microsoft
/
SymCrypt
зеркало из https://github.com/microsoft/SymCrypt.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Merged PR 3268891: Update build system to work with multi-branch Git 

The build system was designed for a single-branch Source Depot world. Changes include:
- Change release numbering to <API version>.<minor version>; start at <API version> = 100 to avoid aliasing.
- build system no longer updates repo.
- Separate build command for increasing version #.
- Include detailed build info in library for source tracking
- Include build info in CAB filename.
Fixed a few minor issues as well.
- Fix spelling mistakes from a GitHub pull request
- Add verification that header & lib are the same version

Related work items: #20681107
This commit is contained in:
Niels Ferguson 2019-05-16 22:40:16 +00:00
Родитель 89939de9c4
Коммит 76752f4acf
31 изменённых файлов: 268 добавлений и 147 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

3
.github/ISSUE_TEMPLATE.md поставляемый Normal file
Просмотреть файл

@ -0,0 +1,3 @@
If you believe you have an issue that affects the security of applications that use SymCrypt,
please do NOT create a GitHub issue, but instead email your issue details to secure@microsoft.com.
Your report may be eligible for a bug bounty, but ONLY if it is reported through email.

3
.github/PULL_REQUEST_TEMPLATE.md поставляемый Normal file
Просмотреть файл

@ -0,0 +1,3 @@
If you believe you have a pull request that addresses a security issue in the SymCrypt code,
please do NOT create a GitHub pull request, but instead email your issue details to secure@microsoft.com.
Your report may be eligible for a bug bounty, but ONLY if it is reported through email.

67
build/createBuildString.cmd Normal file
Просмотреть файл

@ -0,0 +1,67 @@
@echo on
@rem We'll probably rename the version numbers to the new definition
call :GetVersionNumber SYMCRYPT_CODE_VERSION_API MajorVersionNumber
call :GetVersionNumber SYMCRYPT_CODE_VERSION_MINOR MinorVersionNumber
call :GetBranchName BranchName
call :GetDateTime DateTime
call :GetCommitInfo CommitInfo
echo // Build information. WARNING: automatically generated; DO NOT EDIT >tmp.txt
echo #define SYMCRYPT_BUILD_INFO_BRANCH "%BranchName%" >>tmp.txt
echo #define SYMCRYPT_BUILD_INFO_COMMIT "%CommitInfo%" >>tmp.txt
echo #define SYMCRYPT_BUILD_INFO_VERSION "%MajorVersionNumber%.%MinorVersionNumber%" >> tmp.txt
echo #define SYMCRYPT_BUILD_INFO_TIMESTAMP "%DateTime%" >>tmp.txt
copy tmp.txt %OBJECT_ROOT%\SymCrypt\build\%O%\buildInfo.h
type tmp.txt
goto cleanup
:GetCommitInfo
git log -n 1 --date=iso-strict-local --format=%%cd_%%h >t.txt
set /p %1=<t.txt
goto :EOF
:GetDateTime
set %1=%date:~-4%-%date:~-10,2%-%date:~-7,2%T%time:~,-3%
goto :EOF
:GetBranchName
git status | findstr /C:"On branch" >t.txt
set /P T=<t.txt
for /f "tokens=3" %%i in ("%T%") do set %1=%%i
goto :EOF
:GetVersionNumber
@rem argument: symbol name
@rem get into variable VersionNumber
@rem Extract the #define line from the version file
findstr define %SDXROOT%\SymCrypt\inc\symcrypt_version.inc | findstr %1 >t.txt
set /p T=<t.txt
@rem Extract the last item
for /f "tokens=3" %%i in ("%T%") do set %2=%%i
goto :EOF
:cleanup
set T=
set MajorVersionNumber=
set MinorVersionNumber=
set BranchName=
set DateTime=
set CommitInfo=
del t.txt
del tmp.txt

6
build/makefile.inc Normal file
Просмотреть файл

@ -0,0 +1,6 @@
$(OBJECT_ROOT)\SymCrypt\build\$(O)\buildInfo.h:
!if "$(BUILD_PASS)" == "PASS0"
createBuildString.cmd
!endif

3
build/sources Normal file
Просмотреть файл

@ -0,0 +1,3 @@
TARGETTYPE= NOTARGET
NTTARGETFILE0= $(OBJECT_ROOT)\SymCrypt\build\$(O)\buildInfo.h

