Skip to content

SCP11: Remove dependency on OpenSSL during the SCP11b handshake #986

SCP11: Remove dependency on OpenSSL during the SCP11b handshake

SCP11: Remove dependency on OpenSSL during the SCP11b handshake #986

Workflow file for this run

name: MacOS Build
# This workflow is triggered on pushes to the repository.
on: [push]
jobs:
job1:
name: MacOS
runs-on: macos-latest
steps:
# This action checks-out the repository under $GITHUB_WORKSPACE, so the workflow can access it.
- name: checkout
uses: actions/checkout@v4
- name: Install prerequisites
run: |
set -x
brew update
brew install check gengetopt help2man opensc zlib
brew reinstall openssl@3
- name: Build and install
run: |
set -x
mkdir build
cd build
cmake .. -DVERBOSE_CMAKE=ON -DOPENSSL_PKG_PATH=/usr/local/opt/[email protected]/lib/pkgconfig
make
make test
otool -L tool/yubico-piv-tool | grep libcrypto
otool -L lib/libykpiv.dylib | grep libcrypto
otool -L ykcs11/libykcs11.dylib | grep libcrypto
sudo make install
yubico-piv-tool --help | grep "Usage: yubico-piv-tool"
objdump --syms /usr/local/lib/libykcs11.dylib | grep C_Sign
pkcs11-tool --module /usr/local/lib/libykcs11.dylib --show-info | grep Yubico
- name: Build using OpenSSL static link
run: |
set -x
export PKG_CONFIG_PATH=/usr/local/opt/[email protected]/lib/pkgconfig:PKG_CONFIG_PATH
rm -rf build; mkdir build; cd build
cmake .. -DVERBOSE_CMAKE=ON -DOPENSSL_STATIC_LINK=ON -DBACKEND=macscard
make
make test
otool -L tool/yubico-piv-tool | grep libcrypto | wc -l | grep 0
otool -L lib/libykpiv.dylib | grep libcrypto | wc -l | grep 0
otool -L ykcs11/libykcs11.dylib | grep libcrypto | wc -l | grep 0
sudo make install
yubico-piv-tool --help | grep "Usage: yubico-piv-tool"
pkcs11-tool --module /usr/local/lib/libykcs11.dylib --show-info | grep Yubico
- name: Build with YKCS11_DBG is set
run: |
set -x
export PKG_CONFIG_PATH=/usr/local/opt/[email protected]/lib/pkgconfig:PKG_CONFIG_PATH
rm -rf build; mkdir build; cd build
cmake .. -DVERBOSE_CMAKE=ON -DYKCS11_DBG=3
make
make test
otool -L ykcs11/libykcs11.dylib | grep libcrypto
pkcs11-tool --module ykcs11/libykcs11.dylib --show-info | grep Yubico
- name: Build only library (no CLI and no ykcs11)
run: |
set -x
export PKG_CONFIG_PATH=/usr/local/opt/[email protected]/lib/pkgconfig:PKG_CONFIG_PATH
rm -rf build; mkdir build; cd build
cmake .. -DVERBOSE_CMAKE=ON -DBUILD_ONLY_LIB=ON
make
make test
- name: Build only dynamic libaries
run: |
set -x
export PKG_CONFIG_PATH=/usr/local/opt/[email protected]/lib/pkgconfig:PKG_CONFIG_PATH
rm -rf build; mkdir build; cd build
cmake .. -DVERBOSE_CMAKE=ON -DBUILD_STATIC_LIB=OFF
make
make test