.donotpresent # Directories potentially created on remote AFP share .AppleDB .AppleDesktop Network Trash Folder Temporary Items .apdisk ### Patch ### *.orig *.rej ### Python ### # Byte-compiled / optimized / DLL files __pycache__/ *.py[cod] *$py.class # C extensions # Distribution / packaging .Python /build/ /develop-eggs/ /downloads/ /eggs/ .eggs/ /lib/ /lib64/ /parts/ /sdist/ /var/ /wheels/ pip-wheel-metadata/ share/python-wheels/ *.egg-info/ .installed.cfg *.egg MANIFEST # PyInstaller # Usually these files are written by a python script from a template # before PyInstaller builds the exe, so as to inject date/other infos into it. *.manifest *.spec # Installer logs pip-log.txt pip-delete-this-directory.txt # Unit test / coverage reports htmlcov/ .tox/ .nox/ .coverage .coverage.* .cache nosetests.xml coverage.xml *.cover *.py,cover .hypothesis/ .pytest_cache/ pytestdebug.log # Translations *.mo *.pot # Django stuff: *.log local_settings.py db.sqlite3 db.sqlite3-journal # Flask stuff: instance/ .webassets-cache # Scrapy stuff: .scrapy # Sphinx documentation docs/_build/ doc/_build/ # PyBuilder target/ # Jupyter Notebook .ipynb_checkpoints # IPython profile_default/ ipython_config.py # pyenv .python-version # pipenv # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. # However, in case of collaboration, if having platform-specific dependencies or dependencies # having no cross-platform support, pipenv may install dependencies that don't work, or not # install all needed dependencies. #Pipfile.lock # PEP 582; used by e.g. github.com/David-OConnor/pyflow __pypackages__/ # Celery stuff celerybeat-schedule celerybeat.pid # SageMath parsed files *.sage.py # Environments .env .venv env/ venv/ ENV/ env.bak/ venv.bak/ pythonenv* # Spyder project settings .spyderproject .spyproject # Rope project settings .ropeproject # mkdocs documentation /site # mypy .mypy_cache/ .dmypy.json dmypy.json # Pyre type checker .pyre/ # pytype static type analyzer .pytype/ # profiling data .prof ### SublimeText ### # Cache files for Sublime Text *.tmlanguage.cache *.tmPreferences.cache *.stTheme.cache # Workspace files are user-specific *.sublime-workspace # Project files should be checked into the repository, unless a significant # proportion of contributors will probably not be using Sublime Text # *.sublime-project # SFTP configuration file sftp-config.json # Package control specific files Package Control.last-run Package Control.ca-list Package Control.ca-bundle Package Control.system-ca-bundle Package Control.cache/ Package Control.ca-certs/ Package Control.merged-ca-bundle Package Control.user-ca-bundle oscrypto-ca-bundle.crt bh_unicode_properties.cache # Sublime-github package stores a github token in this file # https://packagecontrol.io/packages/sublime-github GitHub.sublime-settings ### TextMate ### *.tmproj *.tmproject tmtags ### Vim ### # Swap [._]*.s[a-v][a-z] !*.svg # comment out if you don't need vector files [._]*.sw[a-p] [._]s[a-rt-v][a-z] [._]ss[a-gi-z] [._]sw[a-p] # Session Session.vim Sessionx.vim # Temporary .netrwhist # Auto-generated tag files tags # Persistent undo [._]*.un~ ### vscode ### .vscode/* !.vscode/settings.json !.vscode/tasks.json !.vscode/launch.json !.vscode/extensions.json *.code-workspace ### Windows ### # Windows thumbnail cache files Thumbs.db Thumbs.db:encryptable ehthumbs.db ehthumbs_vista.db # Dump file *.stackdump # Folder config file [Dd]esktop.ini # Recycle Bin used on file shares $RECYCLE.BIN/ # Windows Installer files *.cab *.msi *.msix *.msm *.msp # Windows shortcuts *.lnk # Vim and its plugins .ycm_extra_conf.py # End of https://www.toptal.com/developers/gitignore/api/c,vim,c++,macos,linux,patch,cmake,emacs,vscode,python,windows,textmate,sublimetext rnp-0.18.1/.gitmodules000066400000000000000000000001321511004466700145550ustar00rootroot00000000000000[submodule "src/libsexpp"] path = src/libsexpp url = https://github.com/rnpgp/sexpp.git rnp-0.18.1/Brewfile000077500000000000000000000001521511004466700140670ustar00rootroot00000000000000brew "cmake" brew "pkg-config" brew "googletest" brew "gnupg" brew "python" brew "json-c" brew "asciidoc" rnp-0.18.1/CHANGELOG.md000066400000000000000000000504531511004466700142240ustar00rootroot00000000000000## Changelog ### 0.18.1 [2025-11-21] #### Security * Fixed critical issue where PKESK (public-key encrypted) session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only (CVE-PENDING, https://bugzilla.redhat.com/show_bug.cgi?id=2415863). ### 0.18.0 [2025-05-24] -- RETRACTED, DON'T USE **SECURITY WARNING:** This version contains a critical vulnerability where public-key encrypted messages use all-zero session keys. All users must upgrade to 0.18.1 or later immediately. #### General * Discourage use of EAX AEAD mode * Generate RSA 3072-bit keys by default * Support dearmoring of GnuPG-armored files (with ARMORED FILE header) * Generate rnp_ver.h header * Support DSA 4096 bit keys as some entities use them * Mark signatures, produced by encrypt-only key or subkey, as invalid * Allow extra spaces during armored key import * Better support of Botan 3.5.0+ * Compatibility fixes for different systems * Update hash function from the weak one on change of the key expiration * Do not allow 64-bit ciphers for encryption without explicit option * Internal refactoring and performance updates #### FFI * Added functions rnp_signature_error_count()/rnp_signature_error_at() to check why signature validation failed. * Added functions to create and customize key certifications: rnp_key_certification_create(), rnp_key_signature_set_*/rnp_key_signature_get_* ### 0.17.1 [2024-04-08] #### General * Added support for Botan 3. * Updated support for OpenSSL 3. * Added support for mimemode in literal data packet. * Relaxed Base64 decoding to allow spaces after the checksum. #### FFI * Added function `rnp_signature_get_features()`. ### 0.17.0 [2023-05-01] #### General * Added support for hidden recipient during decryption. * Added support for AEAD-OCB for OpenSSL backend. * Improve support for offline secret keys during default key selection. * Support for GnuPG 2.3+ secret key store format. * SExp parsing code is moved to separate library, https://github.com/rnpgp/sexp. * Mark subkeys as expired instead of invalid if primary key is expired. * AEAD: use OCB by default instead of EAX. * Do not attempt to validate signatures of unexpected types. * Use thread-safe time and date handling functions. * Added ENABLE_BLOWFISH, ENABLE_CAST5 and ENABLE_RIPEMD160 build time options. * Do not use `EVP_PKEY_CTX_set_dsa_paramgen_q_bits()` if OpenSSL backend version is < 1.1.1e. * Corrected usage of CEK/KEK algorithms if those differs. #### FFI * Added function `rnp_signature_export()`. * Added flag `RNP_VERIFY_ALLOW_HIDDEN_RECIPIENT` to `rnp_op_verify_set_flags()`. #### CLI * Added default armor message type for `--enarmor` command. * Added command `--set-filename` to specify which file name should be stored in message. * Added `--add-subkey` subcommand to the `--edit-key`. * Added `set-expire` subcommand to the `--edit-key`. * Added `--s2k-iterations` and `--s2k-msec` options to the `rnp`. * Added `--allow-weak-hash` command to allow usage of weak hash algorithms. * Report number of new/updated keys during the key import. ### 0.16.3 [2023-04-11] #### Security * Fixed issue with possible hang on malformed inputs (CVE-2023-29479). * Fixed issue where in some cases, secret keys remain unlocked after use (CVE-2023-29480). ### 0.16.2 [2022-09-20] #### General * Fixed CMake issues with ENABLE_IDEA and ENABLE_BRAINPOOL. ### 0.16.1 [2022-09-06] #### General * Ensure support for RHEL9/CentOS Stream 9/Fedora 36, updating OpenSSL backend support for v3.0. * Optional import and export of base64-encoded keys. * Optional raw encryption of the data. * Optional overriding of the current timestamp. * Do not fail completely on unknown signature versions. * Do not fail completely on unknown PKESK/SKESK packet versions. * Support armored messages without empty line after the headers. * Added automatic feature detection based on backend. #### Security * Separate security rules for the data and key signatures, extending SHA1 key signature support till the Jan, 19 2024. * Set default key expiration time to 2 years. * Limit maximum AEAD chunk bits to 16. #### FFI * Changed behaviour of `rnp_op_verify_execute()`: now it requires single valid signature to succeed. * Added function `rnp_op_verify_set_flags()` to override default behaviour of verification. * Added function `rnp_key_is_expired()`. * Added function `rnp_op_encrypt_set_flags()` and flag `RNP_ENCRYPT_NOWRAP` to allow raw encryption. * Added flag `RNP_LOAD_SAVE_BASE64` to the function `rnp_import_keys()`. * Added flag `RNP_KEY_EXPORT_BASE64` to the function `rnp_key_export_autocrypt()`. * Added function `rnp_set_timestamp()` to allow to override current time. * Update security rules functions with flags `RNP_SECURITY_VERIFY_KEY` and `RNP_SECURITY_VERIFY_DATA`. #### CLI * Make password request more verbose. * Print `RSA` instead of `RSA (Encrypt and Sign)` in the key listing to avoid confusion. * Added option `--source` to specify detached signature's source file. * Added option `--no-wrap` to allow raw data encryption. * Added option `--current-time` to allow to override current timestamp. * Strip known extensions (like `.pgp`, `.asc`, etc.) when decrypting or verifying data. * Display key and signature validity status in the key listing. * Do not attempt to use GnuPG's config to set default key. ### 0.16.0 [2022-01-20] #### General * Added support for OpenSSL cryptography backend so RNP may be built and used on systems without the Botan installed. * Added compile-time switches to disable certain features (AEAD, Brainpool curves, SM2/SM3/SM4 algorithms, Twofish) * Fixed possible incompatibility with GnuPG on x25519 secret key export from RNP to GnuPG. * Fixed building if Git is not available. * Fixed export of non-FFI symbols from the rnp.so/rnp.dylib. * Fixed support for Gnu/Hurd (absence of PATH_MAX). * Added support for `None` compression algorithm. * Added support for the dumping of notation data signature subpackets. * Fixed key expiration time calculation in the case with newer non-primary self-certification. * Improved performance of key import (no key material checks) #### Security * Added initial support for customizable security profiles. * Mark SHA1 signatures produced later than 2019-01-19, as invalid. * Mark MD5 signatures produced later than 2012-01-01, as invalid. * Remove SHA1 and 3DES from the default key preferences. * Use SHA1 collision detection code when using SHA1. * Mark signatures with unknown critical notation as invalid. * Do not prematurely mark secret keys as valid. * Validate secret key material before the first operation. * Limit the number of possible message recipients/signatures to a reasonable value (16k). * Limit the number of signature subpackets during parsing. #### FFI * Added functions `rnp_backend_string()` and `rnp_backend_version()`. * Added functions `rnp_key_25519_bits_tweaked()` and `rnp_key_25519_bits_tweak()` to check and fix x25519 secret key bits. * Added security profile manipulation functions: `rnp_add_security_rule()`, `rnp_get_security_rule()`, `rnp_remove_security_rule()`. * Added function `rnp_signature_get_expiration()`. * Deprecate functions `rnp_enable_debug()`/`rnp_disable_debug()`. #### CLI * Write new detailed help messages for `rnp` and `rnpkeys`. * Added `-` (stdin) and `env:VAR_NAME` input specifiers, as well as `-` (stdout) output specifier. * Do not fail with empty keyrings if those are not needed for the operation. * Added algorithm aliases for better usability (i.e. `SHA-256`, `SHA256`, etc.). * Added option `--notty` to print everything to stdout instead of TTY. * Added command `--edit-key` with subcommands `--check-cv25519-bits` and `--fix-cv25519-bits`. * Remove support for `-o someoption=somevalue`, which is unused. * Remove no longer used support for additional debug dumping via `--debug source.c`. ### 0.15.2 [2021-07-20] #### General * Be less strict in userid validation: allow to use userids with self-signature, which has key expiration in the past. * Do not mark signature as invalid if key which produced it is expired now, but was valid during signing. * Fix incorrect key expiration calculation in some cases. * Fix incorrect version number in the `version.txt`. #### FFI * Add function `rnp_key_get_default_key()` to pick the default key/subkey for the specific operation. * Allow to pass NULL hash parameter to `rnp_key_add_uid()` to pick the default one. * Use the same approach as in `rnp_op_encrypt_add_recipient()` for encryption subkey selection in `rnp_key_export_autocrypt()`. #### CLI * `rnp`: Show error message if encryption failed. * `rnpkeys` : Add `--expiration` option to specify expiration time during key generation. ### 0.15.1 [2021-05-28] #### General * Make man pages building optional. * Fixed updating of expiration time for a key with multiple user ids. * Fixed key expiry check for keys valid after the year 2038. * Pick up key expiration time from direct-key signature or primary userid certification if available. #### FFI * Added function `rnp_key_valid_till64()` to correctly handle keys which expire after the year 2038. * Added `RNP_FEATURE_*` defines to be used instead of raw strings. #### Security * Fixed issue with cleartext key data after the `rnp_key_unprotect()`/`rnp_key_protect()` calls (CVE-2021-33589). ### 0.15.0 [2021-04-04] #### General * Added CMake options to allow offline builds, i.e. without Googletest/ruby-rnp downloads. * Removed major library version from the library name (librnp-0.so/dll -> librnp.so/dll). * Improved handling of cleartext signatures, when empty line between headers and contents contains some whitespace characters. * Relaxed requirements for the armored messages CRC (allow absence of the CRC, and issue warning instead of complete failure). * Updated build instructions for MSVC. * Improved support of 32-bit platforms (year 2038 problem). #### CLI * Added up-to-date manual pages for `rnp` and `rnpkeys`. * rnpkeys: added `--remove-key` command. #### FFI * Added up-to-date manual page for `librnp`. * Added function `rnp_signature_remove` * Added function `rnp_uid_remove` * Added function `rnp_key_remove_signatures` for batch signature removal and filtering. ### 0.14.0 [2021-01-15] #### General * Improved key validation: require to have at least one valid, non-expiring self signature. * Added support for 'stripped' keys without userids and certifications but with valid subkey binding signature. * Added support for Windows via MinGW/MSYS2. * Added support for Windows via MSVC. * Fixed secret key locking when it is updated with new signatures/subkeys. * Fixed key expiry/flags calculation (take in account only the latest valid self-signature/subkey binding). * Fixed MDC reading if it appears on 8k boundary. * Disabled logging by default in release builds and added support for environment variable `RNP_LOG_CONSOLE` to enable it back. * Fixed leading zeroes for secp521r1 b & n field constants. * Allowed keys and signatures with invalid MPI bit count. * Added support for private/experimental signature subpackets, used by GnuPG and other implementations. * Added support for reserved/placeholder signatures. * Added support for zero-size userid/attr packet. * Relaxed packet dumping, ignoring invalid packets and allowing to find wrong packet easier. * Improved logging of errored keys/subkeys information for easier debugging. * Fixed support for old RSA sign-only/encrypt-only and ElGamal encrypt-and-sign keys. * Fixed support for ElGamal keys larger then 3072 bits. * Fixed symbol visibility so only FFI functions are exposed outside of the library. * Added support for unwrapping of raw literal packets. * Fixed crash with non-detached signature input, fed into the `rnp_op_verify_detached_create()`. * Significantly reduced memory usage for the keys large number of signatures. * Fixed long armor header lines processing. * Added basic support for GnuPG's offline primary keys (`gnupg --export-secret-subkeys`) and secret keys, stored on card. * Fixed primary key binding signature validation when hash algorithm differs from the one used in the subkey binding signature. * Fixed multiple memory leaks related to invalid algorithms/versions/etc. * Fixed possible crashes during processing of malformed armored input. * Limited allowed nesting levels for OpenPGP packets. * Fixed support for text-mode signatures. * Replaced strcpy calls with std::string and memcpy where applicable. * Removed usage of mktemp, replacing it with mkstemp. * Replaced usage of deprecated `botan_pbkdf()` with `botan_pwdhash()`. * Added support for the marker packet, issued by some implementations. * Added support for unknown experimental s2ks. * Fixed armored message contents detection (so armored revocation signature is not more reported as the public key). * Changed behaviour to use latest encryption subkey by default. * Fixed support for widechar parameters/file names on Windows. * Implemented userid validity checks so only certified/non-expired/non-revoked userid may be searched. * Fixed GnuPG compatibility issues with CR (`\r`) characters in text-mode and cleartext-signed documents. * Improved performance of the key/uid signatures access. * Migrated tests to the Python 3. * Migrated most of the internal code to C++. #### CLI * Do not load keyring when it is not required, avoiding extra `keyring not found` output. * Input/output data via the tty, if available, instead of stdin/stdout. * Fixed possible crash when HOME variable is not set. * rnpkeys: Added `--import-sigs` and changed behavior of `--import` to check whether input is key or signature. * rnpkeys: Added `--export-rev` command to export key's revocation, parameters `--rev-type`, `--rev-reason`. * rnpkeys: Added `--revoke-key` command. * rnpkeys: Added `--permissive` parameter to `--import-keys` command. * rnpkeys: Added `--password` options, allowing to specify password and/or generate unprotected key. #### FFI * Added keystore type constants `RNP_KEYSTORE_*`. * Added `rnp_import_signatures`. * Added `rnp_key_export_revocation`. * Added `rnp_key_revoke`. * Added `rnp_request_password`. * Added `rnp_key_set_expiration` to update key's/subkey's expiration time. * Added flag `RNP_LOAD_SAVE_PERMISSIVE` to `rnp_import_keys`, allowing to skip erroneous packets. * Added flag `RNP_LOAD_SAVE_SINGLE`, allowing to import keys one-by-one. * Added `rnp_op_verify_get_protection_info` to check mode and cipher used to encrypt message. * Added functions to retrieve recipients information (`rnp_op_verify_get_recipient_count`, `rnp_op_verify_get_symenc_count`, etc.). * Added flag `RNP_KEY_REMOVE_SUBKEYS` to `rnp_key_remove` function. * Added function `rnp_output_pipe` allowing to write data from input to the output. * Added function `rnp_output_armor_set_line_length` allowing to change base64 encoding line length. * Added function `rnp_key_export_autocrypt` to export public key in autocrypt-compatible format. * Added functions to retrieve information about the secret key's protection (`rnp_key_get_protection_type`, etc.). * Added functions `rnp_uid_get_type`, `rnp_uid_get_data`, `rnp_uid_is_primary`. * Added function `rnp_uid_is_valid`. * Added functions `rnp_key_get_revocation_signature` and `rnp_uid_get_revocation_signature`. * Added function `rnp_signature_get_type`. * Added function `rnp_signature_is_valid`. * Added functions `rnp_key_is_valid` and `rnp_key_valid_till`. * Added exception guard to FFI boundary. * Fixed documentation for the `rnp_unload_keys` function. #### Security * Removed version header from armored messages (see https://mailarchive.ietf.org/arch/msg/openpgp/KikdJaxvdulxIRX_yxU2_i3lQ7A/ ). * Enabled fuzzing via oss-fuzz and fixed reported issues. * Fixed a bunch of issues reported by static analyzer. * Require at least Botan 2.14.0. ### 0.13.1 [2020-01-15] #### Security * rnpkeys: Fix issue #1030 where rnpkeys would generate unprotected secret keys. ### 0.13.0 [2019-12-31] #### General * Fixed a double-free on invalid armor headers. * Fixed broken versioning when used as a git submodule. * Fixed an infinite loop on parsing truncated armored keys. * Fixed armored stream parsing to be more flexible and allow blank lines before trailer. * Fixed the armor header for detached signatures (previously MESSAGE, now SIGNATURE). * Improved setting of default qbits for DSA. * Fixed a crash when retrieving signature revocation reason. * Stop using expensive tests for key material validation. #### CLI * rnpkeys: Removed a few redundant commands (--get-key, --print-sigs, --trusted-keys, ...). * rnpkeys: Added --secret option. * rnpkeys: Display 'ssb' for secret subkeys. * rnp: Added `--list-packets` parameters (`--json`, etc.). * rnp: Removed `--show-keys`. #### FFI * Added `rnp_version_commit_timestamp` to retrieve the commit timestamp (for non-release builds). * Added a new (non-JSON) key generation API (`rnp_op_generate_create` etc.). * Added `rnp_unload_keys` function to unload all keys. * Added `rnp_key_remove` to unload a single key. * Expanded bit length support for JSON key generation. * Added `rnp_key_get_subkey_count`/`rnp_key_get_subkey_at`. * Added various key property accessors (`rnp_key_get_bits`, `rnp_key_get_curve`). * Added `rnp_op_generate_set_protection_password`. * Added `rnp_key_packets_to_json`/`rnp_dump_packets_to_json`. * Added `rnp_key_get_creation`, `rnp_key_get_expiration`. * Added `rnp_key_get_uid_handle_at`, `rnp_uid_is_revoked`, etc. * Added `rnp_key_is_revoked` and related functions to check for revocation. * Added `rnp_output_to_path` and `rnp_output_finish`. * Added `rnp_import_keys`. * Added `rnp_calculate_iterations`. * Added `rnp_supports_feature`/`rnp_supported_features`. * Added `rnp_enable_debug`/`rnp_disable_debug`. * Added `rnp_key_get_primary_grip`. * Added `rnp_output_to_armor`. * Added `rnp_op_generate_set_request_password`. * Added `rnp_dump_packets_to_output`. * Added `rnp_output_write`. * Added `rnp_guess_contents`. * Implemented `rnp_op_set_file_name`/`rnp_op_set_file_mtime`. * Added `rnp_op_encrypt_set_aead_bits`. * Added `rnp_op_verify_signature_get_handle`. * Added `rnp_signature_packet_to_json`. #### Packaging * RPM: Split packages into librnp0, librnp0-devel, and rnp0. ### 0.12.0 [2019-01-13] #### General * We now require Botan 2.8+. * Fixed key grip calculations for various key types. * Fixed SM2 signatures hashing the hash of the message. See comment in issue #436. * Added support for G10 ECC keys. * Fixed dumping of partial-length packets. * Added support for extra ECC curves: * Brainpool p256, p384, p512 ECDSA/ECDH * secp256k1 ECDSA/ECDH * x25519 * Fixed AEAD with newer versions of Botan. * Removed a lot of legacy code. #### CLI * rnp: Added -f/--keyfile option to load keys directly from a file. * rnp: Fixed issue with selecting G10 secret keys via userid. * rnpkeys: Added support for SM2 with arbitrary hashes. * redumper: Added -g option to dump fingerprints and grips. * redumper: Display key id/fingerprint/grip in packet listings. #### FFI * Added FFI examples. * Fixed a regression with loading subkeys directly. * Implemented support for per-signature hash and creation/expiration time. * Added AEAD support. ### 0.11.0 [2018-09-16] #### General * Remove some old SSH key support. * Add support for dynamically calculating the S2K iterations. * Add support for extracting the public key from the secret key. * Add support for merging information between keys. #### CLI * Add options for custom S2K iterations/times (dynamic by default). ### 0.10.0 [2018-08-20] #### General * Fixed some compiler warnings. * Switched armoring to use PRIVATE KEY instead of SECRET KEY. #### ECDSA * Use the matching hash to be used for the deterministic nonce generation. * Check that the input is of the expected length. * Removed the code to truncate the ECDSA input since this is now handled by Botan. #### FFI * Added enarmor and dearmor support. * Added library version retrieval. * Removed rnp_export_public_key, added rnp_key_export. ### 0.9.2 [2018-08-13] #### General * Support for generation and verification of embedded signature subpacket for signing subkeys * Verification of public key signatures and key material * Improved performance of asymmetric operations (key material is now validated on load) #### FFI * Fixed `rnp_op_add_signature` for G10 keys ### 0.9.1 [2018-07-12] #### General * Added issuer fingerprint to certifications and subkey bindings. #### CLI * Added support for keyid/fpr usage with (some) spaces and 0x prefix in operations (`--sign`, etc). #### FFI * Fixed key search by fingerprint. ### 0.9.0 [2018-06-27] * First official release. rnp-0.18.1/CMakeLists.txt000066400000000000000000000225161511004466700151520ustar00rootroot00000000000000# Copyright (c) 2018-2023 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. # 3.7+ for the BZip2 target in the cmake-bundled finder (basic build) # 3.8+ for CPACK_RPM_MAIN_COMPONENT (RPM packaging) # 3.10+ for CPackFreeBSD (FreeBSD packaging) # 3.10+ for gtest_discover_tests (parallel rnp_tests) # 3.12+ for NAMELINK_COMPONENT (for better RPM packaging) # 3.12+ for Python3 find module # 3.14+ for object library link dependency propagation # 3.18+ for OpenSSL::applink cmake_minimum_required(VERSION 3.18) # contact email, other info include(cmake/info.cmake) # determine version if (NOT EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/cmake/version.cmake") file(DOWNLOAD https://raw.githubusercontent.com/rnpgp/cmake-versioning/main/version.cmake "${CMAKE_CURRENT_SOURCE_DIR}/cmake/version.cmake") endif() include(cmake/version.cmake) determine_version("${CMAKE_CURRENT_SOURCE_DIR}" RNP) # project name, etc project(RNP VERSION "${RNP_VERSION}" LANGUAGES C CXX DESCRIPTION "${PACKAGE_DESCRIPTION_SHORT}" ) # tri-state options set(TRISTATE_VALUES On Off Auto) # options option(ENABLE_COVERAGE "Enable code coverage testing.") option(ENABLE_SANITIZERS "Enable ASan and other sanitizers.") option(ENABLE_FUZZERS "Enable fuzz targets.") option(DOWNLOAD_GTEST "Download Googletest" On) option(SYSTEM_LIBSEXPP "Use system sexpp library" OFF) # crypto components function(tristate_feature_auto NAME DESCRIPTION) set(${NAME} Auto CACHE STRING ${DESCRIPTION}) set_property(CACHE ${NAME} PROPERTY STRINGS ${TRISTATE_VALUES}) endfunction() set(ENABLE_SM2 Auto CACHE STRING "Enable SM2/SM3/SM4 algorithms support.") set_property(CACHE ENABLE_SM2 PROPERTY STRINGS ${TRISTATE_VALUES}) set(ENABLE_AEAD Auto CACHE STRING "Enable AEAD ciphers support.") set_property(CACHE ENABLE_AEAD PROPERTY STRINGS ${TRISTATE_VALUES}) set(ENABLE_TWOFISH Auto CACHE STRING "Enable Twofish cipher support.") set_property(CACHE ENABLE_TWOFISH PROPERTY STRINGS ${TRISTATE_VALUES}) set(ENABLE_BRAINPOOL Auto CACHE STRING "Enable Brainpool curves support.") set_property(CACHE ENABLE_BRAINPOOL PROPERTY STRINGS ${TRISTATE_VALUES}) set(ENABLE_IDEA Auto CACHE STRING "Enable IDEA algorithm support.") set_property(CACHE ENABLE_IDEA PROPERTY STRINGS ${TRISTATE_VALUES}) tristate_feature_auto(ENABLE_BLOWFISH "Enable Blowfish cipher support.") tristate_feature_auto(ENABLE_CAST5 "Enable CAST5 cipher support.") tristate_feature_auto(ENABLE_RIPEMD160 "Enable RIPEMD-160 hash support.") option(ENABLE_CRYPTO_REFRESH "Enable crypto-refresh support (v6)") option(ENABLE_PQC "Enable PQC support") # Note: The following two flags are only temporary and will be removed once POC is in a stable state if (DEFINED ENABLE_PQC_MLKEM_IPD) add_definitions(-DENABLE_PQC_MLKEM_IPD) endif() if (DEFINED ENABLE_PQC_DBG_LOG) add_definitions(-DENABLE_PQC_DBG_LOG) endif() set(ENABLE_DOC Auto CACHE STRING "Enable building documentation.") set_property(CACHE ENABLE_DOC PROPERTY STRINGS ${TRISTATE_VALUES}) # so we can use our bundled finders set(CMAKE_MODULE_PATH "${PROJECT_SOURCE_DIR}/cmake/Modules") # add source path prefix length to be able to crop it in logs string(LENGTH "${CMAKE_SOURCE_DIR}/" SOURCE_PATH_SIZE) add_definitions("-DSOURCE_PATH_SIZE=${SOURCE_PATH_SIZE}") # required modules include(CTest) include(FetchContent) # default to a release build if (NOT CMAKE_BUILD_TYPE) set(CMAKE_BUILD_TYPE Release CACHE STRING "Build type. Options are: None Debug Release RelWithDebInfo MinSizeRel." FORCE ) endif() # crypto backend if (NOT CRYPTO_BACKEND) set(CRYPTO_BACKEND "botan" CACHE STRING "Crypto backend. Possible values are botan and openssl. Default is botan." FORCE ) endif() string(TOLOWER ${CRYPTO_BACKEND} CRYPTO_BACKEND_LOWERCASE) if(CRYPTO_BACKEND_LOWERCASE STREQUAL "botan") # Default value; version 2 or 3 of Botan set(CRYPTO_BACKEND_BOTAN 1) elseif(CRYPTO_BACKEND_LOWERCASE STREQUAL "botan3") set(CRYPTO_BACKEND "botan") set(CRYPTO_BACKEND_LOWERCASE "botan") # Require version 3 of Botan set(CRYPTO_BACKEND_BOTAN 1) set(CRYPTO_BACKEND_BOTAN3 1) elseif(CRYPTO_BACKEND_LOWERCASE STREQUAL "openssl") set(CRYPTO_BACKEND_OPENSSL 1) else() message(FATAL_ERROR "Invalid crypto backend: ${CRYPTO_BACKEND}") endif() if(MSVC) # This works both for MSVC and CL on Windows # Recent version of MSVC toolset issues c++17 deprecation warning even if we use /std:c++11 add_compile_definitions( _CRT_SECURE_NO_WARNINGS _CRT_NONSTDC_NO_DEPRECATE _SILENCE_CXX17_C_HEADER_DEPRECATION_WARNING ) else(MSVC) # set warning flags at the top level add_compile_options( -Wall -Wextra -Wunreachable-code -Wpointer-arith -Wmissing-declarations ) # relax some warnings a bit add_compile_options( -Wno-pedantic -Wno-ignored-qualifiers -Wno-unused-parameter -Wno-missing-field-initializers ) endif(MSVC) # set a few other things at the top level to prevent incompatibilities set(CMAKE_C_STANDARD 99) if(NOT CMAKE_CXX_STANDARD) set(CMAKE_CXX_STANDARD 11) endif() set(CMAKE_CXX_STANDARD_REQUIRED ON) set(CMAKE_CXX_EXTENSIONS OFF) add_definitions(-D_GNU_SOURCE) if((ENABLE_COVERAGE OR ENABLE_SANITIZERS) AND NOT GENERATOR_IS_MULTI_CONFIG) message("Forcing build type to Debug (for code coverage or sanitizers).") set(CMAKE_BUILD_TYPE Debug CACHE STRING "Build type. Forced to Debug." FORCE) endif((ENABLE_COVERAGE OR ENABLE_SANITIZERS) AND NOT GENERATOR_IS_MULTI_CONFIG) # coverage if(ENABLE_COVERAGE) if(NOT CMAKE_CXX_COMPILER_ID STREQUAL "GNU") message(FATAL_ERROR "Coverage has only been tested with the GNU compiler.") endif() add_compile_options(--coverage -O0) link_libraries(--coverage) endif(ENABLE_COVERAGE) # sanitizers if(ENABLE_SANITIZERS) if(MSVC) add_compile_options(/fsanitize=address /Zi "$<$:/MT>" "$<$:/MTd>") add_link_options(/INCREMENTAL:NO /DEBUG) elseif (CMAKE_CXX_COMPILER_ID MATCHES "Clang") add_compile_options(-fsanitize=leak,address,undefined -fno-sanitize-recover=undefined -fno-omit-frame-pointer -fno-common -O1) link_libraries(-fsanitize=leak,address,undefined) else() message(FATAL_ERROR "Sanitizers have only been tested with the Clang compiler or Microsoft Visual Studio.") endif() endif(ENABLE_SANITIZERS) # adoc for man generation if (ENABLE_DOC) include(AdocMan) endif() # make sure that msvc set full path in __FILE__ macro if(MSVC) add_compile_options(/FC) endif() # everything else is in subdirs add_subdirectory(src/examples) if (ENABLE_FUZZERS) add_subdirectory(src/fuzzing) add_compile_options(-DFUZZERS_ENABLED=1) endif() add_subdirectory(src/common) if (SYSTEM_LIBSEXPP) find_package(PkgConfig QUIET) pkg_check_modules(SEXPP sexpp>=0.8.7 REQUIRED) find_library(SEXPP_LIBRARY NAMES "libsexpp" "sexpp" HINTS "${SEXPP_LIBRARY_DIRS}" ) add_library(sexpp UNKNOWN IMPORTED) set_target_properties(sexpp PROPERTIES INTERFACE_INCLUDE_DIRECTORIES "${SEXPP_INCLUDE_DIR}" IMPORTED_LINK_INTERFACE_LANGUAGES "CXX" IMPORTED_LOCATION "${SEXPP_LIBRARY}" ) else (SYSTEM_LIBSEXPP) # If we use system libsexpp is not used we build sexpp static library # If librnp is shared, libsexpp.a is a transient artifact which is hidden from # the end user. # If librnp is static we install libsexpp.a aside set(SAVED_BUILD_SHARED_LIBS ${BUILD_SHARED_LIBS}) set(BUILD_SHARED_LIBS OFF) set(WITH_SEXP_CLI OFF) set(WITH_SEXP_TESTS OFF) set(CMAKE_INSTALL_DEFAULT_COMPONENT_NAME development) add_subdirectory(src/libsexpp EXCLUDE_FROM_ALL) set(BUILD_SHARED_LIBS ${SAVED_BUILD_SHARED_LIBS}) endif (SYSTEM_LIBSEXPP) add_subdirectory(src/lib) add_subdirectory(src/rnp) add_subdirectory(src/rnpkeys) # build tests, if desired if (BUILD_TESTING) # Googletest source path if (NOT GTEST_SOURCES) set(GTEST_SOURCES "" CACHE STRING "Path to the Googletest sources in case of download or linking to the precompiled library is disabled." FORCE ) else() # Canonicalize path to the Googletest sources. get_filename_component(GTEST_SOURCES_FULL ${GTEST_SOURCES} REALPATH) set(GTEST_SOURCES ${GTEST_SOURCES_FULL}) endif() add_subdirectory(src/tests) endif() # cpack packaging (RPM etc) include(cmake/packaging.cmake) rnp-0.18.1/LICENSE-OCB.md000066400000000000000000000111521511004466700144110ustar00rootroot00000000000000License for OCB Usage ===================== Last updated: November 1, 2022 This license has been graciously granted by Professor Phillip Rogaway to allow users of [`rnp`](https://github.com/rnpgp/rnp) to utilize the patented [OCB](http://web.cs.ucdavis.edu/~rogaway/ocb/) blockcipher mode of operation, which simultaneously provides privacy and authenticity. While the license is irrevocable and does not expire, it is no longer necessary, since Professor Phillip Rogaway confirmed that the OCB patents are now in the public domain and officially abandoned, announced at the link below: * https://mailarchive.ietf.org/arch/msg/cfrg/qLTveWOdTJcLn4HP3ev-vrj05Vg/ This license text remains in RNP as an acknowledgement of kindness given by Professor Phillip Rogaway to make OCB available for RNP users. The license text is presented below in plain text form purely for referential purposes. The original signed license is available on request from Ribose Inc., reachable at open.source@ribose.com. This file adheres to the formatting guidelines of [readable-licenses](https://github.com/nevir/readable-licenses). OCB Patent License for Ribose Inc. ---------------------------------- 1. Definitions 1.1 "Licensor" means Phillip Rogaway, of 1212 Purdue Dr., Davis, California, USA. 1.2 "Licensed Patents" means any patent that claims priority to United States Patent Application No. 09/918,615 entitled "Method and Apparatus for Facilitating Efficient Authenticated Encryption," and any utility, divisional, provisional, continuation, continuations in part, reexamination, reissue, or foreign counterpart patents that may issue with respect to the aforesaid patent application. This includes, but is not limited to, United States Patent No. 7,046,802; United States Patent No. 7,200,227; United States Patent No. 7,949,129; United States Patent No. 8,321,675; and any patent that issues out or United States Patent Application No. 13/669,114. 1.3 "Licensee" means Ribose Inc., at Suite 1, 8/F, 10 Ice House Street, Central, Hong Kong, its affiliates, assignees, or successors in interest, or anyone using, making, copying, modifying, distributing, having made, importing, or having imported any program, software, or computer system including or based upon Open Source Software published by Ribose Inc., or their customers, suppliers, importers, manufacturers, distributors, or insurers. 1.4 "Use in Licensee Products" means using, making, copying, modifying, distributing, having made, importing or having imported any program, software, or computer system published by Licensee, which contains or is based upon Open Source Software which may include any implementation of the Licensed Patents. 1.5 "Open Source Software" means software whose source code is published and made available for inspection and use by anyone because either (a) the source code is subject to a license that permits recipients to copy, modify, and distribute the source code without payment of fees or royalties, or (b) the source code is in the public domain, including code released for public use through a CC0 waiver. All licenses certified by the Open Source Initiative at opensource.org as of January 1, 2017 and all Creative Commons licenses identified on the creativecommons.org website as of January 1, 2017, including the Public License Fallback of the CC0 waiver, satisfy these requirements for the purposes of this license. 2. Grant of License 2.1 Licensor hereby grants to Licensee a perpetual, worldwide, non-exclusive, nontransferable, non-sublicenseable, no-charge, royalty-free, irrevocable license to Use in Licensee Products any invention claimed in the Licensed Patents in any Open Source Software Implementation and in hardware as long as the Open Source Software incorporated in such hardware is freely licensed for hardware embodiment. 3. Disclaimer 3.1 LICENSEE'S USE OF THE LICENSED PATENTS IS AT LICENSEE'S OWN RISK AND UNLESS REQUIRED BY APPLICABLE LAW, LICENSOR MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE LICENSED PATENTS OR ANY PRODUCT EMBODYING ANY LICENSED PATENT, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. IN NO EVENT WILL LICENSOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE, ARISING FROM OR RELATED TO ANY USE OF THE LICENSED PATENTS, INCLUDING, WITHOUT LIMITATION, DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR SPECIAL DAMAGES, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES PRIOR TO SUCH AN OCCURRENCE. [SIGNATURE by Phillip Rogaway] Date: August 28, 2017 rnp-0.18.1/LICENSE.md000066400000000000000000000172611511004466700140170ustar00rootroot00000000000000Licenses & Copyright ==================== This license file adheres to the formatting guidelines of [readable-licenses](https://github.com/nevir/readable-licenses). Ribose's BSD 2-Clause License ----------------------------- Copyright (c) 2017-2021, [Ribose Inc](https://www.ribose.com). All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. NetBSD's BSD 2-Clause License ----------------------------- This software contains source code originating from NetPGP, which carries the following copyright notice and license. Copyright (c) 2009-2016, [The NetBSD Foundation, Inc](https://www.netbsd.org). All rights reserved. This code is derived from software contributed to The NetBSD Foundation by [Alistair Crooks](mailto:agc@NetBSD.org) Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Nominet UK's Apache 2.0 Licence ------------------------------- This software contains source code originating from NetPGP, which carries the following copyright notice and license. Copyright (c) 2005-2008 [Nominet UK](www.nic.uk) All rights reserved. Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted their moral rights under the UK Copyright Design and Patents Act 1988 to be recorded as the authors of this copyright work. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. Nominet UK's BSD 3-Clause License ------------------------------- This software contains source code originating from NetPGP, which carries the following copyright notice and license. Copyright (c) 2005 [Nominet UK](www.nic.uk) All rights reserved. Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted their moral rights under the UK Copyright Design and Patents Act 1988 to be recorded as the authors of this copyright work. This is a BSD-style Open Source licence. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The name of Nominet UK or the contributors may not be used to endorse or promote products derived from this software without specific prior written permission; and provided that the user accepts the terms of the following disclaimer: THIS SOFTWARE IS PROVIDED BY NOMINET UK AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NOMINET UK OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. MIT License for SHA-1 collision detection code ---------------------------------------------- These files are derived from [sha1collisiondetection-tools](https://github.com/cr-marcstevens/sha1collisiondetection-tools), which is distributed with this [license](https://github.com/git/sha1collisiondetection/blob/master/LICENSE.txt) reproduced below. * `src/lib/crypto/sha1cd/sha1.{c,h}` * `src/lib/crypto/sha1cd/ubc_check.{c,h}` Copyright (c) 2017: Marc Stevens Cryptology Group Centrum Wiskunde & Informatica P.O. Box 94079, 1090 GB Amsterdam, Netherlands marc@marc-stevens.nl Dan Shumow Microsoft Research danshu@microsoft.com Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. rnp-0.18.1/README.adoc000066400000000000000000000050251511004466700141730ustar00rootroot00000000000000= RNP image:https://github.com/rnpgp/rnp/workflows/macos/badge.svg["macOS Build Status", link="https://github.com/rnpgp/rnp/actions?workflow=macos"] image:https://github.com/rnpgp/rnp/workflows/ubuntu/badge.svg["Ubuntu Build Status", link="https://github.com/rnpgp/rnp/actions?workflow=ubuntu"] image:https://github.com/rnpgp/rnp/workflows/windows-native/badge.svg["Windows Native Build Status", link="https://github.com/rnpgp/rnp/actions?workflow=windows-native"] image:https://github.com/rnpgp/rnp/workflows/windows-msys2/badge.svg["Windows MSys2 Build Status", link="https://github.com/rnpgp/rnp/actions?workflow=windows-msys2"] image:https://github.com/rnpgp/rnp/workflows/nix/badge.svg["Nix Build Status", link="https://github.com/rnpgp/rnp/actions?workflow=nix"] image:https://img.shields.io/cirrus/github/rnpgp/rnp?label=freebsd&logo=cirrus%20ci["FreeBSD Build Status", link="https://cirrus-ci.com/github/rnpgp/rnp"] image:https://img.shields.io/coverity/scan/12616.svg["Coverity Scan Build Status", link="https://scan.coverity.com/projects/rnpgp-rnp"] image:https://codecov.io/gh/rnpgp/rnp/branch/main/graph/badge.svg["Code coverage", link="https://codecov.io/gh/rnpgp/rnp"] == Introduction RNP is a set of OpenPGP (RFC4880) tools that works on Linux, macOS, Windows and *BSD built with C++. `librnp` is the library used by RNP for all OpenPGP functions, useful for developers to build against, different from GPGME. == Supported Platforms Currently supported platforms: * Fedora * RHEL/CentOS * Ubuntu * NixOS / Nix * Gentoo * FreeBSD * MacOS * Windows * Debian * openSUSE Leap, openSUSE Tumbleweed * SLES == link:docs/installation.adoc[Installation] == link:docs/cli-usage.adoc[Using CLI tool] == link:docs/c-usage.adoc[Using the RNP C API in your projects] == link:docs/signing-keys.adoc[PGP keys used for signing source code] == Versioning RNP follows the http://semver.org/[semantic versioning] syntax. === Checking versions The output of `rnp --version` contains the `git` hash of the version the binary was built from, which value is generated when `cmake` runs. Consequently, a release tarball generated with `make dist` will contain this hash version. === Historic information The first version of rnp started at `0.8.0` to indicate its development completeness (or lack thereof). RNP originated as an attempt to modernize the NetPGP codebase originally created by Alistair Crooks of NetBSD in 2016. RNP has been heavily rewritten, and carries minimal if any code from the original codebase. == link:docs/code-of-conduct.adoc[Code of Conduct] rnp-0.18.1/_config.yml000066400000000000000000000000341511004466700145300ustar00rootroot00000000000000theme: jekyll-theme-leap-dayrnp-0.18.1/_typos.toml000066400000000000000000000010471511004466700146200ustar00rootroot00000000000000[default] extend-ignore-identifiers-re = [ ".*fpr.*", ".*FPR.*", ".*[0-9a-fA-F]{4,}", ] [default.extend-identifiers] validate_desig_revokes = "validate_desig_revokes" desig_rev = "desig_rev" Nominet = "Nominet" NOMINET = "NOMINET" PNGs = "PNGs" FOF = "FOF" EDE3 = "EDE3" ede3 = "ede3" ffrom = "ffrom" clen = "clen" __THW_INTEL__ = "__THW_INTEL__" [default.extend-words] MERCHANTIBILITY = "MERCHANTIBILITY" FOF = "FOF" FO = "FO" claus = "claus" desig = "desig" [files] extend-exclude = [ "src/tests/data/**", "src/libsexpp/**" ] rnp-0.18.1/ci-legacy/000077500000000000000000000000001511004466700142415ustar00rootroot00000000000000rnp-0.18.1/ci-legacy/build_package_rpm.sh000077500000000000000000000035261511004466700202360ustar00rootroot00000000000000#!/usr/bin/env bash # shellcheck disable=SC1091 set -euxo pipefail : "${BUILD_SHARED_LIBS:=off}" : "${VERBOSE:=1}" declare packaging_dependencies_yum=( rpmdevtools ) install_rpm_packaging_utils() { yum_install \ "${packaging_dependencies_yum[@]}" \ "$@" } install_packaging_dependencies() { case "${DIST}" in centos) install_rpm_packaging_utils epel-rpm-macros ;; *) install_rpm_packaging_utils esac } # NOTE: This should be done by install_noncacheable_dependencies.sh. install_build_dependencies() { "${OS}_install" } install_dependencies() { # NOTE: This is done by install_noncacheable_dependencies.sh. # install_build_dependencies install_packaging_dependencies } prepare_build_package() { install_dependencies rpmdev-setuptree export SOURCE_PATH=rnp${RNP_VERSION:+-${RNP_VERSION}} cp -a "${GITHUB_WORKSPACE}" ~/rpmbuild/SOURCES/"${SOURCE_PATH}" } build_package() { pushd ~/rpmbuild/SOURCES/"${SOURCE_PATH}" # XXX: debug command -v asciidoctor cpack -G RPM --config ./CPackSourceConfig.cmake make package VERBOSE="${VERBOSE}" popd } post_build_package() { pushd ~/rpmbuild/SOURCES/"${SOURCE_PATH}" mv ./*.src.rpm ~/rpmbuild/SRPMS/ # mkdir -p ~/rpmbuild/RPMS/noarch/ # mv *.noarch.rpm ~/rpmbuild/RPMS/noarch/ mkdir -p ~/rpmbuild/RPMS/x86_64/ mv ./*.rpm ~/rpmbuild/RPMS/x86_64/ popd } test_packages() { yum_install ~/rpmbuild/RPMS/x86_64/*.rpm } main() { # For asciidoctor: export PATH=$HOME/bin:$PATH . ci/env.inc.sh prepare_build_package export LDFLAGS='-Wl,-t' # XXX: DELETEME: for debugging only pushd ~/rpmbuild/SOURCES/"${SOURCE_PATH}" export cmakeopts=( -DBUILD_SHARED_LIBS="${BUILD_SHARED_LIBS}" -DBUILD_TESTING=no -DCPACK_GENERATOR=RPM ) build_rnp "." popd build_package post_build_package test_packages } main "$@" rnp-0.18.1/ci-legacy/env-common.inc.sh000066400000000000000000000012441511004466700174240ustar00rootroot00000000000000#!/usr/bin/env bash : "${LOCAL_BUILDS:=$HOME/local-builds}" : "${LOCAL_INSTALLS:=$HOME/local-installs}" : "${BOTAN_INSTALL:=$LOCAL_INSTALLS/botan-install}" : "${JSONC_INSTALL:=$LOCAL_INSTALLS/jsonc-install}" : "${GPG_INSTALL:=$LOCAL_INSTALLS/gpg-install}" : "${RNP_INSTALL:=$LOCAL_INSTALLS/rnp-install}" : "${CPU:=}" : "${SUDO:=}" for var in LOCAL_BUILDS LOCAL_INSTALLS BOTAN_INSTALL JSONC_INSTALL \ GPG_INSTALL RNP_INSTALL CPU SUDO; do export "${var?}" done : "${BUILD_MODE:=normal}" if [ "$BUILD_MODE" = "sanitize" ]; then export CXX=clang++ export CC=clang fi # Don't clean up tempdirs when in CI runners to save time. Unset to disable. export RNP_KEEP_TEMP=1 rnp-0.18.1/ci-legacy/env-freebsd.inc.sh000066400000000000000000000002121511004466700175400ustar00rootroot00000000000000#!/usr/bin/env sh export PATH="/usr/local/bin:$PATH" export MAKE=gmake export SUDO=sudo : "${CORES:=$(sysctl -n hw.ncpu)}" export CORES rnp-0.18.1/ci-legacy/env-linux.inc.sh000066400000000000000000000021561511004466700172760ustar00rootroot00000000000000#!/usr/bin/env bash # shellcheck disable=SC1091 : "${CORES:=$(grep -c '^$' /proc/cpuinfo)}" export CORES export MAKE=make DIST="$(get_linux_dist)" DIST_VERSION_ID="$(sh -c '. /etc/os-release && echo $VERSION_ID')" DIST_VERSION="${DIST}-${DIST_VERSION_ID}" export DIST export DIST_VERSION export DIST_VERSION_ID case "${DIST}" in centos|fedora) if command -v dnf >/dev/null; then export YUM=dnf else export YUM=yum fi export SUDO=sudo ;; ubuntu) export SUDO=sudo ;; esac # XXX: debug function for locale case "${DIST}" in fedora|centos) debuglocale() { locale -a localedef --list-archive if ! command -v diff >/dev/null; then "${YUM}" -y -q install diffutils fi bash -c 'diff -u <(localedef --list-archive | sort) <(locale -a | sort) || :' localedef -c -i "${LC_ALL%.*}" -f UTF-8 "${LC_ALL}" # Error: character map file `UTF-8' not found: No such file or directory # Error: cannot read character map directory `/usr/share/i18n/charmaps': No such file or directory locale -a | grep "${LC_ALL}" || : } ;; esac rnp-0.18.1/ci-legacy/env.inc.sh000066400000000000000000000010341511004466700161330ustar00rootroot00000000000000#!/usr/bin/env bash # shellcheck disable=SC1090 # shellcheck disable=SC1091 if [[ -z "${INCLUDED_ENV_INC_SH:-}" ]]; then . ci/utils.inc.sh . ci/env-common.inc.sh OS="$(get_os)" export OS . "ci/env-${OS}.inc.sh" : "${MAKE_PARALLEL:=$CORES}" export MAKE_PARALLEL . ci/lib/install_functions.inc.sh : "${MAKE_PARALLEL:=$CORES}" export MAKE_PARALLEL : "${CTEST_PARALLEL:=$CORES}" export CTEST_PARALLEL : "${PARALLEL_TEST_PROCESSORS:=$CORES}" export PARALLEL_TEST_PROCESSORS export INCLUDED_ENV_INC_SH=1 fi rnp-0.18.1/ci-legacy/gha/000077500000000000000000000000001511004466700150005ustar00rootroot00000000000000rnp-0.18.1/ci-legacy/gha/setup-env.inc.sh000066400000000000000000000031271511004466700200350ustar00rootroot00000000000000#!/usr/bin/env bash # shellcheck disable=SC2086,SC2129,SC2034 set -euxo pipefail # execute this script in a separate, early step LOCAL_BUILDS="${GITHUB_WORKSPACE}/builds" # To install and cache our dependencies we need an absolute path # that does not change, is writable, and resides within # GITHUB_WORKSPACE. # On macOS GITHUB_WORKSPACE includes the github runner version, # so it does not remain constant. # This causes problems with, for example, pkgconfig files # referencing paths that no longer exist. CACHE_DIR="installs" mkdir -p "${CACHE_DIR}" if [[ "${RUNNER_OS}" = "Windows" ]] then rnp_local_installs="${RUNNER_TEMP}/rnp-local-installs" else rnp_local_installs=/tmp/rnp-local-installs fi ln -s "$GITHUB_WORKSPACE/installs" "${rnp_local_installs}" LOCAL_INSTALLS="${rnp_local_installs}" # When building packages, dependencies with non-standard installation paths must # be found by the (DEB) package builder. BOTAN_INSTALL="${rnp_local_installs}/botan-install" JSONC_INSTALL="${rnp_local_installs}/jsonc-install" GPG_INSTALL="${rnp_local_installs}/gpg-install" # set this explicitly since we don't want to cache the rnp installation RNP_INSTALL="${GITHUB_WORKSPACE}/rnp-install" for var in \ LOCAL_BUILDS \ CACHE_DIR \ LOCAL_INSTALLS \ BOTAN_INSTALL \ JSONC_INSTALL \ GPG_INSTALL \ RNP_INSTALL do val="${!var}" # Replace all backslashes with forward slashes, for cmake, so the following # error would not come up: # # Invalid character escape '\a'. # if [[ "${RUNNER_OS}" = "Windows" ]] then val="${val//\\/\/}" fi echo "${var}=${val}" >> "$GITHUB_ENV" done rnp-0.18.1/ci-legacy/install.sh000077500000000000000000000001741511004466700162500ustar00rootroot00000000000000#!/usr/bin/env bash # shellcheck disable=SC1091 set -exu . ci/env.inc.sh install_static_cacheable_build_dependencies "$@" rnp-0.18.1/ci-legacy/install_cacheable_dependencies.sh000077500000000000000000000002061511004466700227210ustar00rootroot00000000000000#!/usr/bin/env bash # shellcheck disable=SC1091 set -exu . ci/env.inc.sh install_static_cacheable_build_dependencies_if_needed "$@" rnp-0.18.1/ci-legacy/install_noncacheable_dependencies.sh000077500000000000000000000002311511004466700234320ustar00rootroot00000000000000#!/usr/bin/env bash # shellcheck disable=SC1091 set -exu . ci/env.inc.sh "${OS}_install" install_static_noncacheable_build_dependencies_if_needed "$@" rnp-0.18.1/ci-legacy/lib/000077500000000000000000000000001511004466700150075ustar00rootroot00000000000000rnp-0.18.1/ci-legacy/lib/cacheable_install_functions.inc.sh000066400000000000000000000210321511004466700236160ustar00rootroot00000000000000#!/usr/bin/env bash # shellcheck disable=SC1090 # shellcheck disable=SC1091 # shellcheck disable=SC2164 # # All of the following functions install things into the # CACHE_DIR, so they could be safely skipped in case of a # cache hit. Conversely, these should not attempt to export # environment variables (unless for self consumption), nor # modify other system parts (again, unless for self # consumption), as these will not be available in case of # cache hits. install_botan() { # botan local botan_build=${LOCAL_BUILDS}/botan local botan_v=${BOTAN_VERSION::1} if [[ ! -e "${BOTAN_INSTALL}/lib/libbotan-${botan_v}.so" ]] && \ [[ ! -e "${BOTAN_INSTALL}/lib/libbotan-${botan_v}.dylib" ]] && \ [[ ! -e "${BOTAN_INSTALL}/lib/libbotan-${botan_v}.a" ]]; then if [[ -d "${botan_build}" ]]; then rm -rf "${botan_build}" fi git clone --depth 1 --branch "${BOTAN_VERSION}" https://github.com/randombit/botan "${botan_build}" local osparam=() local cpuparam=() local run=run local osslparam=() local modules="" [[ "${botan_v}" == "2" ]] && osslparam+=("--without-openssl") && modules=$(&2 echo "\$GPG_VERSION is set to invalid value: ${GPG_VERSION}" exit 1 esac popd fi } rnp-0.18.1/ci-legacy/lib/install_functions.inc.sh000066400000000000000000000531011511004466700216510ustar00rootroot00000000000000#!/usr/bin/env bash # shellcheck disable=SC1090 # shellcheck disable=SC1091 # shellcheck disable=SC2164 : "${GPG_VERSION:=stable}" : "${BUILD_SHARED_LIBS:=off}" : "${USE_STATIC_DEPENDENCIES:=}" : "${OS:=}" : "${DIST:=}" : "${DIST_VERSION:=}" : "${DIST_VERSION_ID:=}" : "${MINIMUM_CMAKE_VERSION:=3.20.0}" : "${MINIMUM_RUBY_VERSION:=3.0.0}" : "${RECOMMENDED_BOTAN_VERSION:=2.18.2}" : "${RECOMMENDED_JSONC_VERSION:=0.12.1}" : "${RECOMMENDED_CMAKE_VERSION:=3.20.5}" : "${RECOMMENDED_PYTHON_VERSION:=3.9.2}" : "${RECOMMENDED_RUBY_VERSION:=3.1.1}" : "${CMAKE_VERSION:=${RECOMMENDED_CMAKE_VERSION}}" : "${BOTAN_VERSION:=${RECOMMENDED_BOTAN_VERSION}}" : "${JSONC_VERSION:=${RECOMMENDED_JSONC_VERSION}}" : "${PYTHON_VERSION:=${RECOMMENDED_PYTHON_VERSION}}" : "${RUBY_VERSION:=${RECOMMENDED_RUBY_VERSION}}" # Should minimum automake version change # please consider release of Ribose RPM for it # [https://github.com/riboseinc/rpm-spec-automake116-automake] : "${MINIMUM_AUTOMAKE_VERSION:=1.16.3}" : "${RECOMMENDED_AUTOMAKE_VERSION:=1.16.4}" : "${AUTOMAKE_VERSION:=${RECOMMENDED_AUTOMAKE_VERSION}}" : "${VERBOSE:=1}" if [[ "${OS}" = "freebsd" ]] || \ [[ "${DIST}" = "ubuntu" ]] || \ [[ "${DIST}" = "centos" ]] || \ [[ "${DIST}" = "fedora" ]] then SUDO="${SUDO:-sudo}" else SUDO="${SUDO:-run}" fi # Simply run its arguments. run() { "$@" } . ci/lib/cacheable_install_functions.inc.sh freebsd_install() { local packages=( git readline bash gnupg devel/pkgconf wget cmake gmake autoconf automake libtool gettext-tools python lang/ruby27 ) # Note: we assume sudo is already installed "${SUDO}" pkg install -y "${packages[@]}" cd /usr/ports/devel/ruby-gems "${SUDO}" make -DBATCH RUBY_VER=2.7 install cd mkdir -p ~/.gnupg echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf dirmngr &2 echo "Error: unsupported CentOS version \"${DIST_VERSION_ID}\" (supported: 7, 8, 9). Aborting." exit 1 esac } declare util_dependencies_yum=( sudo wget git ) declare basic_build_dependencies_yum=( # cmake3 # XXX: Fedora 22+ only has cmake clang gcc gcc-c++ make autoconf libtool bzip2 gzip ribose-automake116 ) declare build_dependencies_yum=( bison byacc bzip2-devel gettext-devel ncurses-devel python3 # ruby-devel zlib-devel ) declare dynamic_build_dependencies_yum=( botan2 botan2-devel ) apt_install() { local apt_command=(apt-get -y -q install "$@") if command -v sudo >/dev/null; then sudo "${apt_command[@]}" else "${apt_command[@]}" fi } yum_install() { local yum_command=("${YUM}" -y -q install "$@") if command -v sudo >/dev/null; then sudo "${yum_command[@]}" else "${yum_command[@]}" fi } prepare_build_tool_env() { enable_llvm_toolset_7 enable_rh_ruby30 enable_ribose_automake # prepare_rbenv_env } yum_install_build_dependencies() { yum_install \ "${basic_build_dependencies_yum[@]}" \ "${build_dependencies_yum[@]}" \ "$@" if [[ "${CRYPTO_BACKEND:-}" == "openssl" ]]; then yum_install openssl-devel fi } linux_install_centos7() { yum_prepare_repos epel-release centos-release-scl centos-sclo-rh extra_dep=(cmake3 llvm-toolset-7.0 json-c12-devel rh-ruby30) yum_install_build_dependencies "${extra_dep[@]}" yum_install_dynamic_build_dependencies_if_needed ensure_automake ensure_cmake # ensure_ruby enable_rh_ruby30 rubygem_install_build_dependencies } linux_install_centos8() { "${SUDO}" "${YUM}" -y -q install 'dnf-command(config-manager)' "${SUDO}" "${YUM}" config-manager --set-enabled powertools "${SUDO}" "${YUM}" module reset ruby -y yum_prepare_repos epel-release extra_dep=(cmake texinfo json-c-devel @ruby:3.0) yum_install_build_dependencies "${extra_dep[@]}" yum_install_dynamic_build_dependencies_if_needed ensure_automake ensure_cmake # ensure_ruby ensure_symlink_to_target /usr/bin/python3 /usr/bin/python rubygem_install_build_dependencies } linux_install_centos9() { "${SUDO}" "${YUM}" -y -q install 'dnf-command(config-manager)' "${SUDO}" "${YUM}" config-manager --set-enabled crb yum_prepare_repos epel-release extra_dep=(cmake texinfo json-c-devel ruby) yum_install_build_dependencies "${extra_dep[@]}" yum_install_dynamic_build_dependencies_if_needed ensure_automake ensure_cmake # ensure_ruby rubygem_install_build_dependencies } is_use_static_dependencies() { [[ -n "${USE_STATIC_DEPENDENCIES}" ]] && \ [[ no != "${USE_STATIC_DEPENDENCIES}" ]] && \ [[ off != "${USE_STATIC_DEPENDENCIES}" ]] && \ [[ false != "${USE_STATIC_DEPENDENCIES}" ]] && \ [[ 0 != "${USE_STATIC_DEPENDENCIES}" ]] } yum_install_dynamic_build_dependencies_if_needed() { if ! is_use_static_dependencies; then yum_install_dynamic_build_dependencies fi } install_static_noncacheable_build_dependencies_if_needed() { if is_use_static_dependencies; then install_static_noncacheable_build_dependencies "$@" fi } install_static_cacheable_build_dependencies_if_needed() { if is_use_static_dependencies || [[ "$#" -gt 0 ]]; then USE_STATIC_DEPENDENCIES=true install_static_cacheable_build_dependencies "$@" fi } install_static_cacheable_build_dependencies() { prepare_build_tool_env mkdir -p "$LOCAL_BUILDS" local default=(jsonc gpg) if [[ "${CRYPTO_BACKEND:-}" != "openssl" ]]; then default=(botan "${default[@]}") fi local items=("${@:-${default[@]}}") for item in "${items[@]}"; do install_"$item" done } install_static_noncacheable_build_dependencies() { mkdir -p "$LOCAL_BUILDS" local default=(asciidoctor) local items=("${@:-${default[@]}}") for item in "${items[@]}"; do install_"$item" done } rubygem_install_build_dependencies() { install_asciidoctor } yum_install_dynamic_build_dependencies() { yum_install \ "${dynamic_build_dependencies_yum[@]}" # Work around pkg-config giving out wrong include path for json-c: ensure_symlink_to_target /usr/include/json-c12 /usr/include/json-c } # Make sure cmake is at least 3.14+ as required by rnp # Also make sure ctest is available. # If not, build cmake from source. ensure_cmake() { ensure_symlink_to_target /usr/bin/cmake3 /usr/bin/cmake ensure_symlink_to_target /usr/bin/cpack3 /usr/bin/cpack local cmake_version cmake_version=$({ command -v cmake >/dev/null && command cmake --version || \ command -v cmake3 >/dev/null && command cmake3 --version } | head -n1 | cut -f3 -d' ' ) local need_to_build_cmake= # Make sure ctest is also in PATH. If not, build cmake from source. # TODO: Check CentOS7 tests in GHA. if ! command -v ctest >/dev/null; then >&2 echo "ctest not found." need_to_build_cmake=1 elif ! is_version_at_least cmake "${MINIMUM_CMAKE_VERSION}" echo "${cmake_version}"; then >&2 echo "cmake version lower