1
dirs
Просмотреть файл

@ -1,4 +1,5 @@
DIRS = \
build \
publics \
lib \
unittest \

6
doc/EcCurve co-factor handling.txt
Просмотреть файл

@ -75,7 +75,7 @@ The high bit restrictions specification takes the following form:
- Bit position of the lowest bit to be specified (starting from 0 for the LSB)
- The bit values
The bits that are specified refer to the relevant secret key format.
For Canonincal and DivH formats the total number of bits is the # bits of GOrd-1.
For Canonical and DivH formats the total number of bits is the # bits of GOrd-1.
For DivHTimesH and TimesH formats the total number of bits is the # bits of |E|-1.
Note: as GOrd must be prime, #bits(Gord) == #bits(Gord-1). The same is true
@ -89,10 +89,10 @@ The ECDH algorithm can handle improper public keys in three ways.
(This reveals the private key modulo h to an observer.)
- Clear the co-factor component of the public key, and check that the result is nonzero.
Use the cleared public key for further computations.
Note that these aproaches are equivalent for PPKs, but differ in the result they produce for
Note that these approaches are equivalent for PPKs, but differ in the result they produce for
improper public keys.
An improper public key can be written as (Hi + Hp) where Hp is in <G> (a PPK) and Hi is in E/<G>.
Let x be the private key. If the DH exchange reveales x*H = x*(Hi + Hp) = x*Hi + x*Hp then the
Let x be the private key. If the DH exchange reveals x*H = x*(Hi + Hp) = x*Hi + x*Hp then the
attacker can multiply by T:=|<G>| and get T * x * Hi + x * (T * Hp) = x * (T * Hi) which reveals
(x mod h) by inspection as (T*Hi) is known to the attacker (and h is typically small).
The third option simply discards the Hi component of the improper public key and uses only Hp.

4
inc/symcrypt.h
Просмотреть файл

@ -13,7 +13,7 @@ extern "C" {
#include "symcrypt_version.inc"
#define SYMCRYPT_CODE_VERSION ((SYMCRYPT_CODE_VERSION_RELEASE << 16) | SYMCRYPT_CODE_VERSION_PRIVATE)
#define SYMCRYPT_API_VERSION ((SYMCRYPT_CODE_VERSION_API << 16) | SYMCRYPT_CODE_VERSION_MINOR)
//
// This is the header file for the SymCrypt library which contains
@ -195,7 +195,7 @@ extern "C" {
//
typedef enum {
SYMCRYPT_NO_ERROR = 0,
SYMCRYPT_UNUSED = SYMCRYPT_CODE_VERSION << 5, // This value changes all the time!
SYMCRYPT_UNUSED = SYMCRYPT_API_VERSION << 5, // This value changes all the time!
SYMCRYPT_WRONG_KEY_SIZE,
SYMCRYPT_WRONG_BLOCK_SIZE,
SYMCRYPT_WRONG_DATA_SIZE,

4
inc/symcrypt_inline.h
Просмотреть файл

@ -102,9 +102,9 @@ typedef struct _SYMCRYPT_EXTENDED_SAVE_DATA SYMCRYPT_EXTENDED_SAVE_DATA, *P
#define SYMCRYPT_ENVIRONMENT_DEFS( envName ) \
SYMCRYPT_EXTERN_C \
VOID SYMCRYPT_CALL SymCryptInitEnv##envName(); \
VOID SYMCRYPT_CALL SymCryptInitEnv##envName( UINT32 version ); \
VOID SYMCRYPT_CALL SymCryptInit() \
{ SymCryptInitEnv##envName(); } \
{ SymCryptInitEnv##envName( SYMCRYPT_API_VERSION ); } \
\
_Analysis_noreturn_ VOID SYMCRYPT_CALL SymCryptFatalEnv##envName( UINT32 fatalCode ); \
_Analysis_noreturn_ VOID SYMCRYPT_CALL SymCryptFatal( UINT32 fatalCode ) \

4
inc/symcrypt_internal.h
Просмотреть файл

@ -186,7 +186,7 @@ C_ASSERT( (SYMCRYPT_ALIGN_VALUE & (SYMCRYPT_ALIGN_VALUE - 1 )) == 0 );
#if defined(SYMCRYPT_MAGIC_ENABLED )
#define SYMCRYPT_MAGIC_FIELD SIZE_T magic;
#define SYMCRYPT_MAGIC_VALUE( p ) ((SIZE_T) p + 'S1mv' + SYMCRYPT_CODE_VERSION)
#define SYMCRYPT_MAGIC_VALUE( p ) ((SIZE_T) p + 'S1mv' + SYMCRYPT_API_VERSION)
#define SYMCRYPT_SET_MAGIC( p ) {(p)->magic = SYMCRYPT_MAGIC_VALUE( p );}
@ -2134,4 +2134,4 @@ SYMCRYPT_ALIGN struct _SYMCRYPT_802_11_SAE_CUSTOM_STATE {
#if SYMCRYPT_CPU_X86
#pragma warning(pop)
#endif
#endif
#endif

