Skip to content

Commit

Permalink
chore(test-vectors): Decrypt .NET Retry flag manifests using Rust (#721)
Browse files Browse the repository at this point in the history
  • Loading branch information
RitvikKapila authored Dec 19, 2024
1 parent bea3f29 commit 3117b0c
Show file tree
Hide file tree
Showing 3 changed files with 123 additions and 30 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/library_net_tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@ jobs:
with:
aws-region: us-west-2
role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-Public-ESDK-Dafny-Role-us-west-2
role-session-name: NetTests
role-session-name: NetTestVectors

- name: Setup .NET Core SDK 6
uses: actions/setup-dotnet@v3
Expand Down
149 changes: 121 additions & 28 deletions .github/workflows/library_rust_tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ jobs:
strategy:
fail-fast: false
matrix:
library: [AwsEncryptionSDK]
os: [
windows-latest,
ubuntu-latest,
Expand Down Expand Up @@ -53,11 +54,11 @@ jobs:
# TODO - uncomment this after Rust formatter works
# - name: Rustfmt Check
# uses: actions-rust-lang/rustfmt@v1

- name: Setup Dafny
uses: dafny-lang/[email protected]
with:
dafny-version: 4.9.0
dafny-version: ${{ inputs.dafny }}

# TODO: Remove this after the formatting in Rust starts working
- name: smithy-dafny Rust hacks
Expand Down Expand Up @@ -87,59 +88,151 @@ jobs:
uses: ./.github/actions/polymorph_codegen
with:
dafny: ${{ env.DAFNY_VERSION }}
library: AwsEncryptionSDK
library: ${{ matrix.library }}
diff-generated-code: false
update-and-regenerate-mpl: true

# TODO: Remove this after checking in Rust polymorph code
# Also uncomment rust check_polymorph_diff for Rust in .github/actions/polymorph_codegen/action.yml
- name: Run make polymorph_rust
shell: bash
working-directory: ./AwsEncryptionSDK
working-directory: ${{ matrix.library }}
run: |
make polymorph_rust
- name: Compile AwsEncryptionSDK implementation
- name: Compile ${{ matrix.library }} implementation
shell: bash
working-directory: ./AwsEncryptionSDK
working-directory: ${{ matrix.library }}
run: |
# This works because `node` is installed by default on GHA runners
CORES=$(node -e 'console.log(os.cpus().length)')
make transpile_rust CORES=$CORES
# Remove Rust hacks once Dafny fixes this
- name: Update implementation_from_dafny.rs to add deps
shell: bash
working-directory: ./AwsEncryptionSDK/runtimes/rust/src
run: |
if [ "$RUNNER_OS" == "macOS" ]; then
sed -i '' '/pub use types::aws_encryption_sdk_config::AwsEncryptionSdkConfig;/a\
pub use crate::deps::aws_cryptography_materialProviders;\
pub use crate::deps::aws_cryptography_keyStore;\
pub use crate::deps::com_amazonaws_kms;
' implementation_from_dafny.rs
else
sed -i '/pub use types::aws_encryption_sdk_config::AwsEncryptionSdkConfig;/a\
pub use crate::deps::aws_cryptography_materialProviders;\
pub use crate::deps::aws_cryptography_keyStore;\
pub use crate::deps::com_amazonaws_kms;
' implementation_from_dafny.rs
fi
- name: Test Linter for Rust examples and implementation_from_dafny.rs
working-directory: ./AwsEncryptionSDK/runtimes/rust
working-directory: ${{ matrix.library }}/runtimes/rust
shell: bash
run: |
cargo clippy
cargo clippy --example main
- name: Test Rust
working-directory: ./AwsEncryptionSDK
working-directory: ${{ matrix.library }}
shell: bash
run: |
make test_rust
- name: Test Examples for Rust
working-directory: ./AwsEncryptionSDK/runtimes/rust
working-directory: ${{ matrix.library }}/runtimes/rust
shell: bash
run: |
cargo test --release --examples
testVectors:
strategy:
fail-fast: false
matrix:
library: [TestVectors]
os: [
# Sed script doesn't work properly on windows
# windows-latest,
ubuntu-latest,
macos-13,
]
runs-on: ${{ matrix.os }}
permissions:
id-token: write
contents: read
steps:
- name: Support longpaths on Git checkout
run: |
git config --global core.longpaths true
- uses: actions/checkout@v3
- name: Init Submodules
shell: bash
run: |
git submodule update --init libraries
git submodule update --init --recursive mpl
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: us-west-2
role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-Public-ESDK-Dafny-Role-us-west-2
role-session-name: RustTestVectors