than ${MINIMUM_CMAKE_VERSION}." need_to_build_cmake=1 fi if [[ "${need_to_build_cmake}" != 1 ]]; then CMAKE="$(command -v cmake)" >&2 echo "cmake rebuild is NOT needed." return fi >&2 echo "cmake rebuild is needed." pushd "$(mktemp -d)" || return 1 install_prebuilt_cmake Linux-x86_64 # build_and_install_cmake command -v cmake popd # Abort if ctest still not found. if ! command -v ctest >/dev/null; then >&2 echo "Error: ctest not found. Aborting." exit 1 fi } # E.g. for i386 # NOTE: Make sure cmake's build prerequisites are installed. build_and_install_cmake() { local cmake_build=${LOCAL_BUILDS}/cmake mkdir -p "${cmake_build}" pushd "${cmake_build}" wget https://github.com/Kitware/CMake/releases/download/v"${CMAKE_VERSION}"/cmake-"${CMAKE_VERSION}".tar.gz -O cmake.tar.gz tar xzf cmake.tar.gz --strip 1 PREFIX="${PREFIX:-/usr}" mkdir -p "${PREFIX}" ./configure --prefix="${PREFIX}" && ${MAKE} -j"${MAKE_PARALLEL}" && "${SUDO}" make install popd CMAKE="${PREFIX}"/bin/cmake } # 'arch' corresponds to the last segment of GitHub release URL install_prebuilt_cmake() { local arch="${1:?Missing architecture}" local cmake_build=${LOCAL_BUILDS}/cmake mkdir -p "${cmake_build}" pushd "${cmake_build}" curl -L -o \ cmake.sh \ https://github.com/Kitware/CMake/releases/download/v"${CMAKE_VERSION}"/cmake-"${CMAKE_VERSION}"-"${arch}".sh PREFIX="${PREFIX:-/usr}" mkdir -p "${PREFIX}" "${SUDO}" sh cmake.sh --skip-license --prefix="${PREFIX}" popd CMAKE="${PREFIX}"/bin/cmake } build_and_install_python() { python_build=${LOCAL_BUILDS}/python mkdir -p "${python_build}" pushd "${python_build}" curl -L -o python.tar.xz https://www.python.org/ftp/python/"${PYTHON_VERSION}"/Python-"${PYTHON_VERSION}".tar.xz tar -xf python.tar.xz --strip 1 ./configure --enable-optimizations --prefix=/usr && ${MAKE} -j"${MAKE_PARALLEL}" && "${SUDO}" make install ensure_symlink_to_target /usr/bin/python3 /usr/bin/python popd } # Make sure automake is at least $MINIMUM_AUTOMAKE_VERSION (1.16.3) as required by GnuPG 2.3 # - We assume that on fedora/centos ribose rpm was used (see basic_build_dependencies_yum) # - If automake version is less then required automake build it from source ensure_automake() { local using_ribose_automake= enable_ribose_automake local automake_version= automake_version=$({ command -v automake >/dev/null && command automake --version } | head -n1 | cut -f4 -d' ' ) local need_to_build_automake= if ! is_version_at_least automake "${MINIMUM_AUTOMAKE_VERSION}" echo "${automake_version}"; then >&2 echo "automake version lower than ${MINIMUM_AUTOMAKE_VERSION}." need_to_build_automake=1 fi if [[ "${need_to_build_automake}" != 1 ]]; then >&2 echo "automake rebuild is NOT needed." return fi # Disable and automake116 from Ribose's repository as that may be too old. if [[ "${using_ribose_automake}" == 1 ]]; then >&2 echo "ribose-automake116 does not meet version requirements, disabling and removing." . /opt/ribose/ribose-automake116/disable "${SUDO}" rpm -e ribose-automake116 using_ribose_automake=0 fi >&2 echo "automake rebuild is needed." pushd "$(mktemp -d)" || return 1 build_and_install_automake command -v automake popd } enable_ribose_automake() { case "${DIST}" in centos|fedora) if rpm --quiet -q ribose-automake116 && [[ "$PATH" != */opt/ribose/ribose-automake116/root/usr/bin* ]]; then ACLOCAL_PATH=$(scl enable ribose-automake116 -- aclocal --print-ac-dir):$(rpm --eval '%{_datadir}/aclocal') export ACLOCAL_PATH . /opt/ribose/ribose-automake116/enable >&2 echo "Ribose automake was enabled." using_ribose_automake=1 fi ;; esac } enable_llvm_toolset_7() { if [[ "${DIST_VERSION}" == "centos-7" ]] && \ rpm --quiet -q llvm-toolset-7.0 && \ [[ "$PATH" != */opt/rh/llvm-toolset-7.0/root/usr/bin* ]]; then . /opt/rh/llvm-toolset-7.0/enable fi } enable_rh_ruby30() { if [[ "${DIST_VERSION}" == "centos-7" ]] && \ rpm --quiet -q rh-ruby30 && \ [[ "$PATH" != */opt/rh/rh-ruby30/root/usr/bin* ]]; then . /opt/rh/rh-ruby30/enable PATH=$HOME/bin:$PATH export PATH export SUDO_GEM="run" fi } build_and_install_automake() { # automake automake_build=${LOCAL_BUILDS}/automake mkdir -p "${automake_build}" pushd "${automake_build}" curl -L -o automake.tar.xz "https://ftp.gnu.org/gnu/automake/automake-${AUTOMAKE_VERSION}.tar.xz" tar -xf automake.tar.xz --strip 1 ./configure --enable-optimizations --prefix=/usr "${MAKE}" -j"${MAKE_PARALLEL}" "${SUDO}" "${MAKE}" install popd } # json-c is installed with install_jsonc # asciidoctor is installed with install_asciidoctor linux_install_ubuntu() { "${SUDO}" apt-get update apt_install \ "${util_dependencies_ubuntu[@]}" \ "${basic_build_dependencies_ubuntu[@]}" \ "${build_dependencies_ubuntu[@]}" \ "$@" ubuntu_install_dynamic_build_dependencies_if_needed ensure_automake } ubuntu_install_dynamic_build_dependencies_if_needed() { if ! is_use_static_dependencies; then ubuntu_install_dynamic_build_dependencies fi } ubuntu_install_dynamic_build_dependencies() { apt_install \ "${dynamic_build_dependencies_ubuntu[@]}" } declare util_dependencies_ubuntu=() declare util_dependencies_deb=( sudo wget git software-properties-common # botan # Debian 9 does not have botan in default repos? ) declare basic_build_dependencies_ubuntu=( build-essential cmake ) declare basic_build_dependencies_deb=( autoconf automake build-essential curl libtool ) declare build_dependencies_ubuntu=( gettext libbz2-dev libncurses-dev python3 python3-venv ruby-dev zlib1g-dev ) declare dynamic_build_dependencies_ubuntu=( botan libbotan-2-dev ) declare build_dependencies_deb=( # botan # Debian 9 does not have botan in default repos? gettext libbz2-dev libncurses5-dev libssl-dev python3 python3-venv ruby-dev zlib1g-dev ) declare ruby_build_dependencies_ubuntu=( bison curl libbz2-dev libssl-dev rubygems zlib1g-dev ) declare ruby_build_dependencies_deb=( bison curl libbz2-dev libssl-dev rubygems zlib1g-dev ) linux_install_debian() { "${SUDO}" apt-get update apt_install \ "${util_dependencies_deb[@]}" \ "${basic_build_dependencies_deb[@]}" \ "${build_dependencies_deb[@]}" \ "$@" if [ "${CC-gcc}" = "clang" ]; then # Add apt.llvm.org repository and install clang # We may use https://packages.debian.org/stretch/clang-3.8 as well but this package gets installed to # /usr/lib/clang... and requires update-alternatives which would be very ugly considering CC/CXX environment # settings coming from yaml already wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key|sudo apt-key add - ${SUDO} apt-add-repository "deb http://apt.llvm.org/stretch/ llvm-toolchain-stretch main" ${SUDO} apt-get install -y clang fi ensure_automake ensure_ruby ensure_cmake } linux_install() { if type "linux_install_${DIST}" | grep -qwi 'function'; then "linux_install_${DIST}" fi } msys_install() { local packages=( tar git automake autoconf libtool automake-wrapper gnupg2 make pkg-config p7zip mingw64/mingw-w64-x86_64-cmake mingw64/mingw-w64-x86_64-python3 ) if [ "${CC}" = "gcc" ]; then packages+=(mingw64/mingw-w64-x86_64-gcc mingw64/mingw-w64-x86_64-libbotan mingw64/mingw-w64-x86_64-json-c ) else packages+=(clang64/mingw-w64-clang-x86_64-clang clang64/mingw-w64-clang-x86_64-openmp clang64/mingw-w64-clang-x86_64-libc++ clang64/mingw-w64-clang-x86_64-libbotan clang64/mingw-w64-clang-x86_64-json-c clang64/mingw-w64-clang-x86_64-libsystre ) fi pacman --noconfirm -S --needed "${packages[@]}" } # Mainly for all python scripts with shebangs pointing to # 'python', which is # unavailable in CentOS 8 by default. # # This creates an environment where straight 'python' is available. prepare_python_virtualenv() { python3 -m venv ~/.venv } # Run its arguments inside a python-virtualenv-enabled sub-shell. run_in_python_venv() { if [[ ! -e ~/.venv ]] || [[ ! -f ~/.venv/bin/activate ]]; then prepare_python_virtualenv fi ( # Avoid issues like '_OLD_VIRTUAL_PATH: unbound variable' set +u . ~/.venv/bin/activate set -u "$@" ) } install_asciidoctor() { gem_install asciidoctor } declare ruby_build_dependencies_yum=( zlib zlib-devel patch readline-devel libyaml-devel libffi-devel openssl-devel bzip2 bison curl sqlite-devel which # for rbenv-doctor ) ensure_ruby() { if is_version_at_least ruby "${MINIMUM_RUBY_VERSION}" command ruby -e 'puts RUBY_VERSION'; then return fi if [[ "${DIST_VERSION}" = fedora-20 ]]; then ruby_build_dependencies_yum+=(--enablerepo=updates-testing) fi case "${DIST}" in centos|fedora) yum_install "${ruby_build_dependencies_yum[@]}" setup_rbenv rbenv install -v "${RUBY_VERSION}" rbenv global "${RUBY_VERSION}" rbenv rehash "${SUDO}" chown -R "$(whoami)" "$(rbenv prefix)" ;; debian) apt_install "${ruby_build_dependencies_deb[@]}" ;; ubuntu) apt_install "${ruby_build_dependencies_ubuntu[@]}" ;; *) # TODO: handle ubuntu? >&2 echo "Error: Need to install ruby ${MINIMUM_RUBY_VERSION}+" exit 1 esac } # shellcheck disable=SC2016 setup_rbenv() { pushd "$(mktemp -d)" || return 1 local rbenv_rc=$HOME/setup_rbenv.sh git clone https://github.com/sstephenson/rbenv.git ~/.rbenv echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> "${rbenv_rc}" echo 'eval "$($HOME/.rbenv/bin/rbenv init -)"' >> "${rbenv_rc}" git clone https://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> "${rbenv_rc}" echo ". \"${rbenv_rc}\"" >> ~/.bash_profile prepare_rbenv_env # Verify rbenv is set up correctly curl -fsSL https://github.com/rbenv/rbenv-installer/raw/master/bin/rbenv-doctor | bash popd || return 1 } prepare_rbenv_env() { case "${DIST}" in centos|fedora) local rbenv_rc=$HOME/setup_rbenv.sh [[ ! -r "${rbenv_rc}" ]] || . "${rbenv_rc}" ;; esac if command -v rbenv >/dev/null; then rbenv rehash fi } is_version_at_least() { local bin_name="${1:?Missing bin name}"; shift local version_constraint="${1:?Missing version constraint}"; shift local need_to_build=0 if ! command -v "${bin_name}"; then >&2 echo "Warning: ${bin_name} not installed." need_to_build=1 fi local installed_version installed_version_major installed_version_minor #version_patch installed_version="$("$@")" # shellcheck disable=SC2181 # shellcheck disable=SC2295 if [[ $? -ne 0 ]]; then need_to_build=1 else installed_version_major="${installed_version%%.*}" installed_version_minor="${installed_version#*.}" installed_version_minor="${installed_version_minor%%.*}" installed_version_minor="${installed_version_minor:-0}" installed_version_patch="${installed_version#${installed_version_major}.}" installed_version_patch="${installed_version_patch#${installed_version_minor}}" installed_version_patch="${installed_version_patch#[.-]}" installed_version_patch="${installed_version_patch%%[.-]*}" installed_version_patch="${installed_version_patch:-0}" local need_version_major need_version_major="${version_constraint%%.*}" need_version_minor="${version_constraint#*.}" need_version_minor="${need_version_minor%%.*}" need_version_minor="${need_version_minor:-0}" need_version_patch="${version_constraint##*.}" need_version_patch="${version_constraint#${need_version_major}.}" need_version_patch="${need_version_patch#${need_version_minor}}" need_version_patch="${need_version_patch#.}" need_version_patch="${need_version_patch%%.*}" need_version_patch="${need_version_patch:-0}" # Naive semver comparison if [[ "${installed_version_major}" -lt "${need_version_major}" ]] || \ [[ "${installed_version_major}" = "${need_version_major}" && "${installed_version_minor}" -lt "${need_version_minor}" ]] || \ [[ "${installed_version_major}.${installed_version_minor}" = "${need_version_major}.${need_version_minor}" && "${installed_version_patch}" -lt "${need_version_patch}" ]]; then need_to_build=1 fi fi if [[ 1 = "${need_to_build}" ]]; then >&2 echo "Warning: Need to build ${bin_name} since version constraint ${version_constraint} not met." else >&2 echo "No need to build ${bin_name} since version constraint ${version_constraint} is met." fi return "${need_to_build}" } # Install specified gem. # Use rbenv when available. Otherwise use system 'gem', and use 'sudo' # depending on OS. # Set SUDO_GEM to 'sudo' to force use of sudo. # Set SUDO_GEM to 'run' to disable sudo. gem_install() { local gem_name="${1:?Missing gem name}" local bin_name="${2:-${gem_name}}" if ! command -v "${bin_name}" >/dev/null; then if command -v rbenv >/dev/null; then gem install "${gem_name}" rbenv rehash else "${SUDO_GEM:-${SUDO:-run}}" gem install "${gem_name}" fi fi } build_rnp() { # shellcheck disable=SC2154 "${CMAKE:-cmake}" "${cmakeopts[@]}" "${1:-.}" } make_install() { make -j"${MAKE_PARALLEL}" install "$@" } is_true_cmake_bool() { local arg="${1:?Missing parameter}" case "${arg}" in yes|on|true|y) true ;; no|off|false|n) false ;; *) >&2 echo "Warning: unrecognized boolean expression ($arg). Continuing and interpreting as 'false' anyway." false esac } rnp-0.18.1/ci-legacy/local.sh000077500000000000000000000004651511004466700156770ustar00rootroot00000000000000#!/bin/bash set -eux : "${GPG_VERSION:=stable}" : "${BUILD_MODE:=normal}" rsync -a /usr/local/rnp /tmp sudo -iu travis bash -x </dev/null 2>&1; then lsb_release -si | tr '[:upper:]' '[:lower:]' fi } # If target does not exist, create symlink from source to target. ensure_symlink_to_target() { local from="${1:?Missing source}" local to="${2:?Missing target}" if [[ -e "${from}" && ! -e "${to}" ]]; then if ! sudo ln -s "${from}" "${to}" then >&2 echo "Error: ${to} still not available after symlink. Aborting." exit 1 fi fi } rnp-0.18.1/ci/000077500000000000000000000000001511004466700127775ustar00rootroot00000000000000rnp-0.18.1/ci/botan-modules000066400000000000000000000004461511004466700154770ustar00rootroot00000000000000aead aes auto_rng bigint blowfish camellia cast128 cbc cfb crc24 curve25519 des dl_algo dl_group dsa eax ecc_key ecdh ecdsa ed25519 elgamal eme_pkcs1 emsa_pkcs1 emsa_raw ffi hash hmac hmac_drbg idea kdf md5 ocb pgp_s2k rfc3394 rmd160 rsa sha1 sha2_32 sha2_64 sha3 sm2 sm3 sm4 sp800_56a twofish rnp-0.18.1/ci/botan3-modules000066400000000000000000000004571511004466700155640ustar00rootroot00000000000000aead aes auto_rng bigint blowfish camellia cast128 cbc cfb crc24 curve25519 des dl_algo dl_group dsa eax ecc_key ecdh ecdsa ed25519 elgamal eme_pkcs1 emsa_pkcs1 emsa_raw ffi hash raw_hash hmac hmac_drbg idea kdf md5 ocb pgp_s2k rfc3394 rmd160 rsa sha1 sha2_32 sha2_64 sha3 sm2 sm3 sm4 sp800_56a twofish rnp-0.18.1/ci/botan3-pqc-modules000066400000000000000000000005541511004466700163430ustar00rootroot00000000000000aead aes auto_rng bigint blowfish camellia cast128 cbc cfb crc24 curve25519 des dl_algo dl_group dsa eax ecc_key ecdh ecdsa ed25519 elgamal eme_pkcs1 emsa_pkcs1 emsa_raw ffi hash raw_hash hmac hmac_drbg idea kdf md5 ocb pgp_s2k rfc3394 rmd160 rsa sha1 sha2_32 sha2_64 sha3 sm2 sm3 sm4 sp800_56a twofish kyber dilithium sphincsplus_sha2 sphincsplus_shake hkdf kmac rnp-0.18.1/ci/build_tarball.sh000077500000000000000000000050141511004466700161360ustar00rootroot00000000000000#!/usr/bin/env bash set -euxo pipefail # Manually build source tarball. # It may be run via the following command from the folder which contains this script (./rnp/ci-legacy for now): # docker run -it -v $(pwd):/opt/scripts:ro -v /tmp/rnp-artifacts:/opt/artifacts ghcr.io/rnpgp/ci-rnp-fedora-38-amd64 bash # # .. and then typing /opt/scripts/build_tarball.sh v0.17.1 # Paths to cleanup from the RNP repository. declare -a CLEAN_PATHS=( ".cirrus.yml" ".clang-format" ".codespellrc" ".editorconfig" ".git" ".gitattributes" ".github" ".gitignore" ".gitmodules" ".config.yml" "_config.yml" "ci" "ci-legacy" "codecov.yml" "git-hooks" "src/libsexpp/.git" "src/libsexpp/.gitattributes" "src/libsexpp/.github" "src/libsexpp/codecov.yml" "src/libsexpp/.gitignore" "src/libsexpp/.clangformat" ) is_version() { [[ "$1" =~ ^v[0-9]+(\.[0-9]+)*$ ]] } # Check whether artifacts dir exists RNP_ART="/opt/artifacts" if [ ! -d "${RNP_ART}" ]; then >&2 echo "Error: artifacts dir ${RNP_ART} doesn't exist. Create or mount it before running the script." exit 1 fi # Get the branch or tag name, main by default and setup paths. RNP_URL="https://github.com/rnpgp/rnp.git" RNP_REF=${1:-main} RNP_PATH="/opt/rnp-${RNP_REF}" # Clone echo "Cloning ref ${RNP_REF} to ${RNP_PATH}..." git clone --branch "${RNP_REF}" --depth 1 --single-branch --recurse-submodules "${RNP_URL}" "${RNP_PATH}" # Cleanup files which are not needed in the tarball for path in "${CLEAN_PATHS[@]}"; do echo "Removing ${RNP_PATH}/${path}..." rm -rf "${RNP_PATH:?}/${path}" done # Create tarball RNP_BLD="/opt/rnp-build" rm -rf "${RNP_BLD}" cmake -B "${RNP_BLD}" -DBUILD_SHARED_LIBS=ON -DBUILD_TESTING=OFF "${RNP_PATH}" cpack -B "${RNP_BLD}" -G TGZ --config "${RNP_BLD}/CPackSourceConfig.cmake" # Check whether tarball builds # cpack would use semantic versioning for file names, i.e. rnp-v0.17.1 RNP_TGZ=$(find "${RNP_BLD}" -maxdepth 1 -type f -name '*.tar.gz' | head -n 1) RNP_CHK="/opt/rnp-check" rm -rf "${RNP_CHK}" mkdir -p "${RNP_CHK}" tar -xzf "${RNP_TGZ}" -C "${RNP_CHK}" RNP_UNP=$(find "${RNP_CHK}" -mindepth 1 -maxdepth 1 -type d | head -n 1) cmake -B "${RNP_CHK}"/build -DBUILD_SHARED_LIBS=ON -DBUILD_TESTING=ON "${RNP_UNP}" cmake --build "${RNP_CHK}"/build --parallel "$(nproc)" # Copy artifacts to the /opt/artifacts cp "${RNP_TGZ}" "${RNP_ART}" # Calculate sha256 sums pushd "${RNP_ART}" RNP_SHA="$(basename "${RNP_TGZ%.tar.gz}.sha256")" sha256sum "$(basename "${RNP_TGZ}")" > "${RNP_SHA}" popd rnp-0.18.1/ci/tests/000077500000000000000000000000001511004466700141415ustar00rootroot00000000000000rnp-0.18.1/ci/tests/ci-tests.sh000077500000000000000000000126671511004466700162470ustar00rootroot00000000000000#! /bin/bash # # Copyright (c) 2023 [Ribose Inc](https://www.ribose.com). # All rights reserved. # This file is a part of rnp # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. set -o errexit -o pipefail -o noclobber -o nounset DIR0="$( cd "$( dirname "$0" )" && pwd )" # shellcheck disable=SC2034 SHUNIT_PARENT="$0" # Defaults applicable to 'normal' installation and not build environment : "${BOTAN_INSTALL:=/usr}" : "${JSONC_INSTALL:=/usr}" : "${RNP_INSTALL:=/usr}" : "${ENABLE_SM2:=}" : "${ENABLE_IDEA:=}" test_symbol_visibility() { case "$OSTYPE" in msys|cygwin) mkdir tmp wget -O tmp/Dependencies_x64_Release.zip https://github.com/lucasg/Dependencies/releases/download/v1.10/Dependencies_x64_Release.zip 7z x tmp/Dependencies_x64_Release.zip -otmp tmp/Dependencies -exports "$RNP_INSTALL"/bin/librnp.dll > exports rm -rf tmp ;; darwin*) nm --defined-only -g "$RNP_INSTALL"/lib/librnp.dylib > exports ;; *) nm --defined-only -g "$RNP_INSTALL"/lib64/librnp*.so > exports esac assertEquals "Unexpected: 'dst_close' is in exports" 0 "$(grep -c dst_close exports)" assertEquals "Unexpected: 'Botan' is in exports" 0 "$(grep -c Botan exports)" assertEquals "Unexpected: 'OpenSSL' is in exports" 0 "$(grep -c OpenSSL exports)" assertEquals "Unexpected: 'rnp_version_string_full' is not in exports" 1 "$(grep -c rnp_version_string_full exports)" rm -f exports } test_supported_features() { # Make sure that we support all features which should be supported supported=( RSA ELGAMAL DSA ECDH ECDSA EDDSA \ TRIPLEDES CAST5 BLOWFISH AES128 AES192 AES256 CAMELLIA128 CAMELLIA192 CAMELLIA256 \ MD5 SHA1 RIPEMD160 SHA256 SHA384 SHA512 SHA224 SHA3-256 SHA3-512 \ ZIP ZLIB BZip2 \ "NIST P-256" "NIST P-384" "NIST P-521" Ed25519 Curve25519 secp256k1 \ OCB) # Old versions say ${unsupported[@]} is unbound if empty unsupported=( NOOP ) # Features to ignore in testing ignored=( NOOP ) botan_only=( TWOFISH EAX ) brainpool=( brainpoolP256r1 brainpoolP384r1 brainpoolP512r1 ) sm2=( SM2 SM4 SM3 "SM2 P-256" ) # SM2 if [[ "$ENABLE_SM2" == "Off" ]]; then unsupported+=("${sm2[@]}") elif [[ "${CRYPTO_BACKEND:-}" == "openssl" ]]; then unsupported+=("${sm2[@]}") else supported+=("${sm2[@]}") fi # IDEA if [[ "$ENABLE_IDEA" == "Off" ]]; then unsupported+=(IDEA) else supported+=(IDEA) fi case "$OSTYPE" in msys|cygwin) so_folder="bin" support+=("${brainpool[@]}") # OpenSSL on msys doesn't seem to have legacy provider anymore if [[ "${CRYPTO_BACKEND:-}" == "openssl" ]]; then ignored+=( CAST5 BLOWFISH IDEA ) fi ;; darwin*) so_folder="lib" support+=("${brainpool[@]}") ;; *) so_folder="lib64" # botan_only+=("${brainpool[@]}") esac if [[ "${CRYPTO_BACKEND:-}" == "openssl" ]]; then unsupported+=("${botan_only[@]}") library_path="${JSONC_INSTALL}/$so_folder:${RNP_INSTALL}/$so_folder" else supported+=("${botan_only[@]}") library_path="${BOTAN_INSTALL}/$so_folder:${JSONC_INSTALL}/$so_folder:${RNP_INSTALL}/$so_folder" fi # For darwin we assume that LC_RPATH is added with @executable_dir/../lib if [[ ! "$OSTYPE" == darwin* ]]; then export LD_LIBRARY_PATH="$library_path${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}" fi "$RNP_INSTALL"/bin/rnp --version > rnp-version for feature in "${supported[@]}" do if [[ "${ignored[*]}" == *${feature}* ]]; then continue fi fea="$(grep -ci "$feature" rnp-version)" assertTrue "Unexpected unsupported feature: '$feature'" "[[ $fea -ge 1 ]]" done for feature in "${unsupported[@]}" do if [[ "${ignored[*]}" == *${feature}* ]]; then continue fi fea="$(grep -ci "$feature" rnp-version)" assertTrue "Unexpected supported feature: '$feature'" "[[ $fea == 0 ]]" done rm -f rnp-version } # ...................................................................... # shellcheck source=/dev/null . "$DIR0"/shunit2/shunit2 rnp-0.18.1/ci/tests/deb-tests.sh000077500000000000000000000063051511004466700163760ustar00rootroot00000000000000#! /bin/bash # # Copyright (c) 2023 [Ribose Inc](https://www.ribose.com). # All rights reserved. # This file is a part of rnp # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. set -o errexit -o pipefail -o noclobber -o nounset DIR0="$( cd "$( dirname "$0" )" && pwd )" # Defaults applicable to 'normal' installation and not build environment : "${INSTALL_PREFIX:=/usr}" DIR_LIB="$INSTALL_PREFIX/lib/x86_64-linux-gnu" DIR_INC="$INSTALL_PREFIX/include/rnp" DIR_BIN="$INSTALL_PREFIX/bin" #DIR_MAN="$INSTALL_PREFIX/share/man" DIR_CMAKE="$INSTALL_PREFIX/lib/x86_64-linux-gnu/cmake/rnp" declare expected_libraries=( "$DIR_LIB/librnp.so.0" ) declare expected_devlibraries=( "$DIR_LIB/librnp.so" "$DIR_LIB/pkgconfig/librnp.pc" ) declare expected_includes=( "$DIR_INC/rnp.h" "$DIR_INC/rnp_err.h" "$DIR_INC/rnp_export.h" ) declare expected_cmakefiles=( "$DIR_CMAKE/rnp-config.cmake" "$DIR_CMAKE/rnp-config-version.cmake" "$DIR_CMAKE/rnp-targets.cmake" "$DIR_CMAKE/rnp-targets-release.cmake" ) declare expected_binaries=( "$DIR_BIN/rnp" "$DIR_BIN/rnpkeys" ) # Man page installation does not work as expected #declare expected_manuals=( # "$DIR_MAN/man3/librnp.3.gz" # "$DIR_MAN/man1/rnp.1.gz" # "$DIR_MAN/man1/rnpkeys.1.gz" #) t_installed_files() { local f= for f in "$@" do assertTrue "$f was not installed" "[ -e $f ]" done } test_installed_files_librnp() { # shellcheck disable=SC2046 sudo dpkg -i $(ls ./*.deb) || sudo apt-get -y -f install t_installed_files "${expected_libraries[@]}" t_installed_files "${expected_devlibraries[@]}" t_installed_files "${expected_includes[@]}" t_installed_files "${expected_cmakefiles[@]}" t_installed_files "${expected_binaries[@]}" # Man page installation does not work as expected # t_installed_files "${expected_manuals[@]}" sudo dpkg -r rnp0 } # ...................................................................... # shellcheck source=/dev/null . "$DIR0"/shunit2/shunit2 rnp-0.18.1/ci/tests/pk-tests.sh000077500000000000000000000103551511004466700162560ustar00rootroot00000000000000#! /bin/bash # # Copyright (c) 2023-2025 [Ribose Inc](https://www.ribose.com). # All rights reserved. # This file is a part of rnp # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. set -o errexit -o pipefail -o noclobber -o nounset DIR0="$( cd "$( dirname "$0" )" && pwd )" # Defaults applicable to 'normal' installation and not build environment : "${INSTALL_PREFIX:=/usr}" DIR_CMAKE="$INSTALL_PREFIX/lib64/cmake/rnp" create_source_file() { cat <<"EOF" > find_package_test.cpp #include #include int main(int argc, char *argv[]) { printf("RNP version: %s\n", rnp_version_string()); printf("RNP backend: %s\n", RNP_BACKEND); printf("RNP backend version: %s\n", RNP_BACKEND_VERSION); printf("RNP has AEAD: %d\n", RNP_HAS_AEAD); return 0; } EOF } create_cmake_file() { cat <<"EOF" > CMakeLists.txt project(find_package_test) find_package(PkgConfig REQUIRED) find_package(BZip2 REQUIRED) find_package(ZLIB REQUIRED) pkg_check_modules(JSONC IMPORTED_TARGET json-c12) if(NOT JSONC_FOUND) pkg_check_modules(JSONC REQUIRED IMPORTED_TARGET json-c) endif(NOT JSONC_FOUND) add_library(JSON-C::JSON-C INTERFACE IMPORTED) set_target_properties(JSON-C::JSON-C PROPERTIES INTERFACE_LINK_LIBRARIES PkgConfig::JSONC) pkg_check_modules(Botan REQUIRED IMPORTED_TARGET botan-2) add_library(Botan::Botan INTERFACE IMPORTED) set_target_properties(Botan::Botan PROPERTIES INTERFACE_LINK_LIBRARIES PkgConfig::Botan) find_package(rnp REQUIRED) cmake_minimum_required(VERSION 3.12) add_executable(find_package_test find_package_test.cpp) EOF echo "target_link_libraries(find_package_test $1)">>CMakeLists.txt } test_shared_library() { sudo yum -y localinstall librnp0-0*.*.rpm librnp0-devel-0*.*.rpm pushd "$(mktemp -d)" create_source_file create_cmake_file 'rnp::librnp' # shellcheck disable=SC2251 ! cmake . -DCMAKE_MODULE_PATH="$DIR_CMAKE"/* assertEquals "cmake failed at shared library test" 0 "${PIPESTATUS[0]}" # shellcheck disable=SC2251 ! make assertEquals "make failed at shared library test" 0 "${PIPESTATUS[0]}" # shellcheck disable=SC2251 ! ./find_package_test assertEquals "test program failed at shared library test" 0 "${PIPESTATUS[0]}" # shellcheck disable=SC2251 ! ldd find_package_test | grep librnp assertEquals "no reference to shared rnp library at shared library test" 0 "${PIPESTATUS[1]}" popd # shellcheck disable=SC2046 sudo yum -y erase $(rpm -qa | grep rnp) } test_no_library() { pushd "$(mktemp -d)" create_source_file create_cmake_file 'rnp::librnp' # shellcheck disable=SC2251 ! cmake . -DCMAKE_MODULE_PATH="$DIR_CMAKE"/* assertNotEquals "cmake succeeded at no library test" 0 "${PIPESTATUS[0]}" popd } # ...................................................................... # shellcheck source=/dev/null . "$DIR0"/shunit2/shunit2 rnp-0.18.1/ci/tests/pkg-tests.sh000077500000000000000000000062151511004466700164250ustar00rootroot00000000000000#! /bin/bash # # Copyright (c) 2023 [Ribose Inc](https://www.ribose.com). # All rights reserved. # This file is a part of rnp # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. set -o errexit -o pipefail -o noclobber -o nounset DIR0="$( cd "$( dirname "$0" )" && pwd )" # Defaults applicable to 'normal' installation and not build environment : "${INSTALL_PREFIX:=/usr/local}" DIR_LIB="$INSTALL_PREFIX/lib" DIR_INC="$INSTALL_PREFIX/include/rnp" DIR_BIN="$INSTALL_PREFIX/bin" # DIR_MAN="$INSTALL_PREFIX/share/man" DIR_CMAKE="$INSTALL_PREFIX/lib/cmake/rnp" declare expected_libraries=( "$DIR_LIB/librnp.so.0" ) declare expected_devlibraries=( "$DIR_LIB/librnp.so" "$DIR_LIB/pkgconfig/librnp.pc" ) declare expected_includes=( "$DIR_INC/rnp.h" "$DIR_INC/rnp_err.h" "$DIR_INC/rnp_export.h" ) declare expected_cmakefiles=( "$DIR_CMAKE/rnp-config.cmake" "$DIR_CMAKE/rnp-config-version.cmake" "$DIR_CMAKE/rnp-targets.cmake" "$DIR_CMAKE/rnp-targets-release.cmake" ) declare expected_binaries=( "$DIR_BIN/rnp" "$DIR_BIN/rnpkeys" ) # Installation of man files does not work as expected #declare expected_manuals=( # "$DIR_MAN/man3/librnp.3.gz" # "$DIR_MAN/man1/rnp.1.gz" # "$DIR_MAN/man1/rnpkeys.1.gz" #) t_installed_files() { local f= for f in "$@" do assertTrue "$f was not installed" "[ -e $f ]" done } test_installed_files_librnp() { # shellcheck disable=SC2046 pkg add $(ls ./*.pkg) t_installed_files "${expected_libraries[@]}" t_installed_files "${expected_devlibraries[@]}" t_installed_files "${expected_includes[@]}" t_installed_files "${expected_cmakefiles[@]}" t_installed_files "${expected_binaries[@]}" # Installation of man files does not work as expected # t_installed_files "${expected_manuals[@]}" pkg delete rnp0 } # ...................................................................... # shellcheck source=/dev/null . "$DIR0"/shunit2/shunit2 rnp-0.18.1/ci/tests/rpm-tests.sh000077500000000000000000000077261511004466700164520ustar00rootroot00000000000000#! /bin/bash # # Copyright (c) 2023 [Ribose Inc](https://www.ribose.com). # All rights reserved. # This file is a part of rnp # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. set -o errexit -o pipefail -o noclobber -o nounset DIR0="$( cd "$( dirname "$0" )" && pwd )" # Defaults applicable to 'normal' installation and not build environment : "${INSTALL_PREFIX:=/usr}" : "${BOTAN_INSTALL:=$INSTALL_PREFIX}" : "${JSONC_INSTALL:=$INSTALL_PREFIX}" : "${RNP_INSTALL:=$INSTALL_PREFIX}" : "${ENABLE_SM2:=}" : "${ENABLE_IDEA:=}" DIR_LIB="$INSTALL_PREFIX/lib64" DIR_INC="$INSTALL_PREFIX/include/rnp" DIR_BIN="$INSTALL_PREFIX/bin" DIR_MAN="$INSTALL_PREFIX/share/man" DIR_CMAKE="$INSTALL_PREFIX/lib64/cmake/rnp" declare expected_libraries=( "$DIR_LIB/librnp.so.0" ) declare expected_devlibraries=( "$DIR_LIB/librnp.so" "$DIR_LIB/pkgconfig/librnp.pc" ) declare expected_includes=( "$DIR_INC/rnp.h" "$DIR_INC/rnp_err.h" "$DIR_INC/rnp_export.h" ) declare expected_cmakefiles=( "$DIR_CMAKE/rnp-config.cmake" "$DIR_CMAKE/rnp-config-version.cmake" "$DIR_CMAKE/rnp-targets.cmake" "$DIR_CMAKE/rnp-targets-release.cmake" ) declare expected_binaries=( "$DIR_BIN/rnp" "$DIR_BIN/rnpkeys" ) declare expected_manuals=( "$DIR_MAN/man3/librnp.3.gz" "$DIR_MAN/man1/rnp.1.gz" "$DIR_MAN/man1/rnpkeys.1.gz" ) test_installed_files() { local f= for f in "$@" do assertTrue "$f was not installed" "[ -e $f ]" done } test_installed_files_librnp() { sudo yum -y localinstall librnp0-0*.