30
inc/symcrypt_version.inc
Просмотреть файл

@ -2,8 +2,7 @@
; SymCrypt_version.inc
; Copyright (c) Microsoft Corporation. Licensed under the MIT license.
;
; This is the file that contains the SymCrypt version information. It is updated by the build system
; so that each version of the library has a unique version number.
; This is the file that contains the SymCrypt version information.
;
; THIS FILE IS INCLUDED BOTH IN C AND ASSEMBLER CODE
; which is why the layout is strange.
@ -15,26 +14,31 @@
; Below we have separate areas where the C and ASM version numbers are defined.
; These should always be the same.
;
; The API version is intended to change when we change the API behavior in a way that
; breaks backward compatibility. Currently this value is not used.
; In previous releases we had a numbering system with major/minor version number.
; This worked well with the sequential servicing imposed by SourceDepot.
; With the switch to Git this no longer works due to having multiple branches.
; We move to having the version here only specify the API and minor version number
; These will NOT be changed for every build. The API version only changes when there are
; changes to the API in symcrypt.h. (Note: symcrypt_low_level.h is not stable and can change
; at any time.) The minor version is changed at regular intervals, but not necesarilly at
; every build of the library.
;
; The release version is incremented for every 'release' build.
; For private builds between releases the private version number is incremented.
; Separate from these numbers the build system includes information about the branch,
; last commit, build time, etc.
;
; The API numbering starts at 100 to avoid number conficts with the old system.
;
SYMCRYPT_API_VERSION EQU 1
SYMCRYPT_CODE_VERSION_RELEASE EQU 92
SYMCRYPT_CODE_VERSION_PRIVATE EQU 0
SYMCRYPT_CODE_VERSION_API EQU 100
SYMCRYPT_CODE_VERSION_MINOR EQU 1
if 0 ; Start an area that the assembler ignores
;*/ // End of C comment, the C compiler will read the lines below
#define SYMCRYPT_API_VERSION 1
#define SYMCRYPT_CODE_VERSION_RELEASE 92
#define SYMCRYPT_CODE_VERSION_PRIVATE 0
#define SYMCRYPT_CODE_VERSION_API 100
#define SYMCRYPT_CODE_VERSION_MINOR 1
;/* ; Switch back into a C comment so that we can close the IF
endif

2
lib/amd64/symcrypt_magic.inc
Просмотреть файл

@ -16,7 +16,7 @@ SYMCRYPT_MAGIC_FIELD MACRO
ENDM
SYMCRYPT_CODE_VERSION EQU ((SYMCRYPT_CODE_VERSION_RELEASE SHL 16) OR SYMCRYPT_CODE_VERSION_PRIVATE )
SYMCRYPT_CODE_VERSION EQU ((SYMCRYPT_CODE_VERSION_API SHL 16) OR SYMCRYPT_CODE_VERSION_MINOR )
SYMCRYPT_MAGIC_CONSTANT EQU ('S1mv' + SYMCRYPT_CODE_VERSION)
SYMCRYPT_CHECK_MAGIC MACRO ptr, struct_name

2
lib/arm/symcrypt_magic.inc
Просмотреть файл

@ -7,7 +7,7 @@
IMPORT SymCryptFatal
#define SYMCRYPT_CODE_VERSION (SYMCRYPT_CODE_VERSION_RELEASE * 65536 + SYMCRYPT_CODE_VERSION_PRIVATE)
#define SYMCRYPT_CODE_VERSION (SYMCRYPT_CODE_VERSION_API * 65536 + SYMCRYPT_CODE_VERSION_MINOR)
#define SYMCRYPT_MAGIC_CONSTANT (0x53316d76 + SYMCRYPT_CODE_VERSION)
MACRO

2
lib/arm64/symcrypt_magic.inc
Просмотреть файл

@ -7,7 +7,7 @@
IMPORT SymCryptFatal
#define SYMCRYPT_CODE_VERSION (SYMCRYPT_CODE_VERSION_RELEASE * 65536 + SYMCRYPT_CODE_VERSION_PRIVATE)
#define SYMCRYPT_CODE_VERSION (SYMCRYPT_CODE_VERSION_API * 65536 + SYMCRYPT_CODE_VERSION_MINOR)
#define SYMCRYPT_MAGIC_CONSTANT (0x53316d76 + SYMCRYPT_CODE_VERSION)
MACRO

