diff options
author | wolfbeast <mcwerewolf@gmail.com> | 2018-02-23 11:04:39 +0100 |
---|---|---|
committer | wolfbeast <mcwerewolf@gmail.com> | 2018-02-23 11:04:39 +0100 |
commit | f1a0f0a56fdd0fc39f255174ce08c06b91c66c94 (patch) | |
tree | 99ccc8e212257e1da1902036ae261e8e55d55c1c /security/nss/automation/taskcluster/scripts/run_hacl.sh | |
parent | 8781f745556be5d7402d0f3adc67ecfe32fe04a0 (diff) | |
download | UXP-f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.tar UXP-f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.tar.gz UXP-f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.tar.lz UXP-f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.tar.xz UXP-f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.zip |
Update NSS to 3.35-RTM
Diffstat (limited to 'security/nss/automation/taskcluster/scripts/run_hacl.sh')
-rw-r--r-- | security/nss/automation/taskcluster/scripts/run_hacl.sh | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/security/nss/automation/taskcluster/scripts/run_hacl.sh b/security/nss/automation/taskcluster/scripts/run_hacl.sh new file mode 100644 index 000000000..281075eef --- /dev/null +++ b/security/nss/automation/taskcluster/scripts/run_hacl.sh @@ -0,0 +1,40 @@ +#!/usr/bin/env bash + +if [[ $(id -u) -eq 0 ]]; then + # Drop privileges by re-running this script. + # Note: this mangles arguments, better to avoid running scripts as root. + exec su worker -c "$0 $*" +fi + +set -e -x -v + +# The docker image this is running in has the HACL* and NSS sources. +# The extracted C code from HACL* is already generated and the HACL* tests were +# successfully executed. + +# Verify Poly1305 (doesn't work in docker image build) +make verify -C ~/hacl-star/code/poly1305 -j$(nproc) + +# Add license header to specs +spec_files=($(find ~/hacl-star/specs -type f -name '*.fst')) +for f in "${spec_files[@]}"; do + cat /tmp/license.txt "$f" > /tmp/tmpfile && mv /tmp/tmpfile "$f" +done + +# Format the extracted C code. +cd ~/hacl-star/snapshots/nss +cp ~/nss/.clang-format . +find . -type f -name '*.[ch]' -exec clang-format -i {} \+ + +# These diff commands will return 1 if there are differences and stop the script. +files=($(find ~/nss/lib/freebl/verified/ -type f -name '*.[ch]')) +for f in "${files[@]}"; do + diff $f $(basename "$f") +done + +# Check that the specs didn't change either. +cd ~/hacl-star/specs +files=($(find ~/nss/lib/freebl/verified/specs -type f)) +for f in "${files[@]}"; do + diff $f $(basename "$f") +done |