*.rpm test_installed_files "${expected_libraries[@]}" # shellcheck disable=SC2046 sudo yum -y erase $(rpm -qa | grep rnp) } test_installed_files_librnp-devel() { sudo yum -y localinstall librnp0-0*.*.rpm librnp0-devel-0*.*.rpm test_installed_files "${expected_libraries[@]}" test_installed_files "${expected_devlibraries[@]}" test_installed_files "${expected_includes[@]}" test_installed_files "${expected_cmakefiles[@]}" # shellcheck disable=SC2046 sudo yum -y erase $(rpm -qa | grep rnp) } test_installed_files_rnp() { sudo yum -y localinstall librnp0-0*.*.rpm rnp0-0*.*.rpm test_installed_files "${expected_libraries[@]}" test_installed_files "${expected_binaries[@]}" # shellcheck disable=SC2046 sudo yum -y erase $(rpm -qa | grep rnp) } test_installed_files_doc() { # in case the nodocs transaction flag is set in the yum configuration sudo yum --setopt=tsflags='' -y install man-db sudo yum --setopt=tsflags='' -y localinstall rnp-*-doc.rpm test_installed_files "${expected_manuals[@]}" # shellcheck disable=SC2046 sudo yum -y erase $(rpm -qa | grep rnp) } # ...................................................................... # shellcheck source=/dev/null . "$DIR0"/shunit2/shunit2 rnp-0.18.1/ci/utf8-manifest000066400000000000000000000005301511004466700154120ustar00rootroot00000000000000 UTF-8 rnp-0.18.1/cmake/000077500000000000000000000000001511004466700134645ustar00rootroot00000000000000rnp-0.18.1/cmake/CTestCostData.txt000066400000000000000000000307631511004466700167030ustar00rootroot00000000000000rnp_tests.hash_test_success 1 0.0523389 rnp_tests.cipher_test_success 1 0.0527984 rnp_tests.pkcs1_rsa_test_success 1 0.115839 rnp_tests.rnp_test_eddsa 1 0.0525285 rnp_tests.rnp_test_x25519 1 0.0669975 rnp_tests.raw_elgamal_random_key_test_success 1 10.9527 rnp_tests.ecdsa_signverify_success 1 0.0972991 rnp_tests.ecdh_roundtrip 1 0.0830944 rnp_tests.ecdh_decryptionNegativeCases 1 0.0617576 rnp_tests.sm2_roundtrip 1 0.0636458 rnp_tests.sm2_sm3_signature_test 1 0.060542 rnp_tests.sm2_sha256_signature_test 1 0.0602844 rnp_tests.test_dsa_roundtrip 1 22.338 rnp_tests.test_dsa_verify_negative 1 0.68138 rnp_tests.s2k_iteration_tuning 1 8.38086 rnp_tests.s2k_iteration_encode_decode 1 0.0494878 rnp_tests.test_validate_key_material 1 2.77391 rnp_tests.test_sm2_enabled 1 0.0514602 rnp_tests.test_aead_enabled 1 0.0479014 rnp_tests.test_idea_enabled 1 0.0501038 rnp_tests.test_twofish_enabled 1 0.0480356 rnp_tests.test_brainpool_enabled 1 0.0489269 rnp_tests.test_windows_botan_crash 1 0.0503856 rnp_tests.test_cipher_idea 1 0.0676931 rnp_tests.test_cipher_aes_128_ocb 1 0.0573161 rnp_tests.test_cipher_aes_128_cbc 1 0.0494284 rnp_tests.test_cipher_aes_128_cbc_nopadding 1 0.058429 rnp_tests.test_cli_rnp_keyfile 1 0.637305 rnp_tests.test_cli_g10_operations 1 4.91057 rnp_tests.test_cli_rnpkeys_unicode 1 0.054029 rnp_tests.test_cli_rnp 1 0.177541 rnp_tests.test_cli_examples 1 1.91233 rnp_tests.test_cli_rnpkeys 1 0.183342 rnp_tests.test_cli_rnpkeys_genkey 1 1.87305 rnp_tests.test_cli_dump 1 0.0697788 rnp_tests.test_cli_logname 1 0.0488487 rnp_tests.rnpkeys_exportkey_verifyUserId 1 0.154042 rnp_tests.test_ffi_homedir 1 0.0590592 rnp_tests.test_ffi_detect_key_format 1 0.0560153 rnp_tests.test_ffi_load_keys 1 0.101535 rnp_tests.test_ffi_clear_keys 1 0.0658103 rnp_tests.test_ffi_save_keys 1 0.0769988 rnp_tests.test_ffi_load_save_keys_to_utf8_path 1 0.0685385 rnp_tests.test_ffi_add_userid 1 0.100773 rnp_tests.test_ffi_signatures_memory 1 0.0876108 rnp_tests.test_ffi_signatures 1 0.0895412 rnp_tests.test_ffi_signatures_detached_memory 1 0.0875415 rnp_tests.test_ffi_signatures_detached 1 0.0874103 rnp_tests.test_ffi_signatures_dump 1 0.0553215 rnp_tests.test_ffi_locate_key 1 0.0553068 rnp_tests.test_ffi_signatures_detached_memory_g10 1 0.0877412 rnp_tests.test_ffi_enarmor_dearmor 1 0.0634234 rnp_tests.test_ffi_dearmor_edge_cases 1 0.0507168 rnp_tests.test_ffi_customized_enarmor 1 0.0516225 rnp_tests.test_ffi_version 1 0.0532891 rnp_tests.test_ffi_backend_version 1 0.0530111 rnp_tests.test_ffi_key_export_customized_enarmor 1 0.39427 rnp_tests.test_ffi_key_dump 1 0.0604133 rnp_tests.test_ffi_key_dump_edge_cases 1 0.0504537 rnp_tests.test_ffi_key_userid_dump_has_no_special_chars 1 0.146249 rnp_tests.test_ffi_pkt_dump 1 0.0558848 rnp_tests.test_ffi_rsa_v3_dump 1 0.0520718 rnp_tests.test_ffi_load_userattr 1 0.0532674 rnp_tests.test_ffi_revocations 1 0.0593614 rnp_tests.test_ffi_file_output 1 0.0728863 rnp_tests.test_ffi_stdout_output 1 0.0593097 rnp_tests.test_ffi_import_keys_check_pktlen 1 0.0552982 rnp_tests.test_ffi_calculate_iterations 1 0.21543 rnp_tests.test_ffi_supported_features 1 0.0529641 rnp_tests.test_ffi_output_to_armor 1 0.0565657 rnp_tests.test_ffi_rnp_guess_contents 1 0.0534077 rnp_tests.test_ffi_literal_filename 1 0.0881614 rnp_tests.test_ffi_op_set_hash 1 0.0888381 rnp_tests.test_ffi_op_set_compression 1 0.0899419 rnp_tests.test_ffi_aead_params 1 0.525284 rnp_tests.test_ffi_detached_verify_input 1 0.0587825 rnp_tests.test_ffi_detached_cleartext_signed_input 1 0.0860166 rnp_tests.test_ffi_op_verify_sig_count 1 0.286351 rnp_tests.test_ffi_op_verify_get_protection_info 1 0.434788 rnp_tests.test_ffi_op_verify_recipients_info 1 0.353337 rnp_tests.test_ffi_secret_sig_import 1 0.116603 rnp_tests.test_ffi_rnp_request_password 1 0.0551474 rnp_tests.test_ffi_mdc_8k_boundary 1 0.121587 rnp_tests.test_ffi_decrypt_wrong_mpi_bits 1 0.132672 rnp_tests.test_ffi_decrypt_edge_cases 1 0.131205 rnp_tests.test_ffi_key_remove 1 0.0848727 rnp_tests.test_ffi_literal_packet 1 0.0553639 rnp_tests.test_ffi_exception 1 0.0546118 rnp_tests.test_ffi_key_protection_change 1 1.47754 rnp_tests.test_ffi_set_log_fd 1 0.0528121 rnp_tests.test_ffi_security_profile 1 0.0545962 rnp_tests.test_result_to_string 1 0.0527323 rnp_tests.test_ffi_wrong_hex_length 1 0.0524465 rnp_tests.test_ffi_encrypt_pass 1 0.753094 rnp_tests.test_ffi_encrypt_pass_provider 1 0.617646 rnp_tests.test_ffi_encrypt_set_cipher 1 1.0805 rnp_tests.test_ffi_encrypt_pk 1 0.0753 rnp_tests.test_ffi_decrypt_pk_unlocked 1 0.419285 rnp_tests.test_ffi_encrypt_pk_key_provider 1 0.0952935 rnp_tests.test_ffi_encrypt_and_sign 1 0.433342 rnp_tests.test_ffi_encrypt_pk_subkey_selection 1 0.101834 rnp_tests.test_ffi_decrypt_small_rsa 1 0.0998147 rnp_tests.test_ffi_decrypt_small_eg 1 0.157271 rnp_tests.test_ffi_encrypt_no_wrap 1 0.111417 rnp_tests.test_ffi_v5_signatures 1 0.0794383 rnp_tests.test_ffi_mimemode_signature 1 0.0663755 rnp_tests.test_ffi_uid_properties 1 0.0899315 rnp_tests.test_ffi_uid_validity 1 0.0963514 rnp_tests.test_ffi_remove_uid 1 0.0842163 rnp_tests.test_ffi_key_signatures 1 0.0837253 rnp_tests.test_ffi_import_signatures 1 0.0788825 rnp_tests.test_ffi_export_revocation 1 0.274347 rnp_tests.test_ffi_sig_validity 1 0.0738878 rnp_tests.test_ffi_get_signature_type 1 0.0638204 rnp_tests.test_ffi_remove_signature 1 0.0623069 rnp_tests.test_ffi_remove_signatures 1 0.0973207 rnp_tests.test_ffi_rsa_small_sig 1 0.0562124 rnp_tests.test_ffi_key_critical_notations 1 0.060853 rnp_tests.test_ffi_key_import_invalid_issuer 1 0.0552745 rnp_tests.test_ffi_add_revoker_signature 1 0.275702 rnp_tests.test_ffi_create_revocation_signature 1 0.381889 rnp_tests.test_ffi_key_set_expiry_multiple_uids 1 0.228723 rnp_tests.test_ffi_key_primary_uid_conflict 1 0.0521879 rnp_tests.test_ffi_key_expired_certification_and_direct_sig 1 0.0560315 rnp_tests.test_ffi_key_25519_tweaked_bits 1 0.0598532 rnp_tests.test_ffi_key_revoke 1 0.241907 rnp_tests.test_ffi_key_set_expiry 1 0.9013 rnp_tests.test_ffi_key_get_protection_info 1 0.27357 rnp_tests.test_ffi_key_default_subkey 1 0.069285 rnp_tests.test_ffi_rnp_key_get_primary_grip 1 0.0573444 rnp_tests.test_ffi_rnp_key_get_primary_fprint 1 0.0587336 rnp_tests.test_ffi_keygen_json_pair 1 0.100727 rnp_tests.test_ffi_keygen_json_pair_dsa_elg 1 1.2046 rnp_tests.test_ffi_keygen_json_primary 1 0.0570528 rnp_tests.test_ffi_keygen_json_sub 1 0.105896 rnp_tests.test_ffi_keygen_json_edge_cases 1 0.481129 rnp_tests.test_ffi_key_generate_misc 1 1.36571 rnp_tests.test_ffi_sec_key_offline_operations 1 0.0578503 rnp_tests.test_ffi_key_generate_rsa 1 0.450796 rnp_tests.test_ffi_key_generate_dsa 1 1.64626 rnp_tests.test_ffi_key_generate_ecdsa 1 0.0596838 rnp_tests.test_ffi_key_generate_eddsa 1 0.0528663 rnp_tests.test_ffi_key_generate_sm2 1 0.0638762 rnp_tests.test_ffi_key_generate_ex 1 1.34571 rnp_tests.test_ffi_key_generate_expiry_32bit 1 0.411246 rnp_tests.test_ffi_key_generate_algnamecase 1 5.67423 rnp_tests.test_ffi_key_generate_protection 1 2.10103 rnp_tests.test_ffi_keygen_json_sub_pass_required 1 0.64867 rnp_tests.test_ffi_key_to_json 1 0.0600828 rnp_tests.test_ffi_key_iter 1 0.0595189 rnp_tests.test_ffi_key_export 1 0.0682494 rnp_tests.test_ffi_keys_import 1 0.140811 rnp_tests.test_ffi_elgamal4096 1 0.0969759 rnp_tests.test_ffi_malformed_keys_import 1 0.0974172 rnp_tests.test_ffi_iterated_key_import 1 0.0849072 rnp_tests.test_ffi_stripped_keys_import 1 0.0618674 rnp_tests.test_ffi_key_import_edge_cases 1 0.0666304 rnp_tests.test_ffi_key_import_gpg_s2k 1 0.171083 rnp_tests.test_ffi_key_export_autocrypt 1 0.0843988 rnp_tests.test_ffi_keys_import_autocrypt 1 0.0807794 rnp_tests.test_ffi_keys_load_armored_spaces 1 0.0639208 rnp_tests.test_ffi_sha1_self_signatures 1 0.0566181 rnp_tests.test_reprotect_keys 1 0.169671 rnp_tests.test_v5_keys 1 0.113168 rnp_tests.test_v5_keys_g23 1 0.0564502 rnp_tests.test_v5_sec_keys 1 0.174487 rnp_tests.test_ffi_designated_revokers 1 0.100705 rnp_tests.test_armored_keys_extra_line 1 0.0545483 rnp_tests.test_rnp_mkstemp 1 0.0576969 rnp_tests.test_rnp_access 1 0.0543398 rnp_tests.rnpkeys_generatekey_testSignature 1 1.88765 rnp_tests.rnpkeys_generatekey_testEncryption 1 0.897512 rnp_tests.rnpkeys_generatekey_verifySupportedHashAlg 1 1.53802 rnp_tests.rnpkeys_generatekey_verifyUserIdOption 1 0.816156 rnp_tests.rnpkeys_generatekey_verifykeyHomeDirOption 1 0.266885 rnp_tests.rnpkeys_generatekey_verifykeyKBXHomeDirOption 1 0.253346 rnp_tests.rnpkeys_generatekey_verifykeyHomeDirNoPermission 1 0.156128 rnp_tests.rnpkeys_generatekey_testExpertMode 1 3.81493 rnp_tests.generatekeyECDSA_explicitlySetSmallOutputDigest_DigestAlgAdjusted 1 0.0674681 rnp_tests.generatekey_multipleUserIds_ShouldFail 1 0.0532007 rnp_tests.generatekeyECDSA_explicitlySetBiggerThanNeededDigest_ShouldSucceed 1 0.0640942 rnp_tests.generatekeyECDSA_explicitlySetUnknownDigest_ShouldFail 1 0.0544535 rnp_tests.test_generated_key_sigs 1 0.18236 rnp_tests.test_kbx_nsigs 1 1.03666 rnp_tests.test_key_add_userid 1 0.105604 rnp_tests.key_grip 1 0.178417 rnp_tests.test_key_prefs 1 0.085376 rnp_tests.test_key_protect_load_pgp 1 0.786529 rnp_tests.test_key_protect_sec_data 1 2.02161 rnp_tests.test_key_store_search 1 0.086772 rnp_tests.test_key_store_search_by_name 1 0.0843624 rnp_tests.test_key_unlock_pgp 1 0.142326 rnp_tests.test_key_validate 1 0.103531 rnp_tests.test_forged_key_validate 1 0.102657 rnp_tests.test_key_validity 1 0.0875055 rnp_tests.test_key_expiry_direct_sig 1 0.201829 rnp_tests.test_large_packet 1 20.5213 rnp_tests.test_large_mpi_rsa_pub 1 0.176607 rnp_tests.test_large_mpi_rsa_priv 1 9.62606 rnp_tests.test_invalid_g10 1 0.0866966 rnp_tests.test_load_g10 1 1.08319 rnp_tests.test_load_g23 1 1.06343 rnp_tests.test_invalid_kbx 1 0.068871 rnp_tests.test_load_v3_keyring_pgp 1 0.0617961 rnp_tests.test_load_v4_keyring_pgp 1 0.0715585 rnp_tests.test_load_keyring_and_count_pgp 1 0.105306 rnp_tests.test_load_check_bitfields_and_times 1 0.0920945 rnp_tests.test_load_check_bitfields_and_times_v3 1 0.0799522 rnp_tests.test_load_armored_pub_sec 1 0.0953846 rnp_tests.test_load_merge 1 0.268064 rnp_tests.test_load_public_from_secret 1 0.0899589 rnp_tests.test_key_import 1 0.342799 rnp_tests.test_load_subkey 1 0.08391 rnp_tests.test_log_switch 1 0.0707515 rnp_tests.test_partial_length_public_key 1 0.0614488 rnp_tests.test_partial_length_signature 1 0.0892692 rnp_tests.test_partial_length_first_packet_256 1 0.0876096 rnp_tests.test_partial_length_zero_last_chunk 1 0.0874438 rnp_tests.test_partial_length_largest 1 5.25782 rnp_tests.test_partial_length_first_packet_length 1 0.0810939 rnp_tests.test_pipe 1 0.0655857 rnp_tests.test_pipe_source_error 1 0.0920565 rnp_tests.test_pipe_dest_error 1 0.106324 rnp_tests.test_rng_randomness 1 0.0624024 rnp_tests.test_s2k_iterations 1 1.41568 rnp_tests.test_stream_memory 1 0.0609506 rnp_tests.test_stream_memory_discard 1 0.0587289 rnp_tests.test_stream_file 1 0.0612378 rnp_tests.test_stream_signatures 1 0.199259 rnp_tests.test_stream_signatures_revoked_key 1 0.052128 rnp_tests.test_stream_key_load 1 0.0555243 rnp_tests.test_stream_key_load_errors 1 0.692865 rnp_tests.test_stream_key_decrypt 1 0.491147 rnp_tests.test_stream_key_encrypt 1 0.0651694 rnp_tests.test_stream_key_signatures 1 0.0619741 rnp_tests.test_stream_key_signature_validate 1 0.154242 rnp_tests.test_stream_verify_no_key 1 0.0993917 rnp_tests.test_y2k38 1 0.0569696 rnp_tests.test_stream_dumper_y2k38 1 0.0517309 rnp_tests.test_stream_dumper 1 0.0681261 rnp_tests.test_stream_z 1 30.9159 rnp_tests.test_stream_814_dearmor_double_free 1 0.0739404 rnp_tests.test_stream_825_dearmor_blank_line 1 0.0689359 rnp_tests.test_stream_dearmor_edge_cases 1 0.0539575 rnp_tests.test_stream_deep_packet_nesting 1 1.94024 rnp_tests.test_stream_cache 1 0.0552622 rnp_tests.test_load_user_prefs 1 0.0838552 rnp_tests.test_utils_hex2bin 1 0.107712 rnp_tests.test_rnpcfg 1 0.0779768 rnp_tests.test_rnpcfg_get_expiration 1 0.0595168 rnp_tests.issue_1030_rnpkeys_secret_keys_unprotected 1 0.505222 rnp_tests.test_issue_1115 1 0.0747748 rnp_tests.test_issue_1171_key_import_and_remove 1 0.063471 rnp_tests.test_sxp_depth 1 0.0555312 rnp_tests.test_fuzz_keyring 1 6.54323 rnp_tests.test_fuzz_keyring_g10 1 0.0573533 rnp_tests.test_fuzz_keyring_kbx 1 0.0680579 rnp_tests.test_fuzz_keyimport 1 5.97236 rnp_tests.test_fuzz_sigimport 1 0.0686642 rnp_tests.test_fuzz_dump 1 2.30632 rnp_tests.test_fuzz_verify_detached 1 0.0784368 rnp_tests.test_fuzz_verify 1 6.48424 setupTestData 1 0.0687747 cli_tests-SignDefault 1 19.551 cli_tests-SignDSA 1 13.4998 cli_tests-EncryptElgamal 1 6.53392 cli_tests-Keystore 1 33.1293 cli_tests-Encryption 1 85.3769 cli_tests-Compression 1 30.5547 cli_tests-EncryptEcdh 1 5.21128 cli_tests-SignECDSA 1 5.14117 cli_tests-EncryptSignRSA 1 3.70823 cli_tests-Misc 1 46.4489 --- rnp-0.18.1/cmake/Modules/000077500000000000000000000000001511004466700150745ustar00rootroot00000000000000rnp-0.18.1/cmake/Modules/AdocMan.cmake000066400000000000000000000116661511004466700174120ustar00rootroot00000000000000# Copyright (c) 2021 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. #.adoc: # add_adoc_man # ----------- # # Convert adoc manual page to troff and install it via the custom target. # # Parameters # ^^^^^^^^^^ # Required parameter is source with markdown file. Must have md extension with man category prepended, i.e. something like ${CMAKE_SOURCE_DIR}/src/utility.1.adoc # DST - optional parameter, which overrides where generated man will be stored. # If not specified then will be automatically set to ${CMAKE_BINARY_DIR}/src/utility.1 # # Generated man page will be installed via the target, named man_utility # set(ADOCCOMMAND_FOUND 0) find_program(ADOCCOMMAND_PATH NAMES asciidoctor DOC "Path to AsciiDoc processor. Used to generate man pages from AsciiDoc." ) if(NOT EXISTS ${ADOCCOMMAND_PATH}) set(ADOC_MISSING_MSG "AsciiDoc processor not found, man pages will not be generated. Install asciidoctor or use the CMAKE_PROGRAM_PATH variable.") string(TOLOWER "${ENABLE_DOC}" ENABLE_DOC) if (ENABLE_DOC STREQUAL "auto") message(WARNING ${ADOC_MISSING_MSG}) elseif(ENABLE_DOC) message(FATAL_ERROR ${ADOC_MISSING_MSG}) endif() else() set(ADOCCOMMAND_FOUND 1) endif() function(add_adoc_man SRC COMPONENT_VERSION) if (NOT ${ADOCCOMMAND_FOUND}) return() endif() cmake_parse_arguments( ARGS "" "DST" "" ${ARGN} ) set(ADOC_EXT ".adoc") get_filename_component(FILE_NAME ${SRC} NAME) # The following procedures check against the expected file name # pattern: "{name}.{man-number}.adoc", and builds to a # destination file "{name}.{man-number}". # Check SRC extension get_filename_component(END_EXT ${SRC} LAST_EXT) string(COMPARE EQUAL ${END_EXT} ${ADOC_EXT} _equal) if (NOT _equal) message(FATAL_ERROR "SRC must have ${ADOC_EXT} extension.") endif() # Check man number get_filename_component(EXTS ${SRC} EXT) string(REGEX MATCH "^\.([1-9])\.+$" _matches ${EXTS}) set(MAN_NUM ${CMAKE_MATCH_1}) if (NOT _matches) message(FATAL_ERROR "Man file with wrong name pattern: ${FILE_NAME} must be in format {name}.[0-9]${ADOC_EXT}.") endif() # Set target name get_filename_component(TARGET_NAME ${SRC} NAME_WE) string(PREPEND TARGET_NAME "man_") # Build output path if not specified. if(NOT DST) get_filename_component(SRC_PREFIX ${SRC} DIRECTORY) # Ensure that SRC_PREFIX is within CMAKE_SOURCE_DIR if(NOT(SRC_PREFIX MATCHES "^${CMAKE_SOURCE_DIR}")) message(FATAL_ERROR "Cannot build DST path as SRC is outside of the CMake sources dir.") endif() STRING(REGEX REPLACE "^${CMAKE_SOURCE_DIR}/" "" SUBDIR_PATH ${SRC}) # Strip '.adoc' from the output subpath get_filename_component(SUBDIR_PATH_NAME_WLE ${SUBDIR_PATH} NAME_WLE) get_filename_component(SUBDIR_PATH_DIRECTORY ${SUBDIR_PATH} DIRECTORY) set(DST "${CMAKE_BINARY_DIR}/${SUBDIR_PATH_DIRECTORY}/${SUBDIR_PATH_NAME_WLE}") endif() # Check conformance of destination file name to pattern get_filename_component(FILE_NAME_WE ${SRC} NAME_WE) get_filename_component(MAN_FILE_NAME ${DST} NAME) if(NOT(MAN_FILE_NAME MATCHES "^${FILE_NAME_WE}.${MAN_NUM}$")) message(FATAL_ERROR "File name of a man page must be in the format {name}.{man-number}${ADOC_EXT}.") endif() add_custom_command( OUTPUT ${DST} COMMAND ${ADOCCOMMAND_PATH} -b manpage ${SRC} -o ${DST} -a component-version=${COMPONENT_VERSION} DEPENDS ${SRC} WORKING_DIRECTORY ${CMAKE_BINARY_DIR} COMMENT "Generating man page ${SUBDIR_PATH_DIRECTORY}/${SUBDIR_PATH_NAME_WLE}" VERBATIM ) add_custom_target("${TARGET_NAME}" ALL DEPENDS ${DST}) install(FILES ${DST} DESTINATION "${CMAKE_INSTALL_FULL_MANDIR}/man${MAN_NUM}" COMPONENT doc ) endfunction(add_adoc_man) rnp-0.18.1/cmake/Modules/FindBotan.cmake000066400000000000000000000124001511004466700177370ustar00rootroot00000000000000# Copyright (c) 2018-2020 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. #.rst: # FindBotan # ----------- # # Find the botan-2 or botan-3 library. # # IMPORTED Targets # ^^^^^^^^^^^^^^^^ # # This module defines :prop_tgt:`IMPORTED` targets: # # ``Botan::Botan`` # The botan-2 or botan-3 library, if found. # # Result variables # ^^^^^^^^^^^^^^^^ # # This module defines the following variables: # # :: # # BOTAN_FOUND - true if the headers and library were found # BOTAN_INCLUDE_DIRS - where to find headers # BOTAN_LIBRARIES - list of libraries to link # Botan_VERSION - library version that was found, if any # # Hints # ^^^^^ # # These variables may be set to control search behaviour: # # ``BOTAN_ROOT_DIR`` # Set to the root directory of the Botan installation. # # use pkg-config to get the directories and then use these values # in the find_path() and find_library() calls find_package(PkgConfig QUIET) # Search for the version 2 first unless version 3 requested if(NOT "${Botan_FIND_VERSION_MAJOR}" EQUAL "3") pkg_check_modules(PC_BOTAN QUIET botan-2) set(_suffixes "botan-2" "botan-3") set(_names "botan-2" "libbotan-2" "botan-3" "libbotan-3") else() set(_suffixes "botan-3") set(_names "botan-3" "libbotan-3") endif() if(NOT PC_BOTAN_FOUND) pkg_check_modules(PC_BOTAN QUIET botan-3) endif() if(DEFINED BOTAN_ROOT_DIR) set(_hints_include "${BOTAN_ROOT_DIR}/include") set(_hints_lib "${BOTAN_ROOT_DIR}/lib") endif() if(DEFINED ENV{BOTAN_ROOT_DIR}) list(APPEND _hints_include "$ENV{BOTAN_ROOT_DIR}/include") list(APPEND _hints_lib "$ENV{BOTAN_ROOT_DIR}/lib") endif() # Append PC_* stuff only if BOTAN_ROOT_DIR is not specified if(NOT _hints_include) list(APPEND _hints_include ${PC_BOTAN_INCLUDEDIR} ${PC_BOTAN_INCLUDE_DIRS}) list(APPEND _hints_lib ${PC_BOTAN_LIBDIR} ${PC_BOTAN_LIBRARY_DIRS}) else() set(_no_def_path "NO_DEFAULT_PATH") endif() # find the headers find_path(BOTAN_INCLUDE_DIR NAMES botan/version.h HINTS ${_hints_include} PATH_SUFFIXES ${_suffixes} ${_no_def_path} ) # find the library if(MSVC) find_library(BOTAN_LIBRARY NAMES botan ${_names} HINTS ${_hints_lib} ${_no_def_path} ) else() find_library(BOTAN_LIBRARY NAMES ${_names} HINTS ${_hints_lib} ${_no_def_path} ) endif() # determine the version if(BOTAN_INCLUDE_DIR AND EXISTS "${BOTAN_INCLUDE_DIR}/botan/build.h") file(STRINGS "${BOTAN_INCLUDE_DIR}/botan/build.h" botan_version_str REGEX "^#define[\t ]+(BOTAN_VERSION_[A-Z]+)[\t ]+[0-9]+") string(REGEX REPLACE ".*#define[\t ]+BOTAN_VERSION_MAJOR[\t ]+([0-9]+).*" "\\1" _botan_version_major "${botan_version_str}") string(REGEX REPLACE ".*#define[\t ]+BOTAN_VERSION_MINOR[\t ]+([0-9]+).*" "\\1" _botan_version_minor "${botan_version_str}") string(REGEX REPLACE ".*#define[\t ]+BOTAN_VERSION_PATCH[\t ]+([0-9]+).*" "\\1" _botan_version_patch "${botan_version_str}") set(Botan_VERSION "${_botan_version_major}.${_botan_version_minor}.${_botan_version_patch}" CACHE INTERNAL "The version of Botan which was detected") endif() include(FindPackageHandleStandardArgs) find_package_handle_standard_args(Botan REQUIRED_VARS BOTAN_LIBRARY BOTAN_INCLUDE_DIR VERSION_VAR Botan_VERSION ) if (BOTAN_FOUND) set(BOTAN_INCLUDE_DIRS ${BOTAN_INCLUDE_DIR} ${PC_BOTAN_INCLUDE_DIRS}) set(BOTAN_LIBRARIES ${BOTAN_LIBRARY}) endif() if (BOTAN_FOUND AND NOT TARGET Botan::Botan) # create the new library target add_library(Botan::Botan UNKNOWN IMPORTED) # set the required include dirs for the target if (BOTAN_INCLUDE_DIRS) set_target_properties(Botan::Botan PROPERTIES INTERFACE_INCLUDE_DIRECTORIES "${BOTAN_INCLUDE_DIRS}" ) endif() # set the required libraries for the target if (EXISTS "${BOTAN_LIBRARY}") set_target_properties(Botan::Botan PROPERTIES IMPORTED_LINK_INTERFACE_LANGUAGES "C" IMPORTED_LOCATION "${BOTAN_LIBRARY}" ) endif() endif() mark_as_advanced(BOTAN_INCLUDE_DIR BOTAN_LIBRARY) rnp-0.18.1/cmake/Modules/FindGnuPG.cmake000066400000000000000000000110671511004466700176640ustar00rootroot00000000000000# Copyright (c) 2018 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. #.rst: # FindGnuPG # ----------- # # Find GnuPG executables. # # Imported targets # ^^^^^^^^^^^^^^^^ # # This module defines the following :prop_tgt:`IMPORTED` targets: # # :: # # GnuPG:: - the component executable that was requested (default is just 'gpg') # ## Result variables # ^^^^^^^^^^^^^^^^ # # This module always defines the following variables: # # :: # # GNUPG_VERSION - version that was found # # Depending on components requested, this module will also define variables like: # # :: # # GPG_EXECUTABLE - path to the gpg executable # _EXECUTABLE - path to the component executable # # helper that will call --version and extract the version string function(_get_gpg_version utility_name exe_path var_prefix) execute_process( COMMAND "${exe_path}" --version OUTPUT_VARIABLE version RESULT_VARIABLE exit_code ERROR_QUIET ) if (NOT exit_code) string(REGEX MATCH "${utility_name} \\(GnuPG\\) (([0-9]+)\\.([0-9]+)\\.([0-9]+))" version "${version}") if (CMAKE_MATCH_1) set(${var_prefix}_VERSION "${CMAKE_MATCH_1}" PARENT_SCOPE) endif() endif() endfunction() # default to finding gpg if (NOT GnuPG_FIND_COMPONENTS) set(GnuPG_FIND_COMPONENTS gpg) endif() foreach(_comp IN LISTS GnuPG_FIND_COMPONENTS) # we also check for an executable with the 2 suffix when appropriate set(_names "${_comp}") if (_comp STREQUAL "gpg" OR _comp STREQUAL "gpgv") if (NOT ${GnuPG_FIND_VERSION}) set(_names "${_comp}2" ${_comp}) elseif (${GnuPG_FIND_VERSION} VERSION_GREATER_EQUAL 2.2) # 2.2+ defaults to gpg/gpgv, but supports gpg2/gpgv2 set(_names ${_comp} "${_comp}2") elseif(${GnuPG_FIND_VERSION} VERSION_GREATER_EQUAL 2.0) # 2.0-2.2 or so used a temporary naming of gpg2/gpgv2 set(_names "${_comp}2" ${_comp}) endif() endif() string(TOUPPER "${_comp}" _comp_upper) find_program(${_comp_upper}_EXECUTABLE NAMES ${_names}) unset(_names) mark_as_advanced(${_comp_upper}_EXECUTABLE) # if we found an executable, check the version if (${_comp_upper}_EXECUTABLE) _get_gpg_version(${_comp} ${${_comp_upper}_EXECUTABLE} _${_comp}) if (_${_comp}_VERSION) if (NOT GNUPG_VERSION) # this is the first component found, so set the version to match set(GNUPG_VERSION ${_${_comp}_VERSION}) endif() # see if the version matches the previous components found if(_${_comp}_VERSION VERSION_EQUAL ${GNUPG_VERSION} AND NOT TARGET GnuPG::${_comp}) add_executable(GnuPG::${_comp} IMPORTED GLOBAL) set_target_properties(GnuPG::${_comp} PROPERTIES IMPORTED_LOCATION "${${_comp_upper}_EXECUTABLE}" ) endif() endif() unset(_${_comp}_VERSION) endif() # mark our components as found or not found if (TARGET GnuPG::${_comp}) set(GnuPG_${_comp}_FOUND TRUE) else() set(GnuPG_${_comp}_FOUND FALSE) unset(${_comp_upper}_EXECUTABLE) endif() if (GnuPG_FIND_REQUIRED_${_comp}) list(APPEND _GnuPG_REQUIRED_VARS ${_comp_upper}_EXECUTABLE) endif() endforeach() unset(_comp) unset(_comp_upper) include(FindPackageHandleStandardArgs) find_package_handle_standard_args(GnuPG REQUIRED_VARS ${_GnuPG_REQUIRED_VARS} VERSION_VAR GNUPG_VERSION HANDLE_COMPONENTS ) rnp-0.18.1/cmake/Modules/FindJSON-C.cmake000066400000000000000000000102561511004466700176340ustar00rootroot00000000000000# Copyright (c) 2018, 2024 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. #.rst: # FindJSON-C # ----------- # # Find the json-c library. # # IMPORTED Targets # ^^^^^^^^^^^^^^^^ # # This module defines :prop_tgt:`IMPORTED` targets: # # ``JSON-C::JSON-C`` # The json-c library, if found. # # Result variables # ^^^^^^^^^^^^^^^^ # # This module defines the following variables: # # :: # # JSON-C_FOUND - true if the headers and library were found # JSON-C_INCLUDE_DIRS - where to find headers # JSON-C_LIBRARIES - list of libraries to link # JSON-C_VERSION - library version that was found, if any # use pkg-config to get the directories and then use these values # in the find_path() and find_library() calls find_package(PkgConfig QUIET) pkg_check_modules(PC_JSON-C QUIET json-c) # RHEL-based systems may have json-c12 if (NOT PC_JSON-C_FOUND) pkg_check_modules(PC_JSON-C QUIET json-c12) endif() # ..or even json-c13, accompanied by non-develop json-c (RHEL 8 ubi) if (NOT PC_JSON-C_FOUND) pkg_check_modules(PC_JSON-C QUIET json-c13) endif() # find the headers find_path(JSON-C_INCLUDE_DIR NAMES json_c_version.h HINTS ${PC_JSON-C_INCLUDEDIR} ${PC_JSON-C_INCLUDE_DIRS} PATH_SUFFIXES json-c json-c12 json-c13 ) # find the library find_library(JSON-C_LIBRARY NAMES json-c libjson-c json-c12 libjson-c12 json-c13 libjson-c13 HINTS ${PC_JSON-C_LIBDIR} ${PC_JSON-C_LIBRARY_DIRS} ) # determine the version if(PC_JSON-C_VERSION) set(JSON-C_VERSION ${PC_JSON-C_VERSION}) elseif(JSON-C_INCLUDE_DIR AND EXISTS "${JSON-C_INCLUDE_DIR}/json_c_version.h") file(STRINGS "${JSON-C_INCLUDE_DIR}/json_c_version.h" _json-c_version_h REGEX "^#define[\t ]+JSON_C_VERSION[\t ]+\"[^\"]*\"$") string(REGEX REPLACE ".*#define[\t ]+JSON_C_VERSION[\t ]+\"([^\"]*)\".