4
lib/env_Win10Sgx.c
Просмотреть файл

@ -54,7 +54,7 @@ SymCryptFatalEnvWin10Sgx( UINT32 fatalCode )
VOID
SYMCRYPT_CALL
SymCryptInitEnvWin10Sgx()
SymCryptInitEnvWin10Sgx( UINT32 version )
{
if ( g_SymCryptFlags & SYMCRYPT_FLAG_LIB_INITIALIZED )
{
@ -89,7 +89,7 @@ SymCryptInitEnvWin10Sgx()
#endif
SymCryptInitEnvCommon();
SymCryptInitEnvCommon( version );
}
#if SYMCRYPT_CPU_AMD64 | SYMCRYPT_CPU_X86

6
lib/env_generic.c
Просмотреть файл

@ -22,7 +22,7 @@ SYMCRYPT_CPU_FEATURES SYMCRYPT_CALL SymCryptCpuFeaturesNeverPresentEnvGeneric()
VOID
SYMCRYPT_CALL
SymCryptInitEnvGeneric()
SymCryptInitEnvGeneric( UINT32 version )
{
if( g_SymCryptFlags & SYMCRYPT_FLAG_LIB_INITIALIZED )
{
@ -41,7 +41,7 @@ SymCryptInitEnvGeneric()
// All Neon operations are locked out by the static NeverPresent value.
#endif
SymCryptInitEnvCommon();
SymCryptInitEnvCommon( version );
}
_Analysis_noreturn_
@ -139,4 +139,4 @@ SymCryptCpuidExFuncEnvGeneric( int cpuInfo[4], int function_id, int subfunction_
__cpuidex( cpuInfo, function_id, subfunction_id );
}
#endif
#endif

4
lib/env_windowsBootLib.c
Просмотреть файл

@ -38,7 +38,7 @@ SYMCRYPT_CPU_FEATURES SYMCRYPT_CALL SymCryptCpuFeaturesNeverPresentEnvWindowsBoo
SYMCRYPT_NOINLINE
VOID
SYMCRYPT_CALL
SymCryptInitEnvWindowsBootlibrary()
SymCryptInitEnvWindowsBootlibrary( UINT32 version )
{
if( g_SymCryptFlags & SYMCRYPT_FLAG_LIB_INITIALIZED )
{
@ -61,7 +61,7 @@ SymCryptInitEnvWindowsBootlibrary()
SymCryptDetectCpuFeaturesFromRegistersNoTry();
#endif
SymCryptInitEnvCommon();
SymCryptInitEnvCommon( version );
}
_Analysis_noreturn_

6
lib/env_windowsKernelDebugger.c
Просмотреть файл

@ -16,7 +16,7 @@ SYMCRYPT_CPU_FEATURES SYMCRYPT_CALL SymCryptCpuFeaturesNeverPresentEnvWindowsKer
VOID
SYMCRYPT_CALL
SymCryptInitEnvWindowsKernelDebugger()
SymCryptInitEnvWindowsKernelDebugger( UINT32 version )
{
if( g_SymCryptFlags & SYMCRYPT_FLAG_LIB_INITIALIZED )
{
@ -29,7 +29,7 @@ SymCryptInitEnvWindowsKernelDebugger()
g_SymCryptCpuFeaturesNotPresent = (SYMCRYPT_CPU_FEATURES) ~0;
SymCryptInitEnvCommon();
SymCryptInitEnvCommon( version );
}
_Analysis_noreturn_
@ -127,4 +127,4 @@ SymCryptCpuidExFuncEnvWindowsKernelDebugger( int cpuInfo[4], int function_id, in
__cpuidex( cpuInfo, function_id, subfunction_id );
}
#endif
#endif

6
lib/env_windowsKernelModeWin7.c
Просмотреть файл

@ -35,7 +35,7 @@ SYMCRYPT_CPU_FEATURES SYMCRYPT_CALL SymCryptCpuFeaturesNeverPresentEnvWindowsKer
VOID
SYMCRYPT_CALL
SymCryptInitEnvWindowsKernelmodeWin7nLater()
SymCryptInitEnvWindowsKernelmodeWin7nLater( UINT32 version )
{
RTL_OSVERSIONINFOW verInfo;
#if SYMCRYPT_CPU_X86 | SYMCRYPT_CPU_AMD64
@ -83,7 +83,7 @@ SymCryptInitEnvWindowsKernelmodeWin7nLater()
#endif
SymCryptInitEnvCommon();
SymCryptInitEnvCommon( version );
}
_Analysis_noreturn_
@ -232,4 +232,4 @@ SymCryptCpuidExFuncEnvWindowsKernelmodeWin7nLater( int cpuInfo[4], int function_
__cpuidex( cpuInfo, function_id, subfunction_id );
}
#endif
#endif

