From 26a029d407be480d791972afb5975cf62c9360a6 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Fri, 19 Apr 2024 02:47:55 +0200
Subject: Adding upstream version 124.0.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .../taskcluster/docker-acvp/bin/checkout.sh        | 25 ++++++++++++++++
 .../automation/taskcluster/docker-acvp/bin/run.sh  | 35 ++++++++++++++++++++++
 2 files changed, 60 insertions(+)
 create mode 100755 security/nss/automation/taskcluster/docker-acvp/bin/checkout.sh
 create mode 100755 security/nss/automation/taskcluster/docker-acvp/bin/run.sh

(limited to 'security/nss/automation/taskcluster/docker-acvp/bin')

diff --git a/security/nss/automation/taskcluster/docker-acvp/bin/checkout.sh b/security/nss/automation/taskcluster/docker-acvp/bin/checkout.sh
new file mode 100755
index 0000000000..2a7d32c46b
--- /dev/null
+++ b/security/nss/automation/taskcluster/docker-acvp/bin/checkout.sh
@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+
+set -v -e -x
+
+if [ $(id -u) = 0 ]; then
+    # Drop privileges by re-running this script.
+    exec su worker $0
+fi
+
+# Default values for testing.
+REVISION=${NSS_HEAD_REVISION:-default}
+REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss}
+
+# Clone NSS.
+hg clone -r $REVISION $REPOSITORY nss
+
+# Clone NSPR if needed.
+hg clone -r default https://hg.mozilla.org/projects/nspr
+
+if [[ -f nss/nspr.patch && "$ALLOW_NSPR_PATCH" == "1" ]]; then
+  pushd nspr
+  cat ../nss/nspr.patch | patch -p1
+  popd
+fi
+
diff --git a/security/nss/automation/taskcluster/docker-acvp/bin/run.sh b/security/nss/automation/taskcluster/docker-acvp/bin/run.sh
new file mode 100755
index 0000000000..f4c07818dd
--- /dev/null
+++ b/security/nss/automation/taskcluster/docker-acvp/bin/run.sh
@@ -0,0 +1,35 @@
+#!/bin/bash -eu
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+################################################################################
+export NSS_PATH=$PWD NSS_SOURCES_PATH=$PWD/nss
+export LD_LIBRARY_PATH=$PWD/dist/Debug/lib/
+export RUST_LOG=warn
+export RUSTFLAGS="-C instrument-coverage"
+cd nss
+CC=clang-15 CXX=clang++-15 ./build.sh -g -v --sourcecov --static --disable-tests
+
+TEST_DIRECTORY=$NSS_SOURCES_PATH/tests/acvp
+
+git clone --depth=1 https://gitlab.com/nisec/nss-project/acvp-rust.git
+cd acvp-rust
+cargo build
+TESTRUN="cargo run --bin test -- --profdata-command llvm-profdata-15"
+echo "Big Number (fuzzed):"
+$TESTRUN $TEST_DIRECTORY/fuzzed/bn.json bn nss
+echo "AES-GCM (acvp-server):"
+$TESTRUN $TEST_DIRECTORY/aes-gcm.json symmetric nss
+echo "ECDSA (acvp-server):"
+$TESTRUN $TEST_DIRECTORY/ecdsa.json ecdsa nss
+echo "ECDSA (fuzzed):"
+$TESTRUN $TEST_DIRECTORY/fuzzed/ecdsa.json ecdsa nss
+echo "RSA (acvp-server):"
+$TESTRUN $TEST_DIRECTORY/rsa.json rsa nss
+echo "RSA (fuzzed):"
+$TESTRUN $TEST_DIRECTORY/fuzzed/rsa.json rsa nss
+echo "SHA-256 (acvp-server):"
+$TESTRUN $TEST_DIRECTORY/sha256.json sha nss
+$TESTRUN $TEST_DIRECTORY/sha256.mct.json sha nss
-- 
cgit v1.2.3