*" "\\1" _json-c_version_str "${_json-c_version_h}") set(JSON-C_VERSION "${_json-c_version_str}" CACHE INTERNAL "The version of json-c which was detected") endif() include(FindPackageHandleStandardArgs) find_package_handle_standard_args(JSON-C REQUIRED_VARS JSON-C_LIBRARY JSON-C_INCLUDE_DIR JSON-C_VERSION VERSION_VAR JSON-C_VERSION ) if (JSON-C_FOUND) set(JSON-C_INCLUDE_DIRS ${JSON-C_INCLUDE_DIR} ${PC_JSON-C_INCLUDE_DIRS}) set(JSON-C_LIBRARIES ${JSON-C_LIBRARY}) endif() if (JSON-C_FOUND AND NOT TARGET JSON-C::JSON-C) # create the new library target add_library(JSON-C::JSON-C UNKNOWN IMPORTED) # set the required include dirs for the target if (JSON-C_INCLUDE_DIRS) set_target_properties(JSON-C::JSON-C PROPERTIES INTERFACE_INCLUDE_DIRECTORIES "${JSON-C_INCLUDE_DIRS}" ) endif() # set the required libraries for the target if (EXISTS "${JSON-C_LIBRARY}") set_target_properties(JSON-C::JSON-C PROPERTIES IMPORTED_LINK_INTERFACE_LANGUAGES "C" IMPORTED_LOCATION "${JSON-C_LIBRARY}" ) endif() endif() mark_as_advanced(JSON-C_INCLUDE_DIR JSON-C_LIBRARY) rnp-0.18.1/cmake/Modules/FindOpenSSLFeatures.cmake000066400000000000000000000143371511004466700216710ustar00rootroot00000000000000# Copyright (c) 2021 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. #.rst: # FindOpenSSLFeatures # ----------- # # Find OpenSSL features: supported hashes, ciphers, curves and public-key algorithms. # Requires FindOpenSSL to be included first, and C compiler to be set as module # compiles and executes program which do checks against installed OpenSSL library. # # Result variables # ^^^^^^^^^^^^^^^^ # # This module defines the following variables: # # :: # # OPENSSL_SUPPORTED_HASHES - list of the supported hash algorithms # OPENSSL_SUPPORTED_CIPHERS - list of the supported ciphers # OPENSSL_SUPPORTED_CURVES - list of the supported elliptic curves # OPENSSL_SUPPORTED_PUBLICKEY - list of the supported public-key algorithms # OPENSSL_SUPPORTED_FEATURES - all previous lists, glued together # # Functions # ^^^^^^^^^ # OpenSSLHasFeature(FEATURE ) # Check whether OpenSSL has corresponding feature (hash/curve/public-key algorithm name, elliptic curve). # Result is stored in VARIABLE as boolean value, i.e. TRUE or FALSE # if (NOT OPENSSL_FOUND) message(FATAL_ERROR "OpenSSL is not found. Please make sure that you call find_package(OpenSSL) first.") endif() message(STATUS "Querying OpenSSL features") # Copy and build findopensslfeatures.c in fossl-build subfolder. set(_fossl_work_dir "${CMAKE_BINARY_DIR}/fossl") file(MAKE_DIRECTORY "${_fossl_work_dir}") file(COPY "${CMAKE_CURRENT_LIST_DIR}/findopensslfeatures.c" DESTINATION "${_fossl_work_dir}" ) # As it's short enough let's keep it here. # Reuse OPENSSL parameters from the upstream project # otherwise there is a good chance to find another instance of openssl # We assume that OpenSSL root is one level up openssl include directory # This does not look as a good solution, however it is the only one that # works with all Windows configuration options message(STATUS "Using OpenSSL root directory at ${OPENSSL_INCLUDE_DIR}/..") file(WRITE "${_fossl_work_dir}/CMakeLists.txt" "cmake_minimum_required(VERSION 3.18)\n\ project(findopensslfeatures LANGUAGES C)\n\ set(CMAKE_C_STANDARD 99)\n\ find_package(OpenSSL REQUIRED)\n\ add_executable(findopensslfeatures findopensslfeatures.c)\n\ target_include_directories(findopensslfeatures PRIVATE ${OPENSSL_INCLUDE_DIR})\n\ target_link_libraries(findopensslfeatures PRIVATE OpenSSL::Crypto)\n\ if (OpenSSL::applink)\n\ target_link_libraries(findopensslfeatures PRIVATE OpenSSL::applink)\n\ endif(OpenSSL::applink)\n" ) set(MKF ${MKF} "-DCMAKE_BUILD_TYPE=Release" "-DOPENSSL_ROOT_DIR=${OPENSSL_INCLUDE_DIR}/..") if(CMAKE_PREFIX_PATH) set(MKF ${MKF} "-DCMAKE_PREFIX_PATH=${CMAKE_PREFIX_PATH}") endif(CMAKE_PREFIX_PATH) if(CMAKE_TOOLCHAIN_FILE) set(MKF ${MKF} "-DCMAKE_TOOLCHAIN_FILE=${CMAKE_TOOLCHAIN_FILE}") endif(CMAKE_TOOLCHAIN_FILE) if(CMAKE_GENERATOR_PLATFORM) set(MKF ${MKF} "-A" "${CMAKE_GENERATOR_PLATFORM}") endif(CMAKE_GENERATOR_PLATFORM) if(CMAKE_GENERATOR_TOOLSET) set(MKF ${MKF} "-T" "${CMAKE_GENERATOR_TOOLSET}") endif(CMAKE_GENERATOR_TOOLSET) execute_process( COMMAND "${CMAKE_COMMAND}" "-Bbuild" ${MKF} "." WORKING_DIRECTORY "${_fossl_work_dir}" OUTPUT_VARIABLE output ERROR_VARIABLE error RESULT_VARIABLE result COMMAND_ECHO STDOUT ECHO_OUTPUT_VARIABLE ECHO_ERROR_VARIABLE ) if (NOT ${result} EQUAL 0) message(FATAL_ERROR "Error configuring findopensslfeatures") endif() execute_process( COMMAND "${CMAKE_COMMAND}" "--build" "build" --config "Release" WORKING_DIRECTORY "${_fossl_work_dir}" OUTPUT_VARIABLE output ERROR_VARIABLE error RESULT_VARIABLE result COMMAND_ECHO STDOUT ECHO_OUTPUT_VARIABLE ECHO_ERROR_VARIABLE ) if (NOT ${result} EQUAL 0) message(FATAL_ERROR "Error building findopensslfeatures") endif() set(OPENSSL_SUPPORTED_FEATURES "") if(WIN32 AND NOT MINGW) set(FOF "build/Release/findopensslfeatures") else(WIN32 AND NOT MINGW) set(FOF "build/findopensslfeatures") endif(WIN32 AND NOT MINGW) foreach(feature "hashes" "ciphers" "curves" "publickey" "providers") execute_process( COMMAND "${FOF}" "${feature}" WORKING_DIRECTORY "${_fossl_work_dir}" OUTPUT_VARIABLE feature_val ERROR_VARIABLE error RESULT_VARIABLE result ) if(NOT ${result} EQUAL 0) message(FATAL_ERROR "Error getting supported OpenSSL ${feature}: ${result}\n${error}") endif() string(TOUPPER ${feature} feature_up) string(TOUPPER ${feature_val} feature_val) string(REPLACE "\n" ";" feature_val ${feature_val}) set(OPENSSL_SUPPORTED_${feature_up} ${feature_val}) list(LENGTH OPENSSL_SUPPORTED_${feature_up} ${feature}_len) list(APPEND OPENSSL_SUPPORTED_FEATURES ${OPENSSL_SUPPORTED_${feature_up}}) endforeach() message(STATUS "Fetched OpenSSL features: ${hashes_len} hashes, ${ciphers_len} ciphers, ${curves_len} curves, ${publickey_len} publickey, ${providers_len} providers.") function(OpenSSLHasFeature FEATURE VARIABLE) string(TOUPPER ${FEATURE} _feature_up) set(${VARIABLE} FALSE PARENT_SCOPE) if (${_feature_up} IN_LIST OPENSSL_SUPPORTED_FEATURES) set(${VARIABLE} TRUE PARENT_SCOPE) endif() endfunction(OpenSSLHasFeature) rnp-0.18.1/cmake/Modules/FindWindowsSDK.cmake000066400000000000000000000615151511004466700207030ustar00rootroot00000000000000# - Find the Windows SDK aka Platform SDK # taken from https://github.com/ampl/mp/blob/master/support/cmake/FindWindowsSDK.cmake # # Relevant Wikipedia article: http://en.wikipedia.org/wiki/Microsoft_Windows_SDK # # Pass "COMPONENTS tools" to ignore Visual Studio version checks: in case # you just want the tool binaries to run, rather than the libraries and headers # for compiling. # # Variables: # WINDOWSSDK_FOUND - if any version of the windows or platform SDK was found that is usable with the current version of visual studio # WINDOWSSDK_LATEST_DIR # WINDOWSSDK_LATEST_NAME # WINDOWSSDK_FOUND_PREFERENCE - if we found an entry indicating a "preferred" SDK listed for this visual studio version # WINDOWSSDK_PREFERRED_DIR # WINDOWSSDK_PREFERRED_NAME # # WINDOWSSDK_DIRS - contains no duplicates, ordered most recent first. # WINDOWSSDK_PREFERRED_FIRST_DIRS - contains no duplicates, ordered with preferred first, followed by the rest in descending recency # # Functions: # GetUMWindowsSDKLibraryDir() - Find the latest SDK user mode (um) library directory, # architecture dependent # GetUMWindowsSDKIncludeDir() - Find the latest SDK user mode (um) include directory # # windowssdk_name_lookup( ) - Find the name corresponding with the SDK directory you pass in, or # NOTFOUND if not recognized. Your directory must be one of WINDOWSSDK_DIRS for this to work. # # windowssdk_build_lookup( ) - Find the build version number corresponding with the SDK directory you pass in, or # NOTFOUND if not recognized. Your directory must be one of WINDOWSSDK_DIRS for this to work. # # get_windowssdk_from_component( ) - Given a library or include dir, # find the Windows SDK root dir corresponding to it, or NOTFOUND if unrecognized. # # get_windowssdk_library_dirs( ) - Find the architecture-appropriate # library directories corresponding to the SDK directory you pass in (or NOTFOUND if none) # # get_windowssdk_library_dirs_multiple( ...) - Find the architecture-appropriate # library directories corresponding to the SDK directories you pass in, in order, skipping those not found. NOTFOUND if none at all. # Good for passing WINDOWSSDK_DIRS or WINDOWSSDK_DIRS to if you really just want a file and don't care where from. # # get_windowssdk_include_dirs( ) - Find the # include directories corresponding to the SDK directory you pass in (or NOTFOUND if none) # # get_windowssdk_include_dirs_multiple( ...) - Find the # include directories corresponding to the SDK directories you pass in, in order, skipping those not found. NOTFOUND if none at all. # Good for passing WINDOWSSDK_DIRS or WINDOWSSDK_DIRS to if you really just want a file and don't care where from. # # Requires these CMake modules: # FindPackageHandleStandardArgs (known included with CMake >=2.6.2) # # Original Author: # 2012 Ryan Pavlik # http://academic.cleardefinition.com # Iowa State University HCI Graduate Program/VRAC # # Copyright Iowa State University 2012. # Distributed under the Boost Software License, Version 1.0. # (See accompanying file LICENSE_1_0.txt or copy at # http://www.boost.org/LICENSE_1_0.txt) set(_preferred_sdk_dirs) # pre-output set(_win_sdk_dirs) # pre-output set(_win_sdk_versanddirs) # pre-output set(_win_sdk_buildsanddirs) # pre-output set(_winsdk_vistaonly) # search parameters set(_winsdk_kits) # search parameters set(_WINDOWSSDK_ANNOUNCE OFF) if(NOT WINDOWSSDK_FOUND AND (NOT WindowsSDK_FIND_QUIETLY)) set(_WINDOWSSDK_ANNOUNCE ON) endif() macro(_winsdk_announce) if(_WINSDK_ANNOUNCE) message(STATUS ${ARGN}) endif() endmacro() set(_winsdk_win10vers 10.0.18362.0 # Windows 10 SDK for 2019 Update 10.0.17763.0 # Windows 10 SDK for October 2018 Update 10.0.17133.0 # Redstone 4 aka Win10 1803 "April 1018 Update" 10.0.16299.0 # Redstone 3 aka Win10 1709 "Fall Creators Update" 10.0.15063.0 # Redstone 2 aka Win10 1703 "Creators Update" 10.0.14393.0 # Redstone aka Win10 1607 "Anniversary Update" 10.0.10586.0 # TH2 aka Win10 1511 10.0.10240.0 # Win10 RTM 10.0.10150.0 # just ucrt 10.0.10056.0 ) if(WindowsSDK_FIND_COMPONENTS MATCHES "tools") set(_WINDOWSSDK_IGNOREMSVC ON) _winsdk_announce("Checking for tools from Windows/Platform SDKs...") else() set(_WINDOWSSDK_IGNOREMSVC OFF) _winsdk_announce("Checking for Windows/Platform SDKs...") endif() # Appends to the three main pre-output lists used only if the path exists # and is not already in the list. function(_winsdk_conditional_append _vername _build _path) if(("${_path}" MATCHES "registry") OR (NOT EXISTS "${_path}")) # Path invalid - do not add return() endif() list(FIND _win_sdk_dirs "${_path}" _win_sdk_idx) if(_win_sdk_idx GREATER -1) # Path already in list - do not add return() endif() _winsdk_announce( " - ${_vername}, Build ${_build} @ ${_path}") # Not yet in the list, so we'll add it list(APPEND _win_sdk_dirs "${_path}") set(_win_sdk_dirs "${_win_sdk_dirs}" CACHE INTERNAL "" FORCE) list(APPEND _win_sdk_versanddirs "${_vername}" "${_path}") set(_win_sdk_versanddirs "${_win_sdk_versanddirs}" CACHE INTERNAL "" FORCE) list(APPEND _win_sdk_buildsanddirs "${_build}" "${_path}") set(_win_sdk_buildsanddirs "${_win_sdk_buildsanddirs}" CACHE INTERNAL "" FORCE) endfunction() # Appends to the "preferred SDK" lists only if the path exists function(_winsdk_conditional_append_preferred _info _path) if(("${_path}" MATCHES "registry") OR (NOT EXISTS "${_path}")) # Path invalid - do not add return() endif() get_filename_component(_path "${_path}" ABSOLUTE) list(FIND _win_sdk_preferred_sdk_dirs "${_path}" _win_sdk_idx) if(_win_sdk_idx GREATER -1) # Path already in list - do not add return() endif() _winsdk_announce( " - Found \"preferred\" SDK ${_info} @ ${_path}") # Not yet in the list, so we'll add it list(APPEND _win_sdk_preferred_sdk_dirs "${_path}") set(_win_sdk_preferred_sdk_dirs "${_win_sdk_dirs}" CACHE INTERNAL "" FORCE) # Just in case we somehow missed it: _winsdk_conditional_append("${_info}" "" "${_path}") endfunction() # Given a version like v7.0A, looks for an SDK in the registry under "Microsoft SDKs". # If the given version might be in both HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Microsoft SDKs\\Windows # and HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows Kits\\Installed Roots aka "Windows Kits", # use this macro first, since these registry keys usually have more information. # # Pass a "default" build number as an extra argument in case we can't find it. function(_winsdk_check_microsoft_sdks_registry _winsdkver) set(SDKKEY "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Microsoft SDKs\\Windows\\${_winsdkver}") get_filename_component(_sdkdir "[${SDKKEY};InstallationFolder]" ABSOLUTE) set(_sdkname "Windows SDK ${_winsdkver}") # Default build number passed as extra argument set(_build ${ARGN}) # See if the registry holds a Microsoft-mutilated, err, designated, product name # (just using get_filename_component to execute the registry lookup) get_filename_component(_sdkproductname "[${SDKKEY};ProductName]" NAME) if(NOT "${_sdkproductname}" MATCHES "registry") # Got a product name set(_sdkname "${_sdkname} (${_sdkproductname})") endif() # try for a version to augment our name # (just using get_filename_component to execute the registry lookup) get_filename_component(_sdkver "[${SDKKEY};ProductVersion]" NAME) if(NOT "${_sdkver}" MATCHES "registry" AND NOT MATCHES) # Got a version if(NOT "${_sdkver}" MATCHES "\\.\\.") # and it's not an invalid one with two dots in it: # use to override the default build set(_build ${_sdkver}) if(NOT "${_sdkname}" MATCHES "${_sdkver}") # Got a version that's not already in the name, let's use it to improve our name. set(_sdkname "${_sdkname} (${_sdkver})") endif() endif() endif() _winsdk_conditional_append("${_sdkname}" "${_build}" "${_sdkdir}") endfunction() # Given a name for identification purposes, the build number, and a key (technically a "value name") # corresponding to a Windows SDK packaged as a "Windows Kit", look for it # in HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows Kits\\Installed Roots # Note that the key or "value name" tends to be something weird like KitsRoot81 - # no easy way to predict, just have to observe them in the wild. # Doesn't hurt to also try _winsdk_check_microsoft_sdks_registry for these: # sometimes you get keys in both parts of the registry (in the wow64 portion especially), # and the non-"Windows Kits" location is often more descriptive. function(_winsdk_check_windows_kits_registry _winkit_name _winkit_build _winkit_key) get_filename_component(_sdkdir "[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows Kits\\Installed Roots;${_winkit_key}]" ABSOLUTE) _winsdk_conditional_append("${_winkit_name}" "${_winkit_build}" "${_sdkdir}") endfunction() # Given a name for identification purposes and the build number # corresponding to a Windows 10 SDK packaged as a "Windows Kit", look for it # in HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows Kits\\Installed Roots # Doesn't hurt to also try _winsdk_check_microsoft_sdks_registry for these: # sometimes you get keys in both parts of the registry (in the wow64 portion especially), # and the non-"Windows Kits" location is often more descriptive. function(_winsdk_check_win10_kits _winkit_build) get_filename_component(_sdkdir "[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows Kits\\Installed Roots;KitsRoot10]" ABSOLUTE) if(("${_sdkdir}" MATCHES "registry") OR (NOT EXISTS "${_sdkdir}")) return() # not found endif() if(EXISTS "${_sdkdir}/Include/${_winkit_build}/um") _winsdk_conditional_append("Windows Kits 10 (Build ${_winkit_build})" "${_winkit_build}" "${_sdkdir}") endif() endfunction() # Given a name for identification purposes, the build number, and the associated package GUID, # look in the registry under both HKLM and HKCU in \\SOFTWARE\\Microsoft\\MicrosoftSDK\\InstalledSDKs\\ # for that guid and the SDK it points to. function(_winsdk_check_platformsdk_registry _platformsdkname _build _platformsdkguid) foreach(_winsdk_hive HKEY_LOCAL_MACHINE HKEY_CURRENT_USER) get_filename_component(_sdkdir "[${_winsdk_hive}\\SOFTWARE\\Microsoft\\MicrosoftSDK\\InstalledSDKs\\${_platformsdkguid};Install Dir]" ABSOLUTE) _winsdk_conditional_append("${_platformsdkname} (${_build})" "${_build}" "${_sdkdir}") endforeach() endfunction() ### # Detect toolchain information: to know whether it's OK to use Vista+ only SDKs ### set(_winsdk_vistaonly_ok OFF) if(MSVC AND NOT _WINDOWSSDK_IGNOREMSVC) # VC 10 and older has broad target support if(MSVC_VERSION LESS 1700) # VC 11 by default targets Vista and later only, so we can add a few more SDKs that (might?) only work on vista+ elseif("${CMAKE_VS_PLATFORM_TOOLSET}" MATCHES "_xp") # This is the XP-compatible v110+ toolset elseif("${CMAKE_VS_PLATFORM_TOOLSET}" STREQUAL "v100" OR "${CMAKE_VS_PLATFORM_TOOLSET}" STREQUAL "v90") # This is the VS2010/VS2008 toolset else() # OK, we're VC11 or newer and not using a backlevel or XP-compatible toolset. # These versions have no XP (and possibly Vista pre-SP1) support set(_winsdk_vistaonly_ok ON) if(_WINDOWSSDK_ANNOUNCE AND NOT _WINDOWSSDK_VISTAONLY_PESTERED) set(_WINDOWSSDK_VISTAONLY_PESTERED ON CACHE INTERNAL "" FORCE) message(STATUS "FindWindowsSDK: Detected Visual Studio 2012 or newer, not using the _xp toolset variant: including SDK versions that drop XP support in search!") endif() endif() endif() if(_WINDOWSSDK_IGNOREMSVC) set(_winsdk_vistaonly_ok ON) endif() ### # MSVC version checks - keeps messy conditionals in one place # (messy because of _WINDOWSSDK_IGNOREMSVC) ### set(_winsdk_msvc_greater_1200 OFF) if(_WINDOWSSDK_IGNOREMSVC OR (MSVC AND (MSVC_VERSION GREATER 1200))) set(_winsdk_msvc_greater_1200 ON) endif() # Newer than VS .NET/VS Toolkit 2003 set(_winsdk_msvc_greater_1310 OFF) if(_WINDOWSSDK_IGNOREMSVC OR (MSVC AND (MSVC_VERSION GREATER 1310))) set(_winsdk_msvc_greater_1310 ON) endif() # VS2005/2008 set(_winsdk_msvc_less_1600 OFF) if(_WINDOWSSDK_IGNOREMSVC OR (MSVC AND (MSVC_VERSION LESS 1600))) set(_winsdk_msvc_less_1600 ON) endif() # VS2013+ set(_winsdk_msvc_not_less_1800 OFF) if(_WINDOWSSDK_IGNOREMSVC OR (MSVC AND (NOT MSVC_VERSION LESS 1800))) set(_winsdk_msvc_not_less_1800 ON) endif() ### # START body of find module ### if(_winsdk_msvc_greater_1310) # Newer than VS .NET/VS Toolkit 2003 ### # Look for "preferred" SDKs ### # Environment variable for SDK dir if(EXISTS "$ENV{WindowsSDKDir}" AND (NOT "$ENV{WindowsSDKDir}" STREQUAL "")) _winsdk_conditional_append_preferred("WindowsSDKDir environment variable" "$ENV{WindowsSDKDir}") endif() if(_winsdk_msvc_less_1600) # Per-user current Windows SDK for VS2005/2008 get_filename_component(_sdkdir "[HKEY_CURRENT_USER\\Software\\Microsoft\\Microsoft SDKs\\Windows;CurrentInstallFolder]" ABSOLUTE) _winsdk_conditional_append_preferred("Per-user current Windows SDK" "${_sdkdir}") # System-wide current Windows SDK for VS2005/2008 get_filename_component(_sdkdir "[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Microsoft SDKs\\Windows;CurrentInstallFolder]" ABSOLUTE) _winsdk_conditional_append_preferred("System-wide current Windows SDK" "${_sdkdir}") endif() ### # Begin the massive list of SDK searching! ### if(_winsdk_vistaonly_ok AND _winsdk_msvc_not_less_1800) # These require at least Visual Studio 2013 (VC12) _winsdk_check_microsoft_sdks_registry(v10.0A) # Windows Software Development Kit (SDK) for Windows 10 # Several different versions living in the same directory - if nothing else we can assume RTM (10240) _winsdk_check_microsoft_sdks_registry(v10.0 10.0.10240.0) foreach(_win10build ${_winsdk_win10vers}) _winsdk_check_win10_kits(${_win10build}) endforeach() endif() # vista-only and 2013+ # Included in Visual Studio 2013 # Includes the v120_xp toolset _winsdk_check_microsoft_sdks_registry(v8.1A 8.1.51636) if(_winsdk_vistaonly_ok AND _winsdk_msvc_not_less_1800) # Windows Software Development Kit (SDK) for Windows 8.1 # http://msdn.microsoft.com/en-gb/windows/desktop/bg162891 _winsdk_check_microsoft_sdks_registry(v8.1 8.1.25984.0) _winsdk_check_windows_kits_registry("Windows Kits 8.1" 8.1.25984.0 KitsRoot81) endif() # vista-only and 2013+ if(_winsdk_vistaonly_ok) # Included in Visual Studio 2012 _winsdk_check_microsoft_sdks_registry(v8.0A 8.0.50727) # Microsoft Windows SDK for Windows 8 and .NET Framework 4.5 # This is the first version to also include the DirectX SDK # http://msdn.microsoft.com/en-US/windows/desktop/hh852363.aspx _winsdk_check_microsoft_sdks_registry(v8.0 6.2.9200.16384) _winsdk_check_windows_kits_registry("Windows Kits 8.0" 6.2.9200.16384 KitsRoot) endif() # vista-only # Included with VS 2012 Update 1 or later # Introduces v110_xp toolset _winsdk_check_microsoft_sdks_registry(v7.1A 7.1.51106) if(_winsdk_vistaonly_ok) # Microsoft Windows SDK for Windows 7 and .NET Framework 4 # http://www.microsoft.com/downloads/en/details.aspx?FamilyID=6b6c21d2-2006-4afa-9702-529fa782d63b _winsdk_check_microsoft_sdks_registry(v7.1 7.1.7600.0.30514) endif() # vista-only # Included with VS 2010 _winsdk_check_microsoft_sdks_registry(v7.0A 6.1.7600.16385) # Windows SDK for Windows 7 and .NET Framework 3.5 SP1 # Works with VC9 # http://www.microsoft.com/en-us/download/details.aspx?id=18950 _winsdk_check_microsoft_sdks_registry(v7.0 6.1.7600.16385) # Two versions call themselves "v6.1": # Older: # Windows Vista Update & .NET 3.0 SDK # http://www.microsoft.com/en-us/download/details.aspx?id=14477 # Newer: # Windows Server 2008 & .NET 3.5 SDK # may have broken VS9SP1? they recommend v7.0 instead, or a KB... # http://www.microsoft.com/en-us/download/details.aspx?id=24826 _winsdk_check_microsoft_sdks_registry(v6.1 6.1.6000.16384.10) # Included in VS 2008 _winsdk_check_microsoft_sdks_registry(v6.0A 6.1.6723.1) # Microsoft Windows Software Development Kit for Windows Vista and .NET Framework 3.0 Runtime Components # http://blogs.msdn.com/b/stanley/archive/2006/11/08/microsoft-windows-software-development-kit-for-windows-vista-and-net-framework-3-0-runtime-components.aspx _winsdk_check_microsoft_sdks_registry(v6.0 6.0.6000.16384) endif() # Let's not forget the Platform SDKs, which sometimes are useful! if(_winsdk_msvc_greater_1200) _winsdk_check_platformsdk_registry("Microsoft Platform SDK for Windows Server 2003 R2" "5.2.3790.2075.51" "D2FF9F89-8AA2-4373-8A31-C838BF4DBBE1") _winsdk_check_platformsdk_registry("Microsoft Platform SDK for Windows Server 2003 SP1" "5.2.3790.1830.15" "8F9E5EF3-A9A5-491B-A889-C58EFFECE8B3") endif() ### # Finally, look for "preferred" SDKs ### if(_winsdk_msvc_greater_1310) # Newer than VS .NET/VS Toolkit 2003 # Environment variable for SDK dir if(EXISTS "$ENV{WindowsSDKDir}" AND (NOT "$ENV{WindowsSDKDir}" STREQUAL "")) _winsdk_conditional_append_preferred("WindowsSDKDir environment variable" "$ENV{WindowsSDKDir}") endif() if(_winsdk_msvc_less_1600) # Per-user current Windows SDK for VS2005/2008 get_filename_component(_sdkdir "[HKEY_CURRENT_USER\\Software\\Microsoft\\Microsoft SDKs\\Windows;CurrentInstallFolder]" ABSOLUTE) _winsdk_conditional_append_preferred("Per-user current Windows SDK" "${_sdkdir}") # System-wide current Windows SDK for VS2005/2008 get_filename_component(_sdkdir "[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Microsoft SDKs\\Windows;CurrentInstallFolder]" ABSOLUTE) _winsdk_conditional_append_preferred("System-wide current Windows SDK" "${_sdkdir}") endif() endif() function(windowssdk_name_lookup _dir _outvar) list(FIND _win_sdk_versanddirs "${_dir}" _diridx) math(EXPR _idx "${_diridx} - 1") if(${_idx} GREATER -1) list(GET _win_sdk_versanddirs ${_idx} _ret) else() set(_ret "NOTFOUND") endif() set(${_outvar} "${_ret}" PARENT_SCOPE) endfunction() function(windowssdk_build_lookup _dir _outvar) list(FIND _win_sdk_buildsanddirs "${_dir}" _diridx) math(EXPR _idx "${_diridx} - 1") if(${_idx} GREATER -1) list(GET _win_sdk_buildsanddirs ${_idx} _ret) else() set(_ret "NOTFOUND") endif() set(${_outvar} "${_ret}" PARENT_SCOPE) endfunction() # If we found something... if(_win_sdk_dirs) list(GET _win_sdk_dirs 0 WINDOWSSDK_LATEST_DIR) windowssdk_name_lookup("${WINDOWSSDK_LATEST_DIR}" WINDOWSSDK_LATEST_NAME) set(WINDOWSSDK_DIRS ${_win_sdk_dirs}) # Fallback, in case no preference found. set(WINDOWSSDK_PREFERRED_DIR "${WINDOWSSDK_LATEST_DIR}") set(WINDOWSSDK_PREFERRED_NAME "${WINDOWSSDK_LATEST_NAME}") set(WINDOWSSDK_PREFERRED_FIRST_DIRS ${WINDOWSSDK_DIRS}) set(WINDOWSSDK_FOUND_PREFERENCE OFF) endif() # If we found indications of a user preference... if(_win_sdk_preferred_sdk_dirs) list(GET _win_sdk_preferred_sdk_dirs 0 WINDOWSSDK_PREFERRED_DIR) windowssdk_name_lookup("${WINDOWSSDK_PREFERRED_DIR}" WINDOWSSDK_PREFERRED_NAME) set(WINDOWSSDK_PREFERRED_FIRST_DIRS ${_win_sdk_preferred_sdk_dirs} ${_win_sdk_dirs}) list(REMOVE_DUPLICATES WINDOWSSDK_PREFERRED_FIRST_DIRS) set(WINDOWSSDK_FOUND_PREFERENCE ON) endif() include(FindPackageHandleStandardArgs) find_package_handle_standard_args(WindowsSDK "No compatible version of the Windows SDK or Platform SDK found." WINDOWSSDK_DIRS) if(WINDOWSSDK_FOUND) # Internal: Architecture-appropriate library directory names. if("${CMAKE_VS_PLATFORM_NAME}" STREQUAL "ARM") if(CMAKE_SIZEOF_VOID_P MATCHES "8") # Only supported in Win10 SDK and up. set(_winsdk_arch8 arm64) # what the WDK for Win8+ calls this architecture else() set(_winsdk_archbare /arm) # what the architecture used to be called in oldest SDKs set(_winsdk_arch arm) # what the architecture used to be called set(_winsdk_arch8 arm) # what the WDK for Win8+ calls this architecture endif() else() if(CMAKE_SIZEOF_VOID_P MATCHES "8") set(_winsdk_archbare /x64) # what the architecture used to be called in oldest SDKs set(_winsdk_arch amd64) # what the architecture used to be called set(_winsdk_arch8 x64) # what the WDK for Win8+ calls this architecture else() set(_winsdk_archbare ) # what the architecture used to be called in oldest SDKs set(_winsdk_arch i386) # what the architecture used to be called set(_winsdk_arch8 x86) # what the WDK for Win8+ calls this architecture endif() endif() function(get_windowssdk_from_component _component _var) get_filename_component(_component "${_component}" ABSOLUTE) file(TO_CMAKE_PATH "${_component}" _component) foreach(_sdkdir ${WINDOWSSDK_DIRS}) get_filename_component(_sdkdir "${_sdkdir}" ABSOLUTE) string(LENGTH "${_sdkdir}" _sdklen) file(RELATIVE_PATH _rel "${_sdkdir}" "${_component}") # If we don't have any "parent directory" items... if(NOT "${_rel}" MATCHES "[.][.]") set(${_var} "${_sdkdir}" PARENT_SCOPE) return() endif() endforeach() # Fail. set(${_var} "NOTFOUND" PARENT_SCOPE) endfunction() function(get_windowssdk_library_dirs _winsdk_dir _var) set(_dirs) set(_suffixes "lib${_winsdk_archbare}" # SDKs like 7.1A "lib/${_winsdk_arch}" # just because some SDKs have x86 dir and root dir "lib/w2k/${_winsdk_arch}" # Win2k min requirement "lib/wxp/${_winsdk_arch}" # WinXP min requirement "lib/wnet/${_winsdk_arch}" # Win Server 2003 min requirement "lib/wlh/${_winsdk_arch}" "lib/wlh/um/${_winsdk_arch8}" # Win Vista ("Long Horn") min requirement "lib/win7/${_winsdk_arch}" "lib/win7/um/${_winsdk_arch8}" # Win 7 min requirement ) foreach(_ver wlh # Win Vista ("Long Horn") min requirement win7 # Win 7 min requirement win8 # Win 8 min requirement winv6.3 # Win 8.1 min requirement ) list(APPEND _suffixes "lib/${_ver}/${_winsdk_arch}" "lib/${_ver}/um/${_winsdk_arch8}" "lib/${_ver}/km/${_winsdk_arch8}" ) endforeach() # Look for WDF libraries in Win10+ SDK foreach(_mode umdf kmdf) file(GLOB _wdfdirs RELATIVE "${_winsdk_dir}" "${_winsdk_dir}/lib/wdf/${_mode}/${_winsdk_arch8}/*") if(_wdfdirs) list(APPEND _suffixes ${_wdfdirs}) endif() endforeach() # Look in each Win10+ SDK version for the components foreach(_win10ver ${_winsdk_win10vers}) foreach(_component um km ucrt mmos) list(APPEND _suffixes "lib/${_win10ver}/${_component}/${_winsdk_arch8}") endforeach() endforeach() foreach(_suffix ${_suffixes}) # Check to see if a library actually exists here. file(GLOB _libs "${_winsdk_dir}/${_suffix}/*.lib") if(_libs) list(APPEND _dirs "${_winsdk_dir}/${_suffix}") endif() endforeach() if("${_dirs}" STREQUAL "") set(_dirs NOTFOUND) else() list(REMOVE_DUPLICATES _dirs) endif() set(${_var} ${_dirs} PARENT_SCOPE) endfunction() function(get_windowssdk_include_dirs _winsdk_dir _var) set(_dirs) set(_subdirs shared um winrt km wdf mmos ucrt) set(_suffixes Include) foreach(_dir ${_subdirs}) list(APPEND _suffixes "Include/${_dir}") endforeach() foreach(_ver ${_winsdk_win10vers}) foreach(_dir ${_subdirs}) list(APPEND _suffixes "Include/${_ver}/${_dir}") endforeach() endforeach() foreach(_suffix ${_suffixes}) # Check to see if a header file actually exists here. file(GLOB _headers "${_winsdk_dir}/${_suffix}/*.h") if(_headers) list(APPEND _dirs "${_winsdk_dir}/${_suffix}") endif() endforeach() if("${_dirs}" STREQUAL "") set(_dirs NOTFOUND) else() list(REMOVE_DUPLICATES _dirs) endif() set(${_var} ${_dirs} PARENT_SCOPE) endfunction() function(get_windowssdk_library_dirs_multiple _var) set(_dirs) foreach(_sdkdir ${ARGN}) get_windowssdk_library_dirs("${_sdkdir}" _current_sdk_libdirs) if(_current_sdk_libdirs) list(APPEND _dirs ${_current_sdk_libdirs}) endif() endforeach() if("${_dirs}" STREQUAL "") set(_dirs NOTFOUND) else() list(REMOVE_DUPLICATES _dirs) endif() set(${_var} ${_dirs} PARENT_SCOPE) endfunction() function(get_windowssdk_include_dirs_multiple _var) set(_dirs) foreach(_sdkdir ${ARGN}) get_windowssdk_include_dirs("${_sdkdir}" _current_sdk_incdirs) if(_current_sdk_libdirs) list(APPEND _dirs ${_current_sdk_incdirs}) endif() endforeach() if("${_dirs}" STREQUAL "") set(_dirs NOTFOUND) else() list(REMOVE_DUPLICATES _dirs) endif() set(${_var} ${_dirs} PARENT_SCOPE) endfunction() endif() function(FindFirstStringMatching list reg matching) foreach(l ${${list}}) if(${l} MATCHES ${reg}) set(${matching} ${l} PARENT_SCOPE) break() endif() endforeach() endfunction() function(GetUMWindowsSDKLibraryDir library_dir) get_windowssdk_library_dirs(${WINDOWSSDK_LATEST_DIR} WIN_LIBRARY_DIRS) FindFirstStringMatching(WIN_LIBRARY_DIRS "[\\/]um[\\/]" WINDOWSKIT_LIBRARY_DIR) set(${library_dir} ${WINDOWSKIT_LIBRARY_DIR} PARENT_SCOPE) endfunction() function(GetUMWindowsSDKIncludeDir include_dir) get_windowssdk_include_dirs(${WINDOWSSDK_LATEST_DIR} WIN_INCLUDE_DIRS) FindFirstStringMatching(WIN_INCLUDE_DIRS "[\\/]um[\\/]" WIN_INCLUDE_DIR) set(${include_dir} ${WIN_INCLUDE_DIR} PARENT_SCOPE) endfunction() rnp-0.18.1/cmake/Modules/findopensslfeatures.c000066400000000000000000000065001511004466700213240ustar00rootroot00000000000000#include #include #include #include #include #include #if OPENSSL_VERSION_NUMBER >= 0x30000000L #include #endif int list_curves() { size_t len = EC_get_builtin_curves(NULL, 0); EC_builtin_curve *curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * len); if (!curves) { fprintf(stderr, "Allocation failed.\n"); return 1; } if (!EC_get_builtin_curves(curves, len)) { OPENSSL_free(curves); fprintf(stderr, "Failed to get curves.