6
lib/env_windowsKernelModeWin8_1.c
Просмотреть файл

@ -34,7 +34,7 @@ SYMCRYPT_CPU_FEATURES SYMCRYPT_CALL SymCryptCpuFeaturesNeverPresentEnvWindowsKer
VOID
SYMCRYPT_CALL
SymCryptInitEnvWindowsKernelmodeWin8_1nLater()
SymCryptInitEnvWindowsKernelmodeWin8_1nLater( UINT32 version )
{
RTL_OSVERSIONINFOW verInfo;
#if SYMCRYPT_CPU_X86 | SYMCRYPT_CPU_AMD64
@ -87,7 +87,7 @@ SymCryptInitEnvWindowsKernelmodeWin8_1nLater()
#endif
SymCryptInitEnvCommon();
SymCryptInitEnvCommon( version );
}
_Analysis_noreturn_
@ -190,4 +190,4 @@ SymCryptCpuidExFuncEnvWindowsKernelmodeWin8_1nLater( int cpuInfo[4], int functio
__cpuidex( cpuInfo, function_id, subfunction_id );
}
#endif
#endif

4
lib/env_windowsUserModeWin7.c
Просмотреть файл

@ -33,7 +33,7 @@ SYMCRYPT_CPU_FEATURES SYMCRYPT_CALL SymCryptCpuFeaturesNeverPresentEnvWindowsUse
VOID
SYMCRYPT_CALL
SymCryptInitEnvWindowsUsermodeWin7nLater()
SymCryptInitEnvWindowsUsermodeWin7nLater( UINT32 version )
{
if( g_SymCryptFlags & SYMCRYPT_FLAG_LIB_INITIALIZED )
@ -64,7 +64,7 @@ SymCryptInitEnvWindowsUsermodeWin7nLater()
#endif
SymCryptInitEnvCommon();
SymCryptInitEnvCommon( version );
}
_Analysis_noreturn_

4
lib/env_windowsUserModeWin8_1.c
Просмотреть файл

@ -14,7 +14,7 @@ SYMCRYPT_CPU_FEATURES SYMCRYPT_CALL SymCryptCpuFeaturesNeverPresentEnvWindowsUse
VOID
SYMCRYPT_CALL
SymCryptInitEnvWindowsUsermodeWin8_1nLater()
SymCryptInitEnvWindowsUsermodeWin8_1nLater( UINT32 version )
{
if( g_SymCryptFlags & SYMCRYPT_FLAG_LIB_INITIALIZED )
@ -51,7 +51,7 @@ SymCryptInitEnvWindowsUsermodeWin8_1nLater()
#endif
SymCryptInitEnvCommon();
SymCryptInitEnvCommon( version );
}
_Analysis_noreturn_

2
lib/i386/symcrypt_magic.inc
Просмотреть файл

@ -16,7 +16,7 @@ SYMCRYPT_MAGIC_FIELD MACRO
ENDM
SYMCRYPT_CODE_VERSION EQU ((SYMCRYPT_CODE_VERSION_RELEASE SHL 16) OR SYMCRYPT_CODE_VERSION_PRIVATE )
SYMCRYPT_CODE_VERSION EQU ((SYMCRYPT_CODE_VERSION_API SHL 16) OR SYMCRYPT_CODE_VERSION_MINOR )
SYMCRYPT_MAGIC_CONSTANT EQU ('S1mv' + SYMCRYPT_CODE_VERSION)
SYMCRYPT_CHECK_MAGIC MACRO ptr, struct_name