- name: Setup Rust Toolchain for GitHub CI
uses: actions-rust-lang/[email protected]
with:
components: rustfmt
# TODO - uncomment this after Rust formatter works
# - name: Rustfmt Check
# uses: actions-rust-lang/rustfmt@v1

- name: Setup Dafny
uses: dafny-lang/[email protected]
with:
dafny-version: ${{ inputs.dafny }}

# TODO: Remove this after the formatting in Rust starts working
- name: smithy-dafny Rust hacks
shell: bash
run: |
if [ "$RUNNER_OS" == "macOS" ]; then
sed -i '' 's|rustfmt --edition 2021 runtimes/rust/src/implementation_from_dafny.rs|#&|' mpl/smithy-dafny/SmithyDafnyMakefile.mk
else
sed -i 's|rustfmt --edition 2021 runtimes/rust/src/implementation_from_dafny.rs|#&|' mpl/smithy-dafny/SmithyDafnyMakefile.mk
fi
- name: Setup Java 17 for codegen
uses: actions/setup-java@v3
with:
distribution: "corretto"
java-version: "17"

- name: Setup NASM for Windows (aws-lc-sys)
if: matrix.os == 'windows-latest'
uses: ilammy/setup-nasm@v1

- name: Install Smithy-Dafny codegen dependencies
uses: ./.github/actions/install_smithy_dafny_codegen_dependencies

- name: Regenerate code using smithy-dafny if necessary
if: ${{ inputs.regenerate-code }}
uses: ./.github/actions/polymorph_codegen
with:
dafny: ${{ env.DAFNY_VERSION }}
library: ${{ matrix.library }}
diff-generated-code: false
update-and-regenerate-mpl: true

# TODO: Remove this after checking in Rust polymorph code
# Also uncomment rust check_polymorph_diff for Rust in .github/actions/polymorph_codegen/action.yml
- name: Run make polymorph_rust
shell: bash
working-directory: ${{ matrix.library }}
run: |
make polymorph_rust
- name: Compile ${{ matrix.library }} implementation
shell: bash
working-directory: ${{ matrix.library }}
run: |
# This works because `node` is installed by default on GHA runners
CORES=$(node -e 'console.log(os.cpus().length)')
make transpile_rust CORES=$CORES
- name: Unzip .NET Retry Flag Manifests
shell: bash
working-directory: TestVectors/dafny/TestVectors/test/
run: |
unzip invalid-Net-4.0.0.zip -d invalid-Net-4.0.0
unzip v4-Net-4.0.1.zip -d v4-Net-4.0.1
unzip valid-Net-4.0.0.zip -d valid-Net-4.0.0
- name: Test Rust
working-directory: ${{ matrix.library }}
shell: bash
run: |
# Without this, running test vectors fails due to `fatal runtime error: stack overflow`
export RUST_MIN_STACK=104857600
make test_rust
2 changes: 1 addition & 1 deletion TestVectors/dafny/TestVectors/test/RunMain.dfy
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ module {:extern} TestWrappedESDKMain {
)
);
print "ONLY WORRY IF THE ABOVE TESTS PASSED!!! THESE TESTS ARE SUPPOSED TO FAIL!\n";
print "IF THE TESTS FAIL OTHER THAN A AES GCM TAG VALIDATION EXCEPTION, CUT AN ISSUE.\n";
print "IF THE TESTS FAIL OTHER THAN A `AES GCM TAG VALIDATION EXCEPTION` or `AES Decrypt : gather Unspecified`, CUT AN ISSUE.\n";
print "IF THE TESTS ALL FAIL IT MEANS THE TEST PASSED!";
expect result.Failure?;
}
Expand Down

0 comments on commit 3117b0c

Please sign in to comment.