\n"); return 1; } for (size_t i = 0; i < len; i++) { const char *sname = OBJ_nid2sn(curves[i].nid); if (!sname) { continue; } printf("%s\n", sname); } OPENSSL_free(curves); return 0; } static void print_hash(const EVP_MD *md, const char *from, const char *to, void *arg) { if (!md) { return; } if (strstr(from, "rsa") || strstr(from, "RSA")) { return; } printf("%s\n", from); } int list_hashes() { EVP_MD_do_all_sorted(print_hash, NULL); return 0; } static void print_cipher(const EVP_CIPHER *cipher, const char *from, const char *to, void *x) { if (!cipher) { return; } printf("%s\n", from); } int list_ciphers() { EVP_CIPHER_do_all_sorted(print_cipher, NULL); return 0; } #if OPENSSL_VERSION_NUMBER >= 0x30000000L static void print_km_name(const char *name, void *param) { /* Do not print OIDs for better clarity */ if (!name || ((name[0] <= '9') && (name[0] >= '0'))) { return; } printf("%s\n", name); } static void print_km(EVP_KEYMGMT *km, void *param) { EVP_KEYMGMT_names_do_all(km, print_km_name, NULL); } #endif int list_publickey() { #if OPENSSL_VERSION_NUMBER < 0x30000000L for (size_t i = 0; i < EVP_PKEY_meth_get_count(); i++) { const EVP_PKEY_METHOD *pmeth = EVP_PKEY_meth_get0(i); int id = 0; EVP_PKEY_meth_get0_info(&id, NULL, pmeth); printf("%s\n", OBJ_nid2ln(id)); } #else EVP_KEYMGMT_do_all_provided(NULL, print_km, NULL); #endif return 0; } int list_providers() { printf("default\n"); #if OPENSSL_VERSION_NUMBER >= 0x30000000L const char *known_names[] = {"legacy", "fips"}; for (size_t i = 0; i < sizeof(known_names) / sizeof(known_names[0]); i++) { OSSL_PROVIDER *prov = OSSL_PROVIDER_load(NULL, known_names[i]); if (prov) { printf("%s\n", known_names[i]); OSSL_PROVIDER_unload(prov); } } #else /* OpenSSL < 3.0 includes all legacy algorithms in the default provider */ printf("legacy\n"); #endif return 0; } int main(int argc, char *argv[]) { if (argc != 2) { fprintf(stderr, "Usage: opensslfeatures [curves|hashes|ciphers|publickey|providers]\n"); return 1; } if (!strcmp(argv[1], "hashes")) { return list_hashes(); } if (!strcmp(argv[1], "ciphers")) { return list_ciphers(); } if (!strcmp(argv[1], "curves")) { return list_curves(); } if (!strcmp(argv[1], "publickey")) { return list_publickey(); } if (!strcmp(argv[1], "providers")) { return list_providers(); } fprintf(stderr, "Unknown command: %s\n", argv[1]); return 1; } rnp-0.18.1/cmake/info.cmake000066400000000000000000000035161511004466700154260ustar00rootroot00000000000000# Copyright (c) 2018 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. # this file contains things that are likely to change occasionally set(PACKAGE_VENDOR "Ribose Inc.") set(PACKAGE_URL "https://github.com/rnpgp/rnp") set(PACKAGING_EMAIL "Ribose Inc. ") set(BUGREPORT_EMAIL "${PACKAGING_EMAIL}") set(PACKAGE_DESCRIPTION [=[ A set of OpenPGP tools for encrypting, decrypting, signing, and \ verifying files. ]=] ) set(PACKAGE_DESCRIPTION_SHORT "Freely-licensed OpenPGP library and command-line tools") set(PACKAGE_LICENSE "BSD") set(RPM_RELEASE_NUM 1) set(DEB_RELEASE_NUM 1) rnp-0.18.1/cmake/librnp.pc.in000066400000000000000000000004461511004466700157070ustar00rootroot00000000000000prefix=@CMAKE_INSTALL_PREFIX@ exec_prefix=${prefix} libdir=@PKGCONFIG_LIBDIR@ includedir=@PKGCONFIG_INCLUDEDIR@ Name: rnp Description: @PACKAGE_DESCRIPTION_SHORT@ Version: @PROJECT_VERSION@ Libs: -L${libdir} -l@LIBRNP_OUTPUT_NAME@ Libs.private: @LIBRNP_PRIVATE_LIBS@ Cflags: -I${includedir} rnp-0.18.1/cmake/packaging.cmake000066400000000000000000000100251511004466700164100ustar00rootroot00000000000000# Copyright (c) 2018, 2023 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. # this file contains packaging items that aren't likely to change much # general set(CPACK_PACKAGE_VENDOR "${PACKAGE_VENDOR}") set(CPACK_PACKAGE_CONTACT "${PACKAGING_EMAIL}") set(CPACK_PACKAGE_DESCRIPTION_SUMMARY "${PACKAGE_DESCRIPTION_SHORT}") set(CPACK_PACKAGE_VERSION "${PROJECT_VERSION}") set(CPACK_PACKAGE_FILE_NAME "rnp-${CPACK_PACKAGE_VERSION}") set(CPACK_PACKAGE_NAME "rnp${PROJECT_VERSION_MAJOR}") set(CPACK_SOURCE_PACKAGE_FILE_NAME "rnp-v${CPACK_PACKAGE_VERSION}") set(CPACK_SOURCE_IGNORE_FILES "/installs/;/build/;/\\\\.git/;\\\\.#;/#") # deb-specific set(CPACK_DEBIAN_PACKAGE_HOMEPAGE "${PACKAGE_URL}") set(CPACK_DEBIAN_PACKAGE_RELEASE "${DEB_RELEASE_NUM}") set(CPACK_DEBIAN_PACKAGE_SHLIBDEPS ON) # rpm-specific set(CPACK_RPM_PACKAGE_LICENSE "${PACKAGE_LICENSE}") set(CPACK_RPM_PACKAGE_URL "${PACKAGE_URL}") set(CPACK_RPM_PACKAGE_RELEASE "${RPM_RELEASE_NUM}${RNP_VERSION_SUFFIX}") set(CPACK_RPM_PACKAGE_RELEASE_DIST ON) set(CPACK_RPM_PACKAGE_GROUP "Applications/System") set(CPACK_RPM_PACKAGE_DESCRIPTION "${PACKAGE_DESCRIPTION}") set(CPACK_RPM_PACKAGE_AUTOREQPROV ON) file(WRITE "${PROJECT_BINARY_DIR}/rpm-ldconfig" "/sbin/ldconfig") set(CPACK_RPM_POST_INSTALL_SCRIPT_FILE "${PROJECT_BINARY_DIR}/rpm-ldconfig") set(CPACK_RPM_POST_UNINSTALL_SCRIPT_FILE "${PROJECT_BINARY_DIR}/rpm-ldconfig") # rnp - obsolete the original package name, now preferring to append the major ver # rnp0 < [...] - obsolete the monolithic RPM generated by previous versions set(CPACK_RPM_PACKAGE_OBSOLETES "rnp, rnp0 < %{version}-%{release}") # rpm component packages set(CPACK_RPM_COMPONENT_INSTALL ON) set(CPACK_RPM_MAIN_COMPONENT "cli") # runtime library set(CPACK_RPM_RUNTIME_PACKAGE_NAME "librnp${PROJECT_VERSION_MAJOR}") set(CPACK_RPM_RUNTIME_FILE_NAME "${CPACK_RPM_RUNTIME_PACKAGE_NAME}-%{version}-%{release}.rpm") set(CPACK_RPM_RUNTIME_PACKAGE_SUMMARY "${CPACK_PACKAGE_DESCRIPTION_SUMMARY} (runtime)") # development files set(CPACK_RPM_DEVELOPMENT_PACKAGE_NAME "${CPACK_RPM_RUNTIME_PACKAGE_NAME}-devel") set(CPACK_RPM_DEVELOPMENT_FILE_NAME "${CPACK_RPM_DEVELOPMENT_PACKAGE_NAME}-%{version}-%{release}.rpm") set(CPACK_RPM_DEVELOPMENT_PACKAGE_SUMMARY "${CPACK_PACKAGE_DESCRIPTION_SUMMARY} (development files)") set(CPACK_RPM_DEVELOPMENT_PACKAGE_DESCRIPTION "Development files for the rnp library") set(CPACK_RPM_DEVELOPMENT_PACKAGE_REQUIRES "${CPACK_RPM_RUNTIME_PACKAGE_NAME}") # cli utils set(CPACK_RPM_CLI_FILE_NAME RPM-DEFAULT) set(CPACK_RPM_CLI_PACKAGE_SUMMARY "${CPACK_PACKAGE_DESCRIPTION_SUMMARY} (command-line utilities)") # bsd-specific set(CPACK_FREEBSD_PACKAGE_MAINTAINER "${PACKAGING_EMAIL}") set(CPACK_FREEBSD_PACKAGE_ORIGIN "security/rnp") set(CPACK_FREEBSD_PACKAGE_CATEGORIES security) set(CPACK_FREEBSD_PACKAGE_DEPS bzip2 json-c botan3) include(CPack) rnp-0.18.1/cmake/rnp-config.cmake.in000066400000000000000000000027171511004466700171440ustar00rootroot00000000000000# Copyright (c) 2018 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. @PACKAGE_INIT@ include(CMakeFindDependencyMacro) if(NOT TARGET rnp::librnp) include("${CMAKE_CURRENT_LIST_DIR}/rnp-targets.cmake") endif() rnp-0.18.1/cmake/rnp_tests_discover.cmake000066400000000000000000000016241511004466700204100ustar00rootroot00000000000000set(script) function(add_command NAME) set(_args "") foreach(_arg ${ARGN}) set(_args "${_args} [==[${_arg}]==]") endforeach() set(script "${script}${NAME}(${_args})\n" PARENT_SCOPE) endfunction() if(NOT EXISTS "${TEST_EXECUTABLE}") message(FATAL_ERROR "Executable does not exist: ${TEST_EXECUTABLE}") endif() execute_process( COMMAND "${TEST_EXECUTABLE}" list-tests WORKING_DIRECTORY "${TEST_WORKING_DIR}" OUTPUT_VARIABLE output RESULT_VARIABLE result ) if(NOT ${result} EQUAL 0) message(FATAL_ERROR "Error running executable: ${TEST_EXECUTABLE}") endif() string(REPLACE "\n" ";" output "${output}") foreach(line ${output}) set(test "${line}") add_command(add_test "rnp_tests-${test}" "${TEST_EXECUTABLE}" "${test}" ) add_command(set_tests_properties "rnp_tests-${test}" PROPERTIES ${TEST_PROPERTIES} ) endforeach() file(WRITE "${CTEST_FILE}" "${script}") rnp-0.18.1/cmake/version.cmake000066400000000000000000000161401511004466700161550ustar00rootroot00000000000000# Copyright (c) 2018-2021 Ribose Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. # desired length of commit hash set(GIT_REV_LEN 7) # call git, store output in var (can fail) macro(_git var) execute_process( COMMAND "${GIT_EXECUTABLE}" ${ARGN} WORKING_DIRECTORY "${source_dir}" RESULT_VARIABLE _git_ec OUTPUT_VARIABLE ${var} OUTPUT_STRIP_TRAILING_WHITESPACE ERROR_QUIET ) endmacro() function(extract_version_info version var_prefix) # extract the main components # v1.9.0-3-g5b92266+1546836556 # v1.9.0-3-g5b92266-dirty+1546836556 string(REGEX MATCH "^v?([0-9]+\\.[0-9]+\\.[0-9]+)(-([0-9]+)-g([0-9a-f]+)(-dirty)?)?(\\+([0-9]+))?$" matches "${version}") if (NOT matches) message(FATAL_ERROR "Failed to extract version components from ${version}.") endif() set(${var_prefix}_VERSION "${CMAKE_MATCH_1}" PARENT_SCOPE) # 1.9.0 if (NOT CMAKE_MATCH_3) set(CMAKE_MATCH_3 "0") endif() set(${var_prefix}_VERSION_NCOMMITS "${CMAKE_MATCH_3}" PARENT_SCOPE) # 3 if (NOT CMAKE_MATCH_4) set(CMAKE_MATCH_4 "0") endif() set(${var_prefix}_VERSION_GIT_REV "${CMAKE_MATCH_4}" PARENT_SCOPE) # 5b92266 if (CMAKE_MATCH_5 STREQUAL "-dirty") set(${var_prefix}_VERSION_IS_DIRTY TRUE PARENT_SCOPE) else() set(${var_prefix}_VERSION_IS_DIRTY FALSE PARENT_SCOPE) endif() # timestamp is optional, default to 0 if (NOT CMAKE_MATCH_7) set(CMAKE_MATCH_7 "0") endif() set(${var_prefix}_VERSION_COMMIT_TIMESTAMP "${CMAKE_MATCH_7}" PARENT_SCOPE) # 1546836556 endfunction() function(determine_version source_dir var_prefix) set(has_release_tag NO) set(has_version_txt NO) set(local_prefix "_determine_ver") # find out base version via version.txt set(base_version "0.0.0") if (EXISTS "${source_dir}/version.txt") set(has_version_txt YES) file(STRINGS "${source_dir}/version.txt" version_file) extract_version_info("${version_file}" "${local_prefix}") set(base_version "${${local_prefix}_VERSION}") message(STATUS "Found version.txt with ${version_file}") else() message(STATUS "Found no version.txt.") endif() # for GIT_EXECUTABLE find_package(Git) # get a description of the version, something like: # v1.9.1-0-g38ffe82 (a tagged release) # v1.9.1-0-g38ffe82-dirty (a tagged release with local modifications) # v1.9.0-3-g5b92266 (post-release snapshot) # v1.9.0-3-g5b92266-dirty (post-release snapshot with local modifications) _git(version describe --abbrev=${GIT_REV_LEN} --match "v[0-9]*" --long --dirty) if (NOT _git_ec EQUAL 0) # no annotated tags, fake one message(STATUS "Found no annotated tags.") _git(revision rev-parse --short=${GIT_REV_LEN} --verify HEAD) if (_git_ec EQUAL 0) set(version "v${base_version}-0-g${revision}") # check if dirty (this won't detect untracked files, but should be ok) _git(changes diff-index --quiet HEAD --) if (NOT _git_ec EQUAL 0) string(APPEND version "-dirty") endif() # append the commit timestamp of the most recent commit (only # in non-release branches -- typically master) _git(commit_timestamp show -s --format=%ct) if (_git_ec EQUAL 0) string(APPEND version "+${commit_timestamp}") endif() elseif(has_version_txt) # Nothing to get from git - so use version.txt completely set(version "${version_file}") else() # Sad case - no git, no version.txt set(version "v${base_version}") endif() else() set(has_release_tag YES) message(STATUS "Found annotated tag ${version}") endif() extract_version_info("${version}" "${local_prefix}") if ("${has_version_txt}" AND NOT ${base_version} STREQUAL ${local_prefix}_VERSION) message(WARNING "Tagged version ${${local_prefix}_VERSION} doesn't match one from the version.txt: ${base_version}") if (${base_version} VERSION_GREATER ${local_prefix}_VERSION) set(${local_prefix}_VERSION ${base_version}) endif() endif() foreach(suffix VERSION VERSION_NCOMMITS VERSION_GIT_REV VERSION_IS_DIRTY VERSION_COMMIT_TIMESTAMP) if (NOT DEFINED ${local_prefix}_${suffix}) message(FATAL_ERROR "Unable to determine version.") endif() set(${var_prefix}_${suffix} "${${local_prefix}_${suffix}}" PARENT_SCOPE) message(STATUS "${var_prefix}_${suffix}: ${${local_prefix}_${suffix}}") endforeach() # Set VERSION_SUFFIX and VERSION_FULL. When making changes, be aware that # this is used in packaging as well and will affect ordering. # | state | version_full | # |-----------------------------------------------------| # | exact tag | 0.9.0 | # | exact tag, dirty | 0.9.0+git20180604 | # | after tag | 0.9.0+git20180604.1.085039f | # | no tag, version.txt | 0.9.0+git20180604.2ee02af | # | no tag, no version.txt| 0.0.0+git20180604.2ee02af | string(TIMESTAMP date "%Y%m%d" UTC) set(version_suffix "") if (NOT ${local_prefix}_VERSION_NCOMMITS EQUAL 0) # 0.9.0+git20150604.4.289818b string(APPEND version_suffix "+git${date}.${${local_prefix}_VERSION_NCOMMITS}.${${local_prefix}_VERSION_GIT_REV}") elseif ((NOT has_release_tag) AND ((NOT has_version_txt) OR ("${base_version}" STREQUAL "0.0.0") OR (NOT "${revision}" STREQUAL ""))) # 0.9.0+git20150604.289818b string(APPEND version_suffix "+git${date}.${${local_prefix}_VERSION_GIT_REV}") elseif(${local_prefix}_VERSION_IS_DIRTY) # 0.9.0+git20150604 string(APPEND version_suffix "+git${date}") endif() set(version_full "${${local_prefix}_VERSION}${version_suffix}") # set the results set(${var_prefix}_VERSION_SUFFIX "${version_suffix}" PARENT_SCOPE) set(${var_prefix}_VERSION_FULL "${version_full}" PARENT_SCOPE) # for informational purposes message(STATUS "${var_prefix}_VERSION_SUFFIX: ${version_suffix}") message(STATUS "${var_prefix}_VERSION_FULL: ${version_full}") endfunction() rnp-0.18.1/codecov.yml000066400000000000000000000023331511004466700145520ustar00rootroot00000000000000# # Copyright 2024 Ribose Inc. (https://www.ribose.com) # # Permission is hereby granted, free of charge, to any person obtaining a copy of # this software and associated documentation files (the "Software"), to deal in # the Software without restriction, including without limitation the rights to # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of # the Software, and to permit persons to whom the Software is furnished to do so, # subject to the following conditions: # # The above copyright notice and this permission notice shall be included in all # copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. # ignore: # Google test sources stored under the build directory - "build" - "src/examples" - "src/libsexpp" - "src/tests" rnp-0.18.1/default.nix000066400000000000000000000022161511004466700145510ustar00rootroot00000000000000{ pkgs ? import { } , lib ? pkgs.lib , stdenv ? pkgs.stdenv }: stdenv.mkDerivation rec { pname = "rnp"; version = "unstable"; src = ./.; buildInputs = with pkgs; [ zlib bzip2 json_c botan2 ]; cmakeFlags = [ "-DCMAKE_INSTALL_PREFIX=${placeholder "out"}" "-DBUILD_SHARED_LIBS=on" "-DBUILD_TESTING=on" "-DDOWNLOAD_GTEST=off" ]; nativeBuildInputs = with pkgs; [ asciidoctor cmake gnupg gtest pkg-config python3 ]; # NOTE: check-only inputs should ideally be moved to checkInputs, but it # would fail during buildPhase. # checkInputs = [ gtest python3 ]; outputs = [ "out" "lib" "dev" ]; preConfigure = '' commitEpoch=$(date +%s) baseVersion=$(cat version.txt) echo "v$baseVersion-0-g0-dirty+$commitEpoch" > version.txt # For generating the correct timestamp in cmake export SOURCE_DATE_EPOCH=$commitEpoch ''; meta = with lib; { homepage = "https://github.com/rnpgp/rnp"; description = "High performance C++ OpenPGP library, fully compliant to RFC 4880"; license = licenses.bsd2; platforms = platforms.all; maintainers = with maintainers; [ ribose-jeffreylau ]; }; }rnp-0.18.1/docs/000077500000000000000000000000001511004466700133345ustar00rootroot00000000000000rnp-0.18.1/docs/Doxyfile000066400000000000000000003501651511004466700150540ustar00rootroot00000000000000# Doxyfile 1.9.4 # This file describes the settings to be used by the documentation system # doxygen (www.doxygen.org) for a project. # # All text after a double hash (##) is considered a comment and is placed in # front of the TAG it is preceding. # # All text after a single hash (#) is considered a comment and will be ignored. # The format is: # TAG = value [value, ...] # For lists, items can also be appended using: # TAG += value [value, ...] # Values that contain spaces should be placed between quotes (\" \"). # # Note: # # Use doxygen to compare the used configuration file with the template # configuration file: # doxygen -x [configFile] # Use doxygen to compare the used configuration file with the template # configuration file without replacing the environment variables: # doxygen -x_noenv [configFile] #--------------------------------------------------------------------------- # Project related configuration options #--------------------------------------------------------------------------- # This tag specifies the encoding used for all characters in the configuration # file that follow. The default is UTF-8 which is also the encoding used for all # text before the first occurrence of this tag. Doxygen uses libiconv (or the # iconv built into libc) for the transcoding. See # https://www.gnu.org/software/libiconv/ for the list of possible encodings. # The default value is: UTF-8. DOXYFILE_ENCODING = UTF-8 # The PROJECT_NAME tag is a single word (or a sequence of words surrounded by # double-quotes, unless you are using Doxywizard) that should identify the # project for which the documentation is generated. This name is used in the # title of most generated pages and in a few other places. # The default value is: My Project. PROJECT_NAME = "RNP doxy" # The PROJECT_NUMBER tag can be used to enter a project or revision number. This # could be handy for archiving the generated documentation or if some version # control system is used. PROJECT_NUMBER = # Using the PROJECT_BRIEF tag one can provide an optional one line description # for a project that appears at the top of each page and should give viewer a # quick idea about the purpose of the project. Keep the description short. PROJECT_BRIEF = # With the PROJECT_LOGO tag one can specify a logo or an icon that is included # in the documentation. The maximum height of the logo should not exceed 55 # pixels and the maximum width should not exceed 200 pixels. Doxygen will copy # the logo to the output directory. PROJECT_LOGO = # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) path # into which the generated documentation will be written. If a relative path is # entered, it will be relative to the location where doxygen was started. If # left blank the current directory will be used. OUTPUT_DIRECTORY = ./ffi_api_doc # If the CREATE_SUBDIRS tag is set to YES then doxygen will create up to 4096 # sub-directories (in 2 levels) under the output directory of each output format # and will distribute the generated files over these directories. Enabling this # option can be useful when feeding doxygen a huge amount of source files, where # putting all generated files in the same directory would otherwise causes # performance problems for the file system. Adapt CREATE_SUBDIRS_LEVEL to # control the number of sub-directories. # The default value is: NO. CREATE_SUBDIRS = NO # Controls the number of sub-directories that will be created when # CREATE_SUBDIRS tag is set to YES. Level 0 represents 16 directories, and every # level increment doubles the number of directories, resulting in 4096 # directories at level 8 which is the default and also the maximum value. The # sub-directories are organized in 2 levels, the first level always has a fixed # number of 16 directories. # Minimum value: 0, maximum value: 8, default value: 8. # This tag requires that the tag CREATE_SUBDIRS is set to YES. CREATE_SUBDIRS_LEVEL = 8 # If the ALLOW_UNICODE_NAMES tag is set to YES, doxygen will allow non-ASCII # characters to appear in the names of generated files. If set to NO, non-ASCII # characters will be escaped, for example _xE3_x81_x84 will be used for Unicode # U+3044. # The default value is: NO. ALLOW_UNICODE_NAMES = NO # The OUTPUT_LANGUAGE tag is used to specify the language in which all # documentation generated by doxygen is written. Doxygen will use this # information to generate all constant output in the proper language. # Possible values are: Afrikaans, Arabic, Armenian, Brazilian, Bulgarian, # Catalan, Chinese, Chinese-Traditional, Croatian, Czech, Danish, Dutch, English # (United States), Esperanto, Farsi (Persian), Finnish, French, German, Greek, # Hindi, Hungarian, Indonesian, Italian, Japanese, Japanese-en (Japanese with # English messages), Korean, Korean-en (Korean with English messages), Latvian, # Lithuanian, Macedonian, Norwegian, Persian (Farsi), Polish, Portuguese, # Romanian, Russian, Serbian, Serbian-Cyrillic, Slovak, Slovene, Spanish, # Swedish, Turkish, Ukrainian and Vietnamese. # The default value is: English. OUTPUT_LANGUAGE = English # If the BRIEF_MEMBER_DESC tag is set to YES, doxygen will include brief member # descriptions after the members that are listed in the file and class # documentation (similar to Javadoc). Set to NO to disable this. # The default value is: YES. BRIEF_MEMBER_DESC = YES # If the REPEAT_BRIEF tag is set to YES, doxygen will prepend the brief # description of a member or function before the detailed description # # Note: If both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the # brief descriptions will be completely suppressed. # The default value is: YES. REPEAT_BRIEF = YES # This tag implements a quasi-intelligent brief description abbreviator that is # used to form the text in various listings. Each string in this list, if found # as the leading text of the brief description, will be stripped from the text # and the result, after processing the whole list, is used as the annotated # text. Otherwise, the brief description is used as-is. If left blank, the # following values are used ($name is automatically replaced with the name of # the entity):The $name class, The $name widget, The $name file, is, provides, # specifies, contains, represents, a, an and the. ABBREVIATE_BRIEF = "The $name class" \ "The $name widget" \ "The $name file" \ is \ provides \ specifies \ contains \ represents \ a \ an \ the # If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then # doxygen will generate a detailed section even if there is only a brief # description. # The default value is: NO. ALWAYS_DETAILED_SEC = NO # If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all # inherited members of a class in the documentation of that class as if those # members were ordinary class members. Constructors, destructors and assignment # operators of the base classes will not be shown. # The default value is: NO. INLINE_INHERITED_MEMB = NO # If the FULL_PATH_NAMES tag is set to YES, doxygen will prepend the full path # before files name in the file list and in the header files. If set to NO the # shortest path that makes the file name unique will be used # The default value is: YES. FULL_PATH_NAMES = YES # The STRIP_FROM_PATH tag can be used to strip a user-defined part of the path. # Stripping is only done if one of the specified strings matches the left-hand # part of the path. The tag can be used to show relative paths in the file list. # If left blank the directory from which doxygen is run is used as the path to # strip. # # Note that you can specify absolute paths here, but also relative paths, which # will be relative from the directory where doxygen is started. # This tag requires that the tag FULL_PATH_NAMES is set to YES. STRIP_FROM_PATH = # The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of the # path mentioned in the documentation of a class, which tells the reader which # header file to include in order to use a class. If left blank only the name of # the header file containing the class definition is used. Otherwise one should # specify the list of include paths that are normally passed to the compiler # using the -I flag. STRIP_FROM_INC_PATH = # If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter (but # less readable) file names. This can be useful is your file systems doesn't # support long names like on DOS, Mac, or CD-ROM. # The default value is: NO. SHORT_NAMES = NO # If the JAVADOC_AUTOBRIEF tag is set to YES then doxygen will interpret the # first line (until the first dot) of a Javadoc-style comment as the brief # description. If set to NO, the Javadoc-style will behave just like regular Qt- # style comments (thus requiring an explicit @brief command for a brief # description.) # The default value is: NO. JAVADOC_AUTOBRIEF = NO # If the JAVADOC_BANNER tag is set to YES then doxygen will interpret a line # such as # /*************** # as being the beginning of a Javadoc-style comment "banner". If set to NO, the # Javadoc-style will behave just like regular comments and it will not be # interpreted by doxygen. # The default value is: NO. JAVADOC_BANNER = NO # If the QT_AUTOBRIEF tag is set to YES then doxygen will interpret the first # line (until the first dot) of a Qt-style comment as the brief description. If # set to NO, the Qt-style will behave just like regular Qt-style comments (thus # requiring an explicit \brief command for a brief description.) # The default value is: NO. QT_AUTOBRIEF = NO # The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make doxygen treat a # multi-line C++ special comment block (i.e. a block of //! or /// comments) as # a brief description. This used to be the default behavior. The new default is # to treat a multi-line C++ comment block as a detailed description. Set this # tag to YES if you prefer the old behavior instead. # # Note that setting this tag to YES also means that rational rose comments are # not recognized any more. # The default value is: NO. MULTILINE_CPP_IS_BRIEF = NO # By default Python docstrings are displayed as preformatted text and doxygen's # special commands cannot be used. By setting PYTHON_DOCSTRING to NO the # doxygen's special commands can be used and the contents of the docstring # documentation blocks is shown as doxygen documentation. # The default value is: YES. PYTHON_DOCSTRING = YES # If the INHERIT_DOCS tag is set to YES then an undocumented member inherits the # documentation from any documented member that it re-implements. # The default value is: YES. INHERIT_DOCS = YES # If the SEPARATE_MEMBER_PAGES tag is set to YES then doxygen will produce a new # page for each member. If set to NO, the documentation of a member will be part # of the file/class/namespace that contains it. # The default value is: NO. SEPARATE_MEMBER_PAGES = NO # The TAB_SIZE tag can be used to set the number of spaces in a tab. Doxygen # uses this value to replace tabs by spaces in code fragments. # Minimum value: 1, maximum value: 16, default value: 4. TAB_SIZE = 4 # This tag can be used to specify a number of aliases that act as commands in # the documentation. An alias has the form: # name=value # For example adding # "sideeffect=@par Side Effects:^^" # will allow you to put the command \sideeffect (or @sideeffect) in the # documentation, which will result in a user-defined paragraph with heading # "Side Effects:". Note that you cannot put \n's in the value part of an alias # to insert newlines (in the resulting output). You can put ^^ in the value part # of an alias to insert a newline as if a physical newline was in the original # file. When you need a literal { or } or , in the value part of an alias you # have to escape them by means of a backslash (\), this can lead to conflicts # with the commands \{ and \} for these it is advised to use the version @{ and # @} or use a double escape (\\{ and \\}) ALIASES = # Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources # only. Doxygen will then generate output that is more tailored for C. For # instance, some of the names that are used will be different. The list of all # members will be omitted, etc. # The default value is: NO. OPTIMIZE_OUTPUT_FOR_C = YES # Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java or # Python sources only. Doxygen will then generate output that is more tailored # for that language. For instance, namespaces will be presented as packages, # qualified scopes will look different, etc. # The default value is: NO. OPTIMIZE_OUTPUT_JAVA = NO # Set the OPTIMIZE_FOR_FORTRAN tag to YES if your project consists of Fortran # sources. Doxygen will then generate output that is tailored for Fortran. # The default value is: NO. OPTIMIZE_FOR_FORTRAN = NO # Set the OPTIMIZE_OUTPUT_VHDL tag to YES if your project consists of VHDL # sources. Doxygen will then generate output that is tailored for VHDL. # The default value is: NO. OPTIMIZE_OUTPUT_VHDL = NO # Set the OPTIMIZE_OUTPUT_SLICE tag to YES if your project consists of Slice # sources only. Doxygen will then generate output that is more tailored for that # language. For instance, namespaces will be presented as modules, types will be # separated into more groups, etc. # The default value is: NO. OPTIMIZE_OUTPUT_SLICE = NO # Doxygen selects the parser to use depending on the extension of the files it # parses. With this tag you can assign which parser to use for a given # extension. Doxygen has a built-in mapping, but you can override or extend it # using this tag. The format is ext=language, where ext is a file extension, and # language is one of the parsers supported by doxygen: IDL, Java, JavaScript, # Csharp (C#), C, C++, Lex, D, PHP, md (Markdown), Objective-C, Python, Slice, # VHDL, Fortran (fixed format Fortran: FortranFixed, free formatted Fortran: # FortranFree, unknown formatted Fortran: Fortran. In the later case the parser # tries to guess whether the code is fixed or free formatted code, this is the # default for Fortran type files). For instance to make doxygen treat .inc files # as Fortran files (default is PHP), and .f files as C (default is Fortran), # use: inc=Fortran f=C. # # Note: For files without extension you can use no_extension as a placeholder. # # Note that for custom extensions you also need to set FILE_PATTERNS otherwise # the files are not read by doxygen. When specifying no_extension you should add # * to the FILE_PATTERNS. # # Note see also the list of default file extension mappings. EXTENSION_MAPPING = # If the MARKDOWN_SUPPORT tag is enabled then doxygen pre-processes all comments # according to the Markdown format, which allows for more readable # documentation. See https://daringfireball.net/projects/markdown/ for details. # The output of markdown processing is further processed by doxygen, so you can # mix doxygen, HTML, and XML commands with Markdown formatting. Disable only in # case of backward compatibilities issues. # The default value is: YES. MARKDOWN_SUPPORT = YES # When the TOC_INCLUDE_HEADINGS tag is set to a non-zero value, all headings up # to that level are automatically included in the table