30
lib/libmain.c
Просмотреть файл

@ -9,6 +9,9 @@
#define EQU =
#include "C_asm_shared.inc"
#undef EQU
#include "buildInfo.h"
// The following global g_SymCryptFlags has to be at least 32
// bits because the iOS environment has interlocked function
@ -31,13 +34,25 @@ SymCryptLibraryWasNotInitialized()
#endif
CHAR * SymCryptBuildString =
"v" SYMCRYPT_BUILD_INFO_VERSION
"_" SYMCRYPT_BUILD_INFO_BRANCH
"_" SYMCRYPT_BUILD_INFO_COMMIT
"_" SYMCRYPT_BUILD_INFO_TIMESTAMP;
VOID
SYMCRYPT_CALL
SymCryptInitEnvCommon()
SymCryptInitEnvCommon( UINT32 version )
// Returns TRUE if the initializatoin steps have to be performed.
{
UINT32 tmp;
CHAR * p;
// Assertion that verifies that the calling application was compiled with
// the same version header files as the library.
SYMCRYPT_HARD_ASSERT( version == SYMCRYPT_API_VERSION );
//
// Use an interlocked to set the flag in case we add other flags
// that are modified by different threads.
@ -49,7 +64,18 @@ SymCryptInitEnvCommon()
// version is part of the binary, so we can look at a binary and figure
// out which version of SymCrypt it was linked with.
//
SYMCRYPT_FORCE_WRITE32( &tmp, SYMCRYPT_CODE_VERSION );
SYMCRYPT_FORCE_WRITE32( &tmp, SYMCRYPT_API_VERSION );
//
// Force the build string to be in memory, because otherwise the
// compiler might get smart and remove it.
// This ensures we can always track back to the SymCrypt source code from
// any binary that links this library
//
for( p = SymCryptBuildString; *p!=0; p++ )
{
SYMCRYPT_FORCE_WRITE8( (PBYTE) &tmp, *p );
}
//
// Make an inverted copy of the CPU detection results.

2
lib/sc_lib-testhooks.h
Просмотреть файл

@ -49,7 +49,7 @@ SymCryptDetectCpuFeaturesFromRegistersNoTry();
VOID
SYMCRYPT_CALL
SymCryptInitEnvCommon();
SymCryptInitEnvCommon( UINT32 version );
_Analysis_noreturn_
VOID

1
lib/sources
Просмотреть файл

@ -26,6 +26,7 @@ INCLUDES= \
$(DS_INC_PATH)\crypto; \
$(IFSKIT_INC_PATH); \
$(MINWIN_INTERNAL_PRIV_SDK_INC_PATH_L)\boot; \
$(OBJECT_ROOT)\SymCrypt\build\$(O); \
SOURCES= \
blockciphermodes.c \

