update CMS artifacts (still no SignedData, KEM-focused only at present) #502

Workflow file for this run

.github/workflows/artifact_validation.yaml at d59009d

	name: Artifact validation

	on:
	pull_request:
	push:
	branches: [ '*' ]

	# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
	# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
	concurrency:
	group: "pages"
	cancel-in-progress: false

	jobs:
	bc_validation:
	runs-on: ubuntu-latest
	container: bcdocker2000/bc_hackathon_pqc
	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	- name: Test artifacts with BC
	run: ./src/test_certs_r5.sh bc
	- name: Save artifacts
	uses: actions/upload-artifact@v4
	with:
	name: Compatibility_bc_csv
	path: ./output/
	openssl_validation:
	runs-on: ubuntu-latest
	container: fedora:43
	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	- name: Install OpenSSL 3.5
	run: dnf -y install zip diff openssl
	- name: Test artifacts with OpenSSL 3.5
	run: ./src/test_certs_r5_openssl.sh
	- name: Save artifacts
	uses: actions/upload-artifact@v4
	with:
	name: Compatibility_openssl_csv
	path: ./output/
	openssl36_validation:
	runs-on: ubuntu-latest
	container: ubuntu:24.04
	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	- name: Install OpenSSL 3.6
	run: \|
	apt update
	apt install -y zip gnupg
	apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 6ED0E7B82643E131
	echo "deb http://deb.debian.org/debian experimental main" > /etc/apt/sources.list
	apt update
	apt install -y openssl/experimental
	- name: Test CMS artifacts with OpenSSL 3.6
	run: ./src/test_cms_v3_openssl.sh
	- name: Save artifacts
	uses: actions/upload-artifact@v4
	with:
	name: Compatibility_openssl36_csv
	path: ./output/
	ssai_validation:
	runs-on: ubuntu-latest
	container: jethrolow/quantcrypt_validator
	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	- name: Test artifacts with SSAI
	run: ./src/test_certs_r5.sh ssai
	- name: Save artifacts
	uses: actions/upload-artifact@v4
	with:
	name: Compatibility_ssai_csv
	path: ./output/
	composite_ref_impl_validation:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	- name: Install Python
	uses: actions/setup-python@v5
	with:
	python-version: '3.x'
	- name: Install python requirements of pqc-certificates
	run: python -m pip install -r src/requirements.txt
	- name: Clone composite sigs ref impl repo
	uses: actions/checkout@v4
	with:
	repository: lamps-wg/draft-composite-sigs
	path: ./draft-composite-sigs
	- name: Install python requirements of composite-sigs
	run: python -m pip install -r ./draft-composite-sigs/src/requirements.txt
	- name: Test artifacts with composite Sigs reference implementation
	run: \|
	shopt -s globstar
	for i in **/artifacts_certs_r5.zip; do ./draft-composite-sigs/src/test_artifacts_r5.py "$(basename $(dirname "$i"))" "$i" \| tee -a composite-sigs-ref-impl.log; done;
	- name: Clone composite kem ref impl repo
	uses: actions/checkout@v4
	with:
	repository: lamps-wg/draft-composite-kem
	path: ./draft-composite-kem
	- name: Install python requirements of composite-kem
	run: python -m pip install -r ./draft-composite-kem/src/requirements.txt
	- name: Test artifacts with composite KEM reference implementation
	run: \|
	shopt -s globstar
	for i in **/artifacts_certs_r5.zip; do ./draft-composite-kem/src/test_artifacts_r5.py "$(basename $(dirname "$i"))" "$i" \| tee -a composite-kem-ref-impl.log; done;

	- name: Copy logs to output
	run: \|
	mkdir -p ./output/certs
	cp composite-sigs-ref-impl.log ./output/certs/
	cp composite-kem-ref-impl.log ./output/certs/
	- name: Save artifacts
	uses: actions/upload-artifact@v4
	with:
	name: Compatibility_composite-refl-impl_csv
	path: ./output/
	build_results_html:
	runs-on: ubuntu-latest
	container: ubuntu:latest
	needs: [bc_validation, openssl_validation, openssl36_validation, ssai_validation, composite_ref_impl_validation]
	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	- name: Install packages
	run: \|
	apt-get update && \
	apt-get install -y pandoc lsb-release
	- name: Install Python
	uses: actions/setup-python@v5
	with:
	python-version: '3.x'
	- name: Install python requirements
	run: python -m pip install -r src/requirements.txt
	- name: Get BC results from previous job
	uses: actions/download-artifact@v4
	with:
	name: Compatibility_bc_csv
	path: output/
	- name: Get OpenSSL results from previous job
	uses: actions/download-artifact@v4
	with:
	name: Compatibility_openssl_csv
	path: output/
	- name: Get OpenSSL 3.6 results from previous job
	uses: actions/download-artifact@v4
	with:
	name: Compatibility_openssl36_csv
	path: output/
	- name: Get SSAI results from previous job
	uses: actions/download-artifact@v4
	with:
	name: Compatibility_composite-refl-impl_csv
	path: output/
	- name: Get composite-sigs-ref-impl results from previous job
	uses: actions/download-artifact@v4
	with:
	name: Compatibility_ssai_csv
	path: output/
	- name: Build compat matrix (certs_r5)
	run: ./src/rebuild_results_certs_r5.sh
	- name: Build compat matrix (cms_v3)
	run: ./src/rebuild_results_cms_v3.sh
	- name: Copy output files (automated certs_r5)
	run: cp ./docs/pqc_hackathon_results_certs_r5_automated_tests.html ./output/certs/bc_certs.log ./output/certs/openssl_certs.log ./output/certs/ssai_certs.log ./output/certs/composite-sigs-ref-impl.log ./output/certs/composite-kem-ref-impl.log ./output/cms/openssl_cms.log ./docs/gh-pages
	- name: Copy output files (automated cms_v3)
	run: cp ./docs/pqc_hackathon_results_cms_v3_automated_tests.html ./output/cms/openssl_cms.log ./docs/gh-pages
	- name: Copy output files (manual r5/v1)
	run: cp ./docs/pqc_hackathon_results_certs_r5.html ./docs/pqc_hackathon_results_cms_v1.html ./docs/gh-pages
	- name: Copy output files (manual r5/v3)
	run: cp ./docs/pqc_hackathon_results_certs_r5.html ./docs/pqc_hackathon_results_cms_v3.html ./docs/gh-pages
	- name: Archive Compatibility Matrix For Download
	uses: actions/upload-pages-artifact@v3
	with:
	path: ./docs/gh-pages
	publish_to_gh_pages:
	needs: build_results_html
	if: github.ref == 'refs/heads/master'
	permissions:
	contents: read
	pages: write
	id-token: write
	environment:
	name: github-pages
	url: ${{ steps.deployment.outputs.page_url }}
	runs-on: ubuntu-latest
	steps:
	- name: Update git pages with new compatibiliy matrix
	id: deployment
	uses: actions/deploy-pages@v4

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

update CMS artifacts (still no SignedData, KEM-focused only at present) #502

Workflow file

update CMS artifacts (still no SignedData, KEM-focused only at present) #502

Uh oh!

Jobs

Run details

Workflow file for this run