of contents, even if # they do not have an id attribute. # Note: This feature currently applies only to Markdown headings. # Minimum value: 0, maximum value: 99, default value: 5. # This tag requires that the tag MARKDOWN_SUPPORT is set to YES. TOC_INCLUDE_HEADINGS = 5 # When enabled doxygen tries to link words that correspond to documented # classes, or namespaces to their corresponding documentation. Such a link can # be prevented in individual cases by putting a % sign in front of the word or # globally by setting AUTOLINK_SUPPORT to NO. # The default value is: YES. AUTOLINK_SUPPORT = YES # If you use STL classes (i.e. std::string, std::vector, etc.) but do not want # to include (a tag file for) the STL sources as input, then you should set this # tag to YES in order to let doxygen match functions declarations and # definitions whose arguments contain STL classes (e.g. func(std::string); # versus func(std::string) {}). This also make the inheritance and collaboration # diagrams that involve STL classes more complete and accurate. # The default value is: NO. BUILTIN_STL_SUPPORT = NO # If you use Microsoft's C++/CLI language, you should set this option to YES to # enable parsing support. # The default value is: NO. CPP_CLI_SUPPORT = NO # Set the SIP_SUPPORT tag to YES if your project consists of sip (see: # https://www.riverbankcomputing.com/software/sip/intro) sources only. Doxygen # will parse them like normal C++ but will assume all classes use public instead # of private inheritance when no explicit protection keyword is present. # The default value is: NO. SIP_SUPPORT = NO # For Microsoft's IDL there are propget and propput attributes to indicate # getter and setter methods for a property. Setting this option to YES will make # doxygen to replace the get and set methods by a property in the documentation. # This will only work if the methods are indeed getting or setting a simple # type. If this is not the case, or you want to show the methods anyway, you # should set this option to NO. # The default value is: YES. IDL_PROPERTY_SUPPORT = YES # If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC # tag is set to YES then doxygen will reuse the documentation of the first # member in the group (if any) for the other members of the group. By default # all members of a group must be documented explicitly. # The default value is: NO. DISTRIBUTE_GROUP_DOC = NO # If one adds a struct or class to a group and this option is enabled, then also # any nested class or struct is added to the same group. By default this option # is disabled and one has to add nested compounds explicitly via \ingroup. # The default value is: NO. GROUP_NESTED_COMPOUNDS = NO # Set the SUBGROUPING tag to YES to allow class member groups of the same type # (for instance a group of public functions) to be put as a subgroup of that # type (e.g. under the Public Functions section). Set it to NO to prevent # subgrouping. Alternatively, this can be done per class using the # \nosubgrouping command. # The default value is: YES. SUBGROUPING = YES # When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and unions # are shown inside the group in which they are included (e.g. using \ingroup) # instead of on a separate page (for HTML and Man pages) or section (for LaTeX # and RTF). # # Note that this feature does not work in combination with # SEPARATE_MEMBER_PAGES. # The default value is: NO. INLINE_GROUPED_CLASSES = NO # When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and unions # with only public data fields or simple typedef fields will be shown inline in # the documentation of the scope in which they are defined (i.e. file, # namespace, or group documentation), provided this scope is documented. If set # to NO, structs, classes, and unions are shown on a separate page (for HTML and # Man pages) or section (for LaTeX and RTF). # The default value is: NO. INLINE_SIMPLE_STRUCTS = NO # When TYPEDEF_HIDES_STRUCT tag is enabled, a typedef of a struct, union, or # enum is documented as struct, union, or enum with the name of the typedef. So # typedef struct TypeS {} TypeT, will appear in the documentation as a struct # with name TypeT. When disabled the typedef will appear as a member of a file, # namespace, or class. And the struct will be named TypeS. This can typically be # useful for C code in case the coding convention dictates that all compound # types are typedef'ed and only the typedef is referenced, never the tag name. # The default value is: NO. TYPEDEF_HIDES_STRUCT = NO # The size of the symbol lookup cache can be set using LOOKUP_CACHE_SIZE. This # cache is used to resolve symbols given their name and scope. Since this can be # an expensive process and often the same symbol appears multiple times in the # code, doxygen keeps a cache of pre-resolved symbols. If the cache is too small # doxygen will become slower. If the cache is too large, memory is wasted. The # cache size is given by this formula: 2^(16+LOOKUP_CACHE_SIZE). The valid range # is 0..9, the default is 0, corresponding to a cache size of 2^16=65536 # symbols. At the end of a run doxygen will report the cache usage and suggest # the optimal cache size from a speed point of view. # Minimum value: 0, maximum value: 9, default value: 0. LOOKUP_CACHE_SIZE = 0 # The NUM_PROC_THREADS specifies the number of threads doxygen is allowed to use # during processing. When set to 0 doxygen will based this on the number of # cores available in the system. You can set it explicitly to a value larger # than 0 to get more control over the balance between CPU load and processing # speed. At this moment only the input processing can be done using multiple # threads. Since this is still an experimental feature the default is set to 1, # which effectively disables parallel processing. Please report any issues you # encounter. Generating dot graphs in parallel is controlled by the # DOT_NUM_THREADS setting. # Minimum value: 0, maximum value: 32, default value: 1. NUM_PROC_THREADS = 1 #--------------------------------------------------------------------------- # Build related configuration options #--------------------------------------------------------------------------- # If the EXTRACT_ALL tag is set to YES, doxygen will assume all entities in # documentation are documented, even if no documentation was available. Private # class members and static file members will be hidden unless the # EXTRACT_PRIVATE respectively EXTRACT_STATIC tags are set to YES. # Note: This will also disable the warnings about undocumented members that are # normally produced when WARNINGS is set to YES. # The default value is: NO. EXTRACT_ALL = YES # If the EXTRACT_PRIVATE tag is set to YES, all private members of a class will # be included in the documentation. # The default value is: NO. EXTRACT_PRIVATE = NO # If the EXTRACT_PRIV_VIRTUAL tag is set to YES, documented private virtual # methods of a class will be included in the documentation. # The default value is: NO. EXTRACT_PRIV_VIRTUAL = NO # If the EXTRACT_PACKAGE tag is set to YES, all members with package or internal # scope will be included in the documentation. # The default value is: NO. EXTRACT_PACKAGE = NO # If the EXTRACT_STATIC tag is set to YES, all static members of a file will be # included in the documentation. # The default value is: NO. EXTRACT_STATIC = NO # If the EXTRACT_LOCAL_CLASSES tag is set to YES, classes (and structs) defined # locally in source files will be included in the documentation. If set to NO, # only classes defined in header files are included. Does not have any effect # for Java sources. # The default value is: YES. EXTRACT_LOCAL_CLASSES = YES # This flag is only useful for Objective-C code. If set to YES, local methods, # which are defined in the implementation section but not in the interface are # included in the documentation. If set to NO, only methods in the interface are # included. # The default value is: NO. EXTRACT_LOCAL_METHODS = NO # If this flag is set to YES, the members of anonymous namespaces will be # extracted and appear in the documentation as a namespace called # 'anonymous_namespace{file}', where file will be replaced with the base name of # the file that contains the anonymous namespace. By default anonymous namespace # are hidden. # The default value is: NO. EXTRACT_ANON_NSPACES = NO # If this flag is set to YES, the name of an unnamed parameter in a declaration # will be determined by the corresponding definition. By default unnamed # parameters remain unnamed in the output. # The default value is: YES. RESOLVE_UNNAMED_PARAMS = YES # If the HIDE_UNDOC_MEMBERS tag is set to YES, doxygen will hide all # undocumented members inside documented classes or files. If set to NO these # members will be included in the various overviews, but no documentation # section is generated. This option has no effect if EXTRACT_ALL is enabled. # The default value is: NO. HIDE_UNDOC_MEMBERS = NO # If the HIDE_UNDOC_CLASSES tag is set to YES, doxygen will hide all # undocumented classes that are normally visible in the class hierarchy. If set # to NO, these classes will be included in the various overviews. This option # has no effect if EXTRACT_ALL is enabled. # The default value is: NO. HIDE_UNDOC_CLASSES = NO # If the HIDE_FRIEND_COMPOUNDS tag is set to YES, doxygen will hide all friend # declarations. If set to NO, these declarations will be included in the # documentation. # The default value is: NO. HIDE_FRIEND_COMPOUNDS = NO # If the HIDE_IN_BODY_DOCS tag is set to YES, doxygen will hide any # documentation blocks found inside the body of a function. If set to NO, these # blocks will be appended to the function's detailed documentation block. # The default value is: NO. HIDE_IN_BODY_DOCS = NO # The INTERNAL_DOCS tag determines if documentation that is typed after a # \internal command is included. If the tag is set to NO then the documentation # will be excluded. Set it to YES to include the internal documentation. # The default value is: NO. INTERNAL_DOCS = NO # With the correct setting of option CASE_SENSE_NAMES doxygen will better be # able to match the capabilities of the underlying filesystem. In case the # filesystem is case sensitive (i.e. it supports files in the same directory # whose names only differ in casing), the option must be set to YES to properly # deal with such files in case they appear in the input. For filesystems that # are not case sensitive the option should be set to NO to properly deal with # output files written for symbols that only differ in casing, such as for two # classes, one named CLASS and the other named Class, and to also support # references to files without having to specify the exact matching casing. On # Windows (including Cygwin) and MacOS, users should typically set this option # to NO, whereas on Linux or other Unix flavors it should typically be set to # YES. # The default value is: system dependent. CASE_SENSE_NAMES = NO # If the HIDE_SCOPE_NAMES tag is set to NO then doxygen will show members with # their full class and namespace scopes in the documentation. If set to YES, the # scope will be hidden. # The default value is: NO. HIDE_SCOPE_NAMES = YES # If the HIDE_COMPOUND_REFERENCE tag is set to NO (default) then doxygen will # append additional text to a page's title, such as Class Reference. If set to # YES the compound reference will be hidden. # The default value is: NO. HIDE_COMPOUND_REFERENCE= NO # If the SHOW_HEADERFILE tag is set to YES then the documentation for a class # will show which file needs to be included to use the class. # The default value is: YES. SHOW_HEADERFILE = YES # If the SHOW_INCLUDE_FILES tag is set to YES then doxygen will put a list of # the files that are included by a file in the documentation of that file. # The default value is: YES. SHOW_INCLUDE_FILES = YES # If the SHOW_GROUPED_MEMB_INC tag is set to YES then Doxygen will add for each # grouped member an include statement to the documentation, telling the reader # which file to include in order to use the member. # The default value is: NO. SHOW_GROUPED_MEMB_INC = NO # If the FORCE_LOCAL_INCLUDES tag is set to YES then doxygen will list include # files with double quotes in the documentation rather than with sharp brackets. # The default value is: NO. FORCE_LOCAL_INCLUDES = NO # If the INLINE_INFO tag is set to YES then a tag [inline] is inserted in the # documentation for inline members. # The default value is: YES. INLINE_INFO = YES # If the SORT_MEMBER_DOCS tag is set to YES then doxygen will sort the # (detailed) documentation of file and class members alphabetically by member # name. If set to NO, the members will appear in declaration order. # The default value is: YES. SORT_MEMBER_DOCS = YES # If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the brief # descriptions of file, namespace and class members alphabetically by member # name. If set to NO, the members will appear in declaration order. Note that # this will also influence the order of the classes in the class list. # The default value is: NO. SORT_BRIEF_DOCS = NO # If the SORT_MEMBERS_CTORS_1ST tag is set to YES then doxygen will sort the # (brief and detailed) documentation of class members so that constructors and # destructors are listed first. If set to NO the constructors will appear in the # respective orders defined by SORT_BRIEF_DOCS and SORT_MEMBER_DOCS. # Note: If SORT_BRIEF_DOCS is set to NO this option is ignored for sorting brief # member documentation. # Note: If SORT_MEMBER_DOCS is set to NO this option is ignored for sorting # detailed member documentation. # The default value is: NO. SORT_MEMBERS_CTORS_1ST = NO # If the SORT_GROUP_NAMES tag is set to YES then doxygen will sort the hierarchy # of group names into alphabetical order. If set to NO the group names will # appear in their defined order. # The default value is: NO. SORT_GROUP_NAMES = NO # If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be sorted by # fully-qualified names, including namespaces. If set to NO, the class list will # be sorted only by class name, not including the namespace part. # Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES. # Note: This option applies only to the class list, not to the alphabetical # list. # The default value is: NO. SORT_BY_SCOPE_NAME = NO # If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to do proper # type resolution of all parameters of a function it will reject a match between # the prototype and the implementation of a member function even if there is # only one candidate or it is obvious which candidate to choose by doing a # simple string match. By disabling STRICT_PROTO_MATCHING doxygen will still # accept a match between prototype and implementation in such cases. # The default value is: NO. STRICT_PROTO_MATCHING = NO # The GENERATE_TODOLIST tag can be used to enable (YES) or disable (NO) the todo # list. This list is created by putting \todo commands in the documentation. # The default value is: YES. GENERATE_TODOLIST = YES # The GENERATE_TESTLIST tag can be used to enable (YES) or disable (NO) the test # list. This list is created by putting \test commands in the documentation. # The default value is: YES. GENERATE_TESTLIST = YES # The GENERATE_BUGLIST tag can be used to enable (YES) or disable (NO) the bug # list. This list is created by putting \bug commands in the documentation. # The default value is: YES. GENERATE_BUGLIST = YES # The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or disable (NO) # the deprecated list. This list is created by putting \deprecated commands in # the documentation. # The default value is: YES. GENERATE_DEPRECATEDLIST= YES # The ENABLED_SECTIONS tag can be used to enable conditional documentation # sections, marked by \if ... \endif and \cond # ... \endcond blocks. ENABLED_SECTIONS = # The MAX_INITIALIZER_LINES tag determines the maximum number of lines that the # initial value of a variable or macro / define can have for it to appear in the # documentation. If the initializer consists of more lines than specified here # it will be hidden. Use a value of 0 to hide initializers completely. The # appearance of the value of individual variables and macros / defines can be # controlled using \showinitializer or \hideinitializer command in the # documentation regardless of this setting. # Minimum value: 0, maximum value: 10000, default value: 30. MAX_INITIALIZER_LINES = 30 # Set the SHOW_USED_FILES tag to NO to disable the list of files generated at # the bottom of the documentation of classes and structs. If set to YES, the # list will mention the files that were used to generate the documentation. # The default value is: YES. SHOW_USED_FILES = YES # Set the SHOW_FILES tag to NO to disable the generation of the Files page. This # will remove the Files entry from the Quick Index and from the Folder Tree View # (if specified). # The default value is: YES. SHOW_FILES = YES # Set the SHOW_NAMESPACES tag to NO to disable the generation of the Namespaces # page. This will remove the Namespaces entry from the Quick Index and from the # Folder Tree View (if specified). # The default value is: YES. SHOW_NAMESPACES = YES # The FILE_VERSION_FILTER tag can be used to specify a program or script that # doxygen should invoke to get the current version for each file (typically from # the version control system). Doxygen will invoke the program by executing (via # popen()) the command command input-file, where command is the value of the # FILE_VERSION_FILTER tag, and input-file is the name of an input file provided # by doxygen. Whatever the program writes to standard output is used as the file # version. For an example see the documentation. FILE_VERSION_FILTER = # The LAYOUT_FILE tag can be used to specify a layout file which will be parsed # by doxygen. The layout file controls the global structure of the generated # output files in an output format independent way. To create the layout file # that represents doxygen's defaults, run doxygen with the -l option. You can # optionally specify a file name after the option, if omitted DoxygenLayout.xml # will be used as the name of the layout file. See also section "Changing the # layout of pages" for information. # # Note that if you run doxygen from a directory containing a file called # DoxygenLayout.xml, doxygen will parse it automatically even if the LAYOUT_FILE # tag is left empty. LAYOUT_FILE = # The CITE_BIB_FILES tag can be used to specify one or more bib files containing # the reference definitions. This must be a list of .bib files. The .bib # extension is automatically appended if omitted. This requires the bibtex tool # to be installed. See also https://en.wikipedia.org/wiki/BibTeX for more info. # For LaTeX the style of the bibliography can be controlled using # LATEX_BIB_STYLE. To use this feature you need bibtex and perl available in the # search path. See also \cite for info how to create references. CITE_BIB_FILES = #--------------------------------------------------------------------------- # Configuration options related to warning and progress messages #--------------------------------------------------------------------------- # The QUIET tag can be used to turn on/off the messages that are generated to # standard output by doxygen. If QUIET is set to YES this implies that the # messages are off. # The default value is: NO. QUIET = NO # The WARNINGS tag can be used to turn on/off the warning messages that are # generated to standard error (stderr) by doxygen. If WARNINGS is set to YES # this implies that the warnings are on. # # Tip: Turn warnings on while writing the documentation. # The default value is: YES. WARNINGS = YES # If the WARN_IF_UNDOCUMENTED tag is set to YES then doxygen will generate # warnings for undocumented members. If EXTRACT_ALL is set to YES then this flag # will automatically be disabled. # The default value is: YES. WARN_IF_UNDOCUMENTED = YES # If the WARN_IF_DOC_ERROR tag is set to YES, doxygen will generate warnings for # potential errors in the documentation, such as documenting some parameters in # a documented function twice, or documenting parameters that don't exist or # using markup commands wrongly. # The default value is: YES. WARN_IF_DOC_ERROR = YES # If WARN_IF_INCOMPLETE_DOC is set to YES, doxygen will warn about incomplete # function parameter documentation. If set to NO, doxygen will accept that some # parameters have no documentation without warning. # The default value is: YES. WARN_IF_INCOMPLETE_DOC = YES # This WARN_NO_PARAMDOC option can be enabled to get warnings for functions that # are documented, but have no documentation for their parameters or return # value. If set to NO, doxygen will only warn about wrong parameter # documentation, but not about the absence of documentation. If EXTRACT_ALL is # set to YES then this flag will automatically be disabled. See also # WARN_IF_INCOMPLETE_DOC # The default value is: NO. WARN_NO_PARAMDOC = NO # If the WARN_AS_ERROR tag is set to YES then doxygen will immediately stop when # a warning is encountered. If the WARN_AS_ERROR tag is set to FAIL_ON_WARNINGS # then doxygen will continue running as if WARN_AS_ERROR tag is set to NO, but # at the end of the doxygen process doxygen will return with a non-zero status. # Possible values are: NO, YES and FAIL_ON_WARNINGS. # The default value is: NO. WARN_AS_ERROR = NO # The WARN_FORMAT tag determines the format of the warning messages that doxygen # can produce. The string should contain the $file, $line, and $text tags, which # will be replaced by the file and line number from which the warning originated # and the warning text. Optionally the format may contain $version, which will # be replaced by the version of the file (if it could be obtained via # FILE_VERSION_FILTER) # See also: WARN_LINE_FORMAT # The default value is: $file:$line: $text. WARN_FORMAT = "$file:$line: $text" # In the $text part of the WARN_FORMAT command it is possible that a reference # to a more specific place is given. To make it easier to jump to this place # (outside of doxygen) the user can define a custom "cut" / "paste" string. # Example: # WARN_LINE_FORMAT = "'vi $file +$line'" # See also: WARN_FORMAT # The default value is: at line $line of file $file. WARN_LINE_FORMAT = "at line $line of file $file" # The WARN_LOGFILE tag can be used to specify a file to which warning and error # messages should be written. If left blank the output is written to standard # error (stderr). In case the file specified cannot be opened for writing the # warning and error messages are written to standard error. When as file - is # specified the warning and error messages are written to standard output # (stdout). WARN_LOGFILE = #--------------------------------------------------------------------------- # Configuration options related to the input files #--------------------------------------------------------------------------- # The INPUT tag is used to specify the files and/or directories that contain # documented source files. You may enter file names like myfile.cpp or # directories like /usr/src/myproject. Separate the files or directories with # spaces. See also FILE_PATTERNS and EXTENSION_MAPPING # Note: If this tag is empty the current directory is searched. INPUT = ../ # This tag can be used to specify the character encoding of the source files # that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses # libiconv (or the iconv built into libc) for the transcoding. See the libiconv # documentation (see: # https://www.gnu.org/software/libiconv/) for the list of possible encodings. # The default value is: UTF-8. INPUT_ENCODING = UTF-8 # If the value of the INPUT tag contains directories, you can use the # FILE_PATTERNS tag to specify one or more wildcard patterns (like *.cpp and # *.h) to filter out the source-files in the directories. # # Note that for custom extensions or not directly supported extensions you also # need to set EXTENSION_MAPPING for the extension otherwise the files are not # read by doxygen. # # Note the list of default checked file patterns might differ from the list of # default file extension mappings. # # If left blank the following patterns are tested:*.c, *.cc, *.cxx, *.cpp, # *.c++, *.java, *.ii, *.ixx, *.ipp, *.i++, *.inl, *.idl, *.ddl, *.odl, *.h, # *.hh, *.hxx, *.hpp, *.h++, *.l, *.cs, *.d, *.php, *.php4, *.php5, *.phtml, # *.inc, *.m, *.markdown, *.md, *.mm, *.dox (to be provided as doxygen C # comment), *.py, *.pyw, *.f90, *.f95, *.f03, *.f08, *.f18, *.f, *.for, *.vhd, # *.vhdl, *.ucf, *.qsf and *.ice. FILE_PATTERNS = *.c \ *.cc \ *.cxx \ *.cpp \ *.c++ \ *.java \ *.ii \ *.ixx \ *.ipp \ *.i++ \ *.inl \ *.idl \ *.ddl \ *.odl \ *.h \ *.hh \ *.hxx \ *.hpp \ *.h++ \ *.l \ *.cs \ *.d \ *.php \ *.php4 \ *.php5 \ *.phtml \ *.inc \ *.m \ *.markdown \ *.md \ *.mm \ *.dox \ *.py \ *.pyw \ *.f90 \ *.f95 \ *.f03 \ *.f08 \ *.f18 \ *.f \ *.for \ *.vhd \ *.vhdl \ *.ucf \ *.qsf \ *.ice # The RECURSIVE tag can be used to specify whether or not subdirectories should # be searched for input files as well. # The default value is: NO. RECURSIVE = YES # The EXCLUDE tag can be used to specify files and/or directories that should be # excluded from the INPUT source files. This way you can easily exclude a # subdirectory from a directory tree whose root is specified with the INPUT tag. # # Note that relative paths are relative to the directory from which doxygen is # run. EXCLUDE = build \ ci # The EXCLUDE_SYMLINKS tag can be used to select whether or not files or # directories that are symbolic links (a Unix file system feature) are excluded # from the input. # The default value is: NO. EXCLUDE_SYMLINKS = NO # If the value of the INPUT tag contains directories, you can use the # EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude # certain files from those directories. # # Note that the wildcards are matched against the file with absolute path, so to # exclude all test directories for example use the pattern */test/* EXCLUDE_PATTERNS = # The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names # (namespaces, classes, functions, etc.) that should be excluded from the # output. The symbol name can be a fully qualified name, a word, or if the # wildcard * is used, a substring. Examples: ANamespace, AClass, # ANamespace::AClass, ANamespace::*Test # # Note that the wildcards are matched against the file with absolute path, so to # exclude all test directories use the pattern */test/* EXCLUDE_SYMBOLS = # The EXAMPLE_PATH tag can be used to specify one or more files or directories # that contain example code fragments that are included (see the \include # command). EXAMPLE_PATH = # If the value of the EXAMPLE_PATH tag contains directories, you can use the # EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp and # *.h) to filter out the source-files in the directories. If left blank all # files are included. EXAMPLE_PATTERNS = * # If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be # searched for input files to be used with the \include or \dontinclude commands # irrespective of the value of the RECURSIVE tag. # The default value is: NO. EXAMPLE_RECURSIVE = NO # The IMAGE_PATH tag can be used to specify one or more files or directories # that contain images that are to be included in the documentation (see the # \image command). IMAGE_PATH = # The INPUT_FILTER tag can be used to specify a program that doxygen should # invoke to filter for each input file. Doxygen will invoke the filter program # by executing (via popen()) the command: # # # # where is the value of the INPUT_FILTER tag, and is the # name of an input file. Doxygen will then use the output that the filter # program writes to standard output. If FILTER_PATTERNS is specified, this tag # will be ignored. # # Note that the filter must not add or remove lines; it is applied before the # code is scanned, but not when the output code is generated. If lines are added # or removed, the anchors will not be placed correctly. # # Note that for custom extensions or not directly supported extensions you also # need to set EXTENSION_MAPPING for the extension otherwise the files are not # properly processed by doxygen. INPUT_FILTER = # The FILTER_PATTERNS tag can be used to specify filters on a per file pattern # basis. Doxygen will compare the file name with each pattern and apply the # filter if there is a match. The filters are a list of the form: pattern=filter # (like *.cpp=my_cpp_filter). See INPUT_FILTER for further information on how # filters are used. If the FILTER_PATTERNS tag is empty or if none of the # patterns match the file name, INPUT_FILTER is applied. # # Note that for custom extensions or not directly supported extensions you also # need to set EXTENSION_MAPPING for the extension otherwise the files are not # properly processed by doxygen. FILTER_PATTERNS = # If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using # INPUT_FILTER) will also be used to filter the input files that are used for # producing the source files to browse (i.e. when SOURCE_BROWSER is set to YES). # The default value is: NO. FILTER_SOURCE_FILES = NO # The FILTER_SOURCE_PATTERNS tag can be used to specify source filters per file # pattern. A pattern will override the setting for FILTER_PATTERN (if any) and # it is also possible to disable source filtering for a specific pattern using # *.ext= (so without naming a filter). # This tag requires that the tag FILTER_SOURCE_FILES is set to YES. FILTER_SOURCE_PATTERNS = # If the