193
scbuild/scbuild.cs
Просмотреть файл

@ -70,6 +70,8 @@ class ScBuild
{
string LogDateTimeFormat = "yyyy-MM-dd HH:mm:ss.ff";
Random m_random;
public IDictionary m_environment;
public string m_SymCryptDir;
@ -354,7 +356,6 @@ class ScBuild
public static IList RunStderr = ArrayList.Synchronized( new ArrayList() );
public string CheckRelDirSynced( string relDir )
// Returns the name of the current branch
{
@ -438,6 +439,11 @@ class ScBuild
void CheckWriteableFiles()
{
// This code is no longer used as on Git all files are writable.
// Keeping the code for now in case we need it
Debug.Assert( false );
string [] res = RunCmd( "", "dir /a-r-d /s /b" );
foreach( string r in res )
@ -482,8 +488,8 @@ class ScBuild
}
}
int m_releaseVersion = -1;
int m_privateVersion = -1;
int m_apiVersion = -1;
int m_minorVersion = -1;
void UpdateVersionNumber()
{
@ -495,16 +501,16 @@ class ScBuild
Fatal( "Could not read file '{0}'", versionFileName );
}
int vRelease = -1;
int nRelease = 0;
int vPrivate = -1;
int nPrivate = 0;
int newRelease = -1;
int newPrivate = -1;
int vApi = -1;
int nApi = 0;
int vMinor = -1;
int nMinor = 0;
int newApi = -1;
int newMinor = -1;
for( int i=0; i<lines.Length; i++ )
{
string line = lines[i];
if( line.Contains( "SYMCRYPT_CODE_VERSION_RELEASE" ) )
if( line.Contains( "SYMCRYPT_CODE_VERSION_API" ) )
{
MatchCollection matches = Regex.Matches( line, @"\d+" );
if( matches.Count != 1 )
@ -513,55 +519,55 @@ class ScBuild
}
Match m = matches[0];
string digits = m.Value;
int releaseVersion = Convert.ToInt32( digits );
int apiVersion = Convert.ToInt32( digits );
if( vRelease >= 0 && vRelease != releaseVersion )
if( vApi >= 0 && vApi != apiVersion )
{
Fatal( "Inconsistent release versions in symcrypt_version.inc file {0} {1} {2}", vRelease, releaseVersion, line );
Fatal( "Inconsistent API versions in symcrypt_version.inc({0}) : {1} {2}", line, vApi, apiVersion );
}
vRelease = releaseVersion;
newRelease = vRelease;
if( m_option_release )
{
newRelease++;
line = line.Replace( digits, newRelease.ToString() );
lines[i] = line;
}
nRelease++;
vApi = apiVersion;
newApi = vApi;
//if( false ) // never auto-increment API version #
//{
// newApi++;
// line = line.Replace( digits, newApi.ToString() );
// lines[i] = line;
//}
nApi++;
}
if( line.Contains( "SYMCRYPT_CODE_VERSION_PRIVATE" ) )
if( line.Contains( "SYMCRYPT_CODE_VERSION_MINOR" ) )
{
MatchCollection matches = Regex.Matches( line, @"\d+" );
if( matches.Count != 1 )
{
Fatal( "Did not find a single integer in a Private version line '{0}'", line );
Fatal( "Did not find a single integer in a minor version line '{0}'", line );
}
Match m = matches[0];
string digits = m.Value;
int privateVersion = Convert.ToInt32( digits );
int minorVersion = Convert.ToInt32( digits );
if( vPrivate >= 0 && vPrivate != privateVersion )
if( vMinor >= 0 && vMinor != minorVersion )
{
Fatal( "Inconsistent private versions in symcrypt_version.inc file" );
Fatal( "Inconsistent minor versions in symcrypt_version.inc file" );
}
vPrivate = privateVersion;
vMinor = minorVersion;
newPrivate = vPrivate + 1;
if( m_option_release )
newMinor = vMinor;
if( m_option_inc_version )
{
newPrivate = 0;
newMinor = vMinor + 1;
line = line.Replace( digits, newMinor.ToString() );
lines[i] = line;
}
line = line.Replace( digits, newPrivate.ToString() );
lines[i] = line;
nPrivate++;
nMinor++;
}
}
if( nPrivate != 2 || nRelease != 2 )
if( nApi != 2 || nMinor != 2 )
{
Fatal( "symcrypt_version.inc file has unexepected number of release or private version-containing lines" );
Fatal( "symcrypt_version.inc file has unexepected number of API and minor version-containing lines" );
}
foreach( string l in lines )
@ -569,41 +575,20 @@ class ScBuild
//Print( l + "\n" );
}
m_releaseVersion = newRelease;
m_privateVersion = newPrivate;
m_apiVersion = newApi;
m_minorVersion = newMinor;
Print( "New SymCrypt version number: Release = {0}, Private = {1}\n", newRelease, newPrivate );
Print( "New SymCrypt version number {0}.{1}\n", newApi, newMinor );
if( m_option_version_noupdate )
if( !m_option_inc_version )
{
Print( "...Not updating version number\n" );
return;
}
// We don't allow the version number to be updated outside the master branch because it creates merge
// conflicts and the version numbers wouldn't be unique anymore.
if( m_currentBranch != "master" )
{
Fatal( "Version number update not supported except on branch master. Currently on '{0}'\n", m_currentBranch );
}
File.WriteAllLines(versionFileName, lines);
string[] res = RunCmd( "", "git commit -m \"Updating symcrypt_version.inc\" " + versionFileName );
bool foundChange = false;
foreach( string line in res )
{
if (Regex.IsMatch(line, @"1 file changed"))
{
foundChange = true;
}
}
if( !foundChange )
{
Fatal( @"Cound not commit file '{0}'", versionFileName );
}
// We do not commit any data so that we can always build without touching the repo state.
}
@ -652,7 +637,13 @@ class ScBuild