USE_MDFILE_AS_MAINPAGE tag refers to the name of a markdown file that # is part of the input, its contents will be placed on the main page # (index.html). This can be useful if you have a project on for instance GitHub # and want to reuse the introduction page also for the doxygen output. USE_MDFILE_AS_MAINPAGE = #--------------------------------------------------------------------------- # Configuration options related to source browsing #--------------------------------------------------------------------------- # If the SOURCE_BROWSER tag is set to YES then a list of source files will be # generated. Documented entities will be cross-referenced with these sources. # # Note: To get rid of all source code in the generated output, make sure that # also VERBATIM_HEADERS is set to NO. # The default value is: NO. SOURCE_BROWSER = YES # Setting the INLINE_SOURCES tag to YES will include the body of functions, # classes and enums directly into the documentation. # The default value is: NO. INLINE_SOURCES = YES # Setting the STRIP_CODE_COMMENTS tag to YES will instruct doxygen to hide any # special comment blocks from generated source code fragments. Normal C, C++ and # Fortran comments will always remain visible. # The default value is: YES. STRIP_CODE_COMMENTS = NO # If the REFERENCED_BY_RELATION tag is set to YES then for each documented # entity all documented functions referencing it will be listed. # The default value is: NO. REFERENCED_BY_RELATION = NO # If the REFERENCES_RELATION tag is set to YES then for each documented function # all documented entities called/used by that function will be listed. # The default value is: NO. REFERENCES_RELATION = NO # If the REFERENCES_LINK_SOURCE tag is set to YES and SOURCE_BROWSER tag is set # to YES then the hyperlinks from functions in REFERENCES_RELATION and # REFERENCED_BY_RELATION lists will link to the source code. Otherwise they will # link to the documentation. # The default value is: YES. REFERENCES_LINK_SOURCE = YES # If SOURCE_TOOLTIPS is enabled (the default) then hovering a hyperlink in the # source code will show a tooltip with additional information such as prototype, # brief description and links to the definition and documentation. Since this # will make the HTML file larger and loading of large files a bit slower, you # can opt to disable this feature. # The default value is: YES. # This tag requires that the tag SOURCE_BROWSER is set to YES. SOURCE_TOOLTIPS = YES # If the USE_HTAGS tag is set to YES then the references to source code will # point to the HTML generated by the htags(1) tool instead of doxygen built-in # source browser. The htags tool is part of GNU's global source tagging system # (see https://www.gnu.org/software/global/global.html). You will need version # 4.8.6 or higher. # # To use it do the following: # - Install the latest version of global # - Enable SOURCE_BROWSER and USE_HTAGS in the configuration file # - Make sure the INPUT points to the root of the source tree # - Run doxygen as normal # # Doxygen will invoke htags (and that will in turn invoke gtags), so these # tools must be available from the command line (i.e. in the search path). # # The result: instead of the source browser generated by doxygen, the links to # source code will now point to the output of htags. # The default value is: NO. # This tag requires that the tag SOURCE_BROWSER is set to YES. USE_HTAGS = NO # If the VERBATIM_HEADERS tag is set the YES then doxygen will generate a # verbatim copy of the header file for each class for which an include is # specified. Set to NO to disable this. # See also: Section \class. # The default value is: YES. VERBATIM_HEADERS = YES #--------------------------------------------------------------------------- # Configuration options related to the alphabetical class index #--------------------------------------------------------------------------- # If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index of all # compounds will be generated. Enable this if the project contains a lot of # classes, structs, unions or interfaces. # The default value is: YES. ALPHABETICAL_INDEX = YES # In case all classes in a project start with a common prefix, all classes will # be put under the same header in the alphabetical index. The IGNORE_PREFIX tag # can be used to specify a prefix (or a list of prefixes) that should be ignored # while generating the index headers. # This tag requires that the tag ALPHABETICAL_INDEX is set to YES. IGNORE_PREFIX = #--------------------------------------------------------------------------- # Configuration options related to the HTML output #--------------------------------------------------------------------------- # If the GENERATE_HTML tag is set to YES, doxygen will generate HTML output # The default value is: YES. GENERATE_HTML = YES # The HTML_OUTPUT tag is used to specify where the HTML docs will be put. If a # relative path is entered the value of OUTPUT_DIRECTORY will be put in front of # it. # The default directory is: html. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_OUTPUT = html # The HTML_FILE_EXTENSION tag can be used to specify the file extension for each # generated HTML page (for example: .htm, .php, .asp). # The default value is: .html. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_FILE_EXTENSION = .html # The HTML_HEADER tag can be used to specify a user-defined HTML header file for # each generated HTML page. If the tag is left blank doxygen will generate a # standard header. # # To get valid HTML the header file that includes any scripts and style sheets # that doxygen needs, which is dependent on the configuration options used (e.g. # the setting GENERATE_TREEVIEW). It is highly recommended to start with a # default header using # doxygen -w html new_header.html new_footer.html new_stylesheet.css # YourConfigFile # and then modify the file new_header.html. See also section "Doxygen usage" # for information on how to generate the default header that doxygen normally # uses. # Note: The header is subject to change so you typically have to regenerate the # default header when upgrading to a newer version of doxygen. For a description # of the possible markers and block names see the documentation. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_HEADER = # The HTML_FOOTER tag can be used to specify a user-defined HTML footer for each # generated HTML page. If the tag is left blank doxygen will generate a standard # footer. See HTML_HEADER for more information on how to generate a default # footer and what special commands can be used inside the footer. See also # section "Doxygen usage" for information on how to generate the default footer # that doxygen normally uses. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_FOOTER = # The HTML_STYLESHEET tag can be used to specify a user-defined cascading style # sheet that is used by each HTML page. It can be used to fine-tune the look of # the HTML output. If left blank doxygen will generate a default style sheet. # See also section "Doxygen usage" for information on how to generate the style # sheet that doxygen normally uses. # Note: It is recommended to use HTML_EXTRA_STYLESHEET instead of this tag, as # it is more robust and this tag (HTML_STYLESHEET) will in the future become # obsolete. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_STYLESHEET = # The HTML_EXTRA_STYLESHEET tag can be used to specify additional user-defined # cascading style sheets that are included after the standard style sheets # created by doxygen. Using this option one can overrule certain style aspects. # This is preferred over using HTML_STYLESHEET since it does not replace the # standard style sheet and is therefore more robust against future updates. # Doxygen will copy the style sheet files to the output directory. # Note: The order of the extra style sheet files is of importance (e.g. the last # style sheet in the list overrules the setting of the previous ones in the # list). For an example see the documentation. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_EXTRA_STYLESHEET = # The HTML_EXTRA_FILES tag can be used to specify one or more extra images or # other source files which should be copied to the HTML output directory. Note # that these files will be copied to the base HTML output directory. Use the # $relpath^ marker in the HTML_HEADER and/or HTML_FOOTER files to load these # files. In the HTML_STYLESHEET file, use the file name only. Also note that the # files will be copied as-is; there are no commands or markers available. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_EXTRA_FILES = # The HTML_COLORSTYLE_HUE tag controls the color of the HTML output. Doxygen # will adjust the colors in the style sheet and background images according to # this color. Hue is specified as an angle on a color-wheel, see # https://en.wikipedia.org/wiki/Hue for more information. For instance the value # 0 represents red, 60 is yellow, 120 is green, 180 is cyan, 240 is blue, 300 # purple, and 360 is red again. # Minimum value: 0, maximum value: 359, default value: 220. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_COLORSTYLE_HUE = 220 # The HTML_COLORSTYLE_SAT tag controls the purity (or saturation) of the colors # in the HTML output. For a value of 0 the output will use gray-scales only. A # value of 255 will produce the most vivid colors. # Minimum value: 0, maximum value: 255, default value: 100. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_COLORSTYLE_SAT = 100 # The HTML_COLORSTYLE_GAMMA tag controls the gamma correction applied to the # luminance component of the colors in the HTML output. Values below 100 # gradually make the output lighter, whereas values above 100 make the output # darker. The value divided by 100 is the actual gamma applied, so 80 represents # a gamma of 0.8, The value 220 represents a gamma of 2.2, and 100 does not # change the gamma. # Minimum value: 40, maximum value: 240, default value: 80. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_COLORSTYLE_GAMMA = 80 # If the HTML_TIMESTAMP tag is set to YES then the footer of each generated HTML # page will contain the date and time when the page was generated. Setting this # to YES can help to show when doxygen was last run and thus if the # documentation is up to date. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_TIMESTAMP = NO # If the HTML_DYNAMIC_MENUS tag is set to YES then the generated HTML # documentation will contain a main index with vertical navigation menus that # are dynamically created via JavaScript. If disabled, the navigation index will # consists of multiple levels of tabs that are statically embedded in every HTML # page. Disable this option to support browsers that do not have JavaScript, # like the Qt help browser. # The default value is: YES. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_DYNAMIC_MENUS = YES # If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML # documentation will contain sections that can be hidden and shown after the # page has loaded. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_DYNAMIC_SECTIONS = NO # With HTML_INDEX_NUM_ENTRIES one can control the preferred number of entries # shown in the various tree structured indices initially; the user can expand # and collapse entries dynamically later on. Doxygen will expand the tree to # such a level that at most the specified number of entries are visible (unless # a fully collapsed tree already exceeds this amount). So setting the number of # entries 1 will produce a full collapsed tree by default. 0 is a special value # representing an infinite number of entries and will result in a full expanded # tree by default. # Minimum value: 0, maximum value: 9999, default value: 100. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_INDEX_NUM_ENTRIES = 100 # If the GENERATE_DOCSET tag is set to YES, additional index files will be # generated that can be used as input for Apple's Xcode 3 integrated development # environment (see: # https://developer.apple.com/xcode/), introduced with OSX 10.5 (Leopard). To # create a documentation set, doxygen will generate a Makefile in the HTML # output directory. Running make will produce the docset in that directory and # running make install will install the docset in # ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find it at # startup. See https://developer.apple.com/library/archive/featuredarticles/Doxy # genXcode/_index.html for more information. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_DOCSET = NO # This tag determines the name of the docset feed. A documentation feed provides # an umbrella under which multiple documentation sets from a single provider # (such as a company or product suite) can be grouped. # The default value is: Doxygen generated docs. # This tag requires that the tag GENERATE_DOCSET is set to YES. DOCSET_FEEDNAME = "Doxygen generated docs" # This tag determines the URL of the docset feed. A documentation feed provides # an umbrella under which multiple documentation sets from a single provider # (such as a company or product suite) can be grouped. # This tag requires that the tag GENERATE_DOCSET is set to YES. DOCSET_FEEDURL = # This tag specifies a string that should uniquely identify the documentation # set bundle. This should be a reverse domain-name style string, e.g. # com.mycompany.MyDocSet. Doxygen will append .docset to the name. # The default value is: org.doxygen.Project. # This tag requires that the tag GENERATE_DOCSET is set to YES. DOCSET_BUNDLE_ID = org.doxygen.Project # The DOCSET_PUBLISHER_ID tag specifies a string that should uniquely identify # the documentation publisher. This should be a reverse domain-name style # string, e.g. com.mycompany.MyDocSet.documentation. # The default value is: org.doxygen.Publisher. # This tag requires that the tag GENERATE_DOCSET is set to YES. DOCSET_PUBLISHER_ID = org.doxygen.Publisher # The DOCSET_PUBLISHER_NAME tag identifies the documentation publisher. # The default value is: Publisher. # This tag requires that the tag GENERATE_DOCSET is set to YES. DOCSET_PUBLISHER_NAME = Publisher # If the GENERATE_HTMLHELP tag is set to YES then doxygen generates three # additional HTML index files: index.hhp, index.hhc, and index.hhk. The # index.hhp is a project file that can be read by Microsoft's HTML Help Workshop # on Windows. In the beginning of 2021 Microsoft took the original page, with # a.o. the download links, offline the HTML help workshop was already many years # in maintenance mode). You can download the HTML help workshop from the web # archives at Installation executable (see: # http://web.archive.org/web/20160201063255/http://download.microsoft.com/downlo # ad/0/A/9/0A939EF6-E31C-430F-A3DF-DFAE7960D564/htmlhelp.exe). # # The HTML Help Workshop contains a compiler that can convert all HTML output # generated by doxygen into a single compiled HTML file (.chm). Compiled HTML # files are now used as the Windows 98 help format, and will replace the old # Windows help format (.hlp) on all Windows platforms in the future. Compressed # HTML files also contain an index, a table of contents, and you can search for # words in the documentation. The HTML workshop also contains a viewer for # compressed HTML files. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_HTMLHELP = NO # The CHM_FILE tag can be used to specify the file name of the resulting .chm # file. You can add a path in front of the file if the result should not be # written to the html output directory. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. CHM_FILE = # The HHC_LOCATION tag can be used to specify the location (absolute path # including file name) of the HTML help compiler (hhc.exe). If non-empty, # doxygen will try to run the HTML help compiler on the generated index.hhp. # The file has to be specified with full path. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. HHC_LOCATION = # The GENERATE_CHI flag controls if a separate .chi index file is generated # (YES) or that it should be included in the main .chm file (NO). # The default value is: NO. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. GENERATE_CHI = NO # The CHM_INDEX_ENCODING is used to encode HtmlHelp index (hhk), content (hhc) # and project file content. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. CHM_INDEX_ENCODING = # The BINARY_TOC flag controls whether a binary table of contents is generated # (YES) or a normal table of contents (NO) in the .chm file. Furthermore it # enables the Previous and Next buttons. # The default value is: NO. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. BINARY_TOC = NO # The TOC_EXPAND flag can be set to YES to add extra items for group members to # the table of contents of the HTML help documentation and to the tree view. # The default value is: NO. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. TOC_EXPAND = NO # If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and # QHP_VIRTUAL_FOLDER are set, an additional index file will be generated that # can be used as input for Qt's qhelpgenerator to generate a Qt Compressed Help # (.qch) of the generated HTML documentation. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_QHP = NO # If the QHG_LOCATION tag is specified, the QCH_FILE tag can be used to specify # the file name of the resulting .qch file. The path specified is relative to # the HTML output folder. # This tag requires that the tag GENERATE_QHP is set to YES. QCH_FILE = # The QHP_NAMESPACE tag specifies the namespace to use when generating Qt Help # Project output. For more information please see Qt Help Project / Namespace # (see: # https://doc.qt.io/archives/qt-4.8/qthelpproject.html#namespace). # The default value is: org.doxygen.Project. # This tag requires that the tag GENERATE_QHP is set to YES. QHP_NAMESPACE = org.doxygen.Project # The QHP_VIRTUAL_FOLDER tag specifies the namespace to use when generating Qt # Help Project output. For more information please see Qt Help Project / Virtual # Folders (see: # https://doc.qt.io/archives/qt-4.8/qthelpproject.html#virtual-folders). # The default value is: doc. # This tag requires that the tag GENERATE_QHP is set to YES. QHP_VIRTUAL_FOLDER = doc # If the QHP_CUST_FILTER_NAME tag is set, it specifies the name of a custom # filter to add. For more information please see Qt Help Project / Custom # Filters (see: # https://doc.qt.io/archives/qt-4.8/qthelpproject.html#custom-filters). # This tag requires that the tag GENERATE_QHP is set to YES. QHP_CUST_FILTER_NAME = # The QHP_CUST_FILTER_ATTRS tag specifies the list of the attributes of the # custom filter to add. For more information please see Qt Help Project / Custom # Filters (see: # https://doc.qt.io/archives/qt-4.8/qthelpproject.html#custom-filters). # This tag requires that the tag GENERATE_QHP is set to YES. QHP_CUST_FILTER_ATTRS = # The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this # project's filter section matches. Qt Help Project / Filter Attributes (see: # https://doc.qt.io/archives/qt-4.8/qthelpproject.html#filter-attributes). # This tag requires that the tag GENERATE_QHP is set to YES. QHP_SECT_FILTER_ATTRS = # The QHG_LOCATION tag can be used to specify the location (absolute path # including file name) of Qt's qhelpgenerator. If non-empty doxygen will try to # run qhelpgenerator on the generated .qhp file. # This tag requires that the tag GENERATE_QHP is set to YES. QHG_LOCATION = # If the GENERATE_ECLIPSEHELP tag is set to YES, additional index files will be # generated, together with the HTML files, they form an Eclipse help plugin. To # install this plugin and make it available under the help contents menu in # Eclipse, the contents of the directory containing the HTML and XML files needs # to be copied into the plugins directory of eclipse. The name of the directory # within the plugins directory should be the same as the ECLIPSE_DOC_ID value. # After copying Eclipse needs to be restarted before the help appears. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_ECLIPSEHELP = NO # A unique identifier for the Eclipse help plugin. When installing the plugin # the directory name containing the HTML and XML files should also have this # name. Each documentation set should have its own identifier. # The default value is: org.doxygen.Project. # This tag requires that the tag GENERATE_ECLIPSEHELP is set to YES. ECLIPSE_DOC_ID = org.doxygen.Project # If you want full control over the layout of the generated HTML pages it might # be necessary to disable the index and replace it with your own. The # DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs) at top # of each HTML page. A value of NO enables the index and the value YES disables # it. Since the tabs in the index contain the same information as the navigation # tree, you can set this option to YES if you also set GENERATE_TREEVIEW to YES. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. DISABLE_INDEX = NO # The GENERATE_TREEVIEW tag is used to specify whether a tree-like index # structure should be generated to display hierarchical information. If the tag # value is set to YES, a side panel will be generated containing a tree-like # index structure (just like the one that is generated for HTML Help). For this # to work a browser that supports JavaScript, DHTML, CSS and frames is required # (i.e. any modern browser). Windows users are probably better off using the # HTML help feature. Via custom style sheets (see HTML_EXTRA_STYLESHEET) one can # further fine tune the look of the index (see "Fine-tuning the output"). As an # example, the default style sheet generated by doxygen has an example that # shows how to put an image at the root of the tree instead of the PROJECT_NAME. # Since the tree basically has the same information as the tab index, you could # consider setting DISABLE_INDEX to YES when enabling this option. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_TREEVIEW = NO # When both GENERATE_TREEVIEW and DISABLE_INDEX are set to YES, then the # FULL_SIDEBAR option determines if the side bar is limited to only the treeview # area (value NO) or if it should extend to the full height of the window (value # YES). Setting this to YES gives a layout similar to # https://docs.readthedocs.io with more room for contents, but less room for the # project logo, title, and description. If either GENERATE_TREEVIEW or # DISABLE_INDEX is set to NO, this option has no effect. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. FULL_SIDEBAR = NO # The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values that # doxygen will group on one line in the generated HTML documentation. # # Note that a value of 0 will completely suppress the enum values from appearing # in the overview section. # Minimum value: 0, maximum value: 20, default value: 4. # This tag requires that the tag GENERATE_HTML is set to YES. ENUM_VALUES_PER_LINE = 4 # If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be used # to set the initial width (in pixels) of the frame in which the tree is shown. # Minimum value: 0, maximum value: 1500, default value: 250. # This tag requires that the tag GENERATE_HTML is set to YES. TREEVIEW_WIDTH = 250 # If the EXT_LINKS_IN_WINDOW option is set to YES, doxygen will open links to # external symbols imported via tag files in a separate window. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. EXT_LINKS_IN_WINDOW = NO # If the OBFUSCATE_EMAILS tag is set to YES, doxygen will obfuscate email # addresses. # The default value is: YES. # This tag requires that the tag GENERATE_HTML is set to YES. OBFUSCATE_EMAILS = YES # If the HTML_FORMULA_FORMAT option is set to svg, doxygen will use the pdf2svg # tool (see https://github.com/dawbarton/pdf2svg) or inkscape (see # https://inkscape.org) to generate formulas as SVG images instead of PNGs for # the HTML output. These images will generally look nicer at scaled resolutions. # Possible values are: png (the default) and svg (looks nicer but requires the # pdf2svg or inkscape tool). # The default value is: png. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_FORMULA_FORMAT = png # Use this tag to change the font size of LaTeX formulas included as images in # the HTML documentation. When you change the font size after a successful # doxygen run you need to manually remove any form_*.png images from the HTML # output directory to force them to be regenerated. # Minimum value: 8, maximum value: 50, default value: 10. # This tag requires that the tag GENERATE_HTML is set to YES. FORMULA_FONTSIZE = 10 # Use the FORMULA_TRANSPARENT tag to determine whether or not the images # generated for formulas are transparent PNGs. Transparent PNGs are not # supported properly for IE 6.0, but are supported on all modern browsers. # # Note that when changing this option you need to delete any form_*.png files in # the HTML output directory before the changes have effect. # The default value is: YES. # This tag requires that the tag GENERATE_HTML is set to YES. FORMULA_TRANSPARENT = YES # The FORMULA_MACROFILE can contain LaTeX \newcommand and \renewcommand commands # to create new LaTeX commands to be used in formulas as building blocks. See # the section "Including formulas" for details. FORMULA_MACROFILE = # Enable the USE_MATHJAX option to render LaTeX formulas using MathJax (see # https://www.mathjax.org) which uses client side JavaScript for the rendering # instead of using pre-rendered bitmaps. Use this if you do not have LaTeX # installed or if you want to formulas look prettier in the HTML output. When # enabled you may also need to install MathJax separately and configure the path # to it using the MATHJAX_RELPATH option. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. USE_MATHJAX = NO # With MATHJAX_VERSION it is possible to specify the MathJax version to be used. # Note that the different versions of MathJax have different requirements with # regards to the different settings, so it is possible that also other MathJax # settings have to be changed when switching between the different MathJax # versions. # Possible values are: MathJax_2 and MathJax_3. # The default value is: MathJax_2. # This tag requires that the tag USE_MATHJAX is set to YES. MATHJAX_VERSION = MathJax_2 # When MathJax is enabled you can set the default output format to be used for # the MathJax output. For more details about the output format see MathJax # version 2 (see: # http://docs.mathjax.org/en/v2.7-latest/output.html) and MathJax version 3 # (see: # http://docs.mathjax.org/en/latest/web/components/output.html). # Possible values are: HTML-CSS (which is slower, but has the best # compatibility. This is the name for Mathjax version 2, for MathJax version 3 # this will be translated into chtml), NativeMML (i.e. MathML. Only supported # for NathJax 2. For MathJax version 3 chtml will be used instead.), chtml (This # is the name for Mathjax version 3, for MathJax version 2 this will be # translated into HTML-CSS) and SVG. # The default value is: HTML-CSS. # This tag requires that the tag USE_MATHJAX is set to YES. MATHJAX_FORMAT = HTML-CSS # When MathJax is enabled you need to specify the location relative to the HTML # output directory using the MATHJAX_RELPATH option. The destination directory # should contain the MathJax.js script. For instance, if the mathjax directory # is located at the same level as the HTML output directory, then # MATHJAX_RELPATH should be ../mathjax. The default value points to the MathJax # Content Delivery Network so you can quickly see the result without installing # MathJax. However, it is strongly recommended to install a local copy of # MathJax from https://www.mathjax.org before deployment. The default value is: # - in case of MathJax version 2: https://cdn.jsdelivr.net/npm/mathjax@2 # - in case of MathJax version 3: https://cdn.jsdelivr.net/npm/mathjax@3 # This tag requires that the tag USE_MATHJAX is set to YES. MATHJAX_RELPATH = # The MATHJAX_EXTENSIONS tag can be used to specify one or more MathJax # extension names that should be enabled during MathJax rendering. For example # for MathJax version 2 (see # https://docs.mathjax.org/en/v2.7-latest/tex.html#tex-and-latex-extensions): # MATHJAX_EXTENSIONS = TeX/AMSmath TeX/AMSsymbols # For example for MathJax version 3 (see # http://docs.mathjax.org/en/latest/input/tex/extensions/index.html): # MATHJAX_EXTENSIONS = ams # This tag requires that the tag USE_MATHJAX is set to YES. MATHJAX_EXTENSIONS = # The MATHJAX_CODEFILE tag can be used to specify a file with javascript pieces # of code that will be used on startup of the MathJax code. See the MathJax site # (see: # http://docs.mathjax.org/en/v2.7-latest/output.html) for more details. For an # example see the documentation. # This tag requires that the tag USE_MATHJAX is set to YES. MATHJAX_CODEFILE = # When the SEARCHENGINE tag is enabled doxygen will generate a search box for # the HTML output. The underlying search engine uses javascript and DHTML and # should work on any modern browser. Note that when using HTML help # (GENERATE_HTMLHELP), Qt help (GENERATE_QHP), or docsets (GENERATE_DOCSET) # there is already a search function so this one should typically be disabled. # For large projects the javascript based search engine can be slow, then # enabling SERVER_BASED_SEARCH may provide a better solution. It is possible to # search using the keyboard; to jump to the search box use + S # (what the is depends on the OS and browser, but it is typically # , /