if( arch.StartsWith( "x86" ) || arch.StartsWith( "amd64" ) )
{
string [] res = RunCmd( "", @"release\lib\" + arch + @"\" + @"symcryptunittest -savexmmnofail" );
string command = @"release\lib\" + arch + @"\" + @"symcryptunittest";
// Use the savexmmnofail option only somtimes
if( m_random.Next(2) == 0 )
{
command += " -savexmmnofail";
}
string [] res = RunCmd( "", command );
if( !Regex.IsMatch( res[ res.Length - 1 ], "...SymCrypt unit test done" ) )
{
Fatal( "Did not detect that SymCrypt unit test succeeded" );
@ -687,9 +678,8 @@ class ScBuild
bool m_option_release = false;
bool m_option_private = false;
bool m_option_test = false;
string [] m_option_flavors = null;
static string [] m_all_flavors = new string [] {
"amd64chk", "amd64fre",
@ -697,12 +687,14 @@ class ScBuild
"arm64chk", "arm64fre",
"armchk", "armfre",
};
bool m_option_inc_version = false;
bool m_option_ignore_sync = false;
bool m_option_ignore_writable = false;
bool m_option_ignore_opened = false;
bool m_option_version_noupdate = false;
bool m_option_no_tag = false;
string m_argumentsString = "";
string m_argumentsString = ""; // normalized argument string
public bool ProcessOptions( string [] args )
{
@ -717,17 +709,10 @@ class ScBuild
m_option_release = true;
}
else if (opt == "-p")
{
m_option_private = true;
}
else if (opt == "-t")
{
m_option_test = true;
ProcessOptions(new string[] { "-i", });
m_option_version_noupdate = true;
m_option_no_tag = true;
}
else if (opt.StartsWith("-i"))
@ -762,6 +747,10 @@ class ScBuild
}
m_option_flavors = fls;
}
else if (opt == "-version" )
{
m_option_inc_version = true;
}
else
{
Usage();
@ -783,13 +772,13 @@ class ScBuild
public void CheckOptionConsistency()
{
if (BoolToInt(m_option_release) + BoolToInt(m_option_private) + BoolToInt(m_option_test) == 0)
if (BoolToInt(m_option_release) + BoolToInt(m_option_test) == 0)
{
ProcessOptions( new string [] {"-t"} );
}
if (BoolToInt(m_option_release) + BoolToInt(m_option_private) + BoolToInt(m_option_test) != 1)
if (BoolToInt(m_option_release) + BoolToInt(m_option_test) != 1)
{
Fatal("Cannot specify more than one of -r -p -t");
Fatal("Cannot specify more than one of -r -t");
}
}
@ -797,19 +786,24 @@ class ScBuild
{
Print( "Usage: scbuild <options...>\n"
+ "Options:\n"
+ "-r Build a release version (increments release version number)\n"
+ "-p Build a private version (increments private version number)\n"
+ "-t Build a test version (no changes to git repo)\n"
+ "-r Build a release version (checks for open files)\n"
+ "-t Build a test version\n"
+ "-i[swo] Ignore Sync/Writable/Opened file issues\n"
+ " -i is equivalent to -iswo\n"
+ "-f<...> Specify flavors to build in comma-separated list\n"
+ " Flavors: x86chk, x86fre, amd64chk, amd64fre, armchk, armfre,\n"
+ " arm64chk, arm64fre\n"
+ "-version Increment the minor version in inc\\symcrypt_version.h\n"
);
}
public void CreateGitTag()
{
// In Git it doesn't work to change the repo in the build tool.
// We no longer use this code, but keep it around for now in case we need it in the future.
Debug.Assert( false );
/*
// Our code still used 'label' in many places, as that is the tag concept in Source Depot
if( !m_option_release || m_option_no_tag )
{
@ -843,8 +837,19 @@ class ScBuild
{
Fatal("Could not verify that tag was properly created");
}
*/
}
public string GetCommitInfo()
{
string [] reslines = RunCmd( ".", @"git log -n 1 --date=iso-strict-local --format=%cd_%h" );
string res = reslines[0];
res = res.Trim();
res = res.Replace( ":", "" ); // colons are not valid in file names
return res;
}
public void CreateCab()
{
Print("Copying header files to release directory...\n");
@ -870,9 +875,9 @@ class ScBuild
Output.CloseLogFile();
MoveFile( "scbuild.log", @"release\scbuild.log" );
if( m_releaseVersion < 0 || m_privateVersion < 0 )
if( m_apiVersion < 0 || m_minorVersion < 0 )
{
Fatal( "Cannot generate CAB file without version number {0} {1}", m_releaseVersion, m_privateVersion );
Fatal( "Cannot generate CAB file without version number {0} {1}", m_apiVersion, m_minorVersion );
}
string fileNameWarning = "";
@ -880,15 +885,14 @@ class ScBuild
m_option_ignore_opened ||
m_option_ignore_sync ||
m_option_ignore_writable ||
m_option_no_tag ||
m_option_version_noupdate ||
m_option_inc_version ||
!m_option_release
)
{
fileNameWarning = "_not_for_release";
}
string cabFileName = "SymCrypt" + fileNameWarning + "_v" + m_releaseVersion + "." + m_privateVersion + "_" + m_currentBranch + ".cab";
string cabFileName = "SymCrypt" + fileNameWarning + "_v" + m_apiVersion + "." + m_minorVersion + "_" + m_currentBranch + "_" + GetCommitInfo() + ".cab";
string [] res = RunCmd( "release", "cabarc -r -p n " + cabFileName + " *.*" );
if( !Regex.IsMatch( res[ res.Length - 1 ], "Completed successfully" ) )
@ -951,6 +955,8 @@ class ScBuild
Print( "Start time = {0}\n", DateTime.Now.ToString( LogDateTimeFormat ) );
m_random = new Random();
if( !ProcessOptions( args ) )
{
return;
@ -968,11 +974,18 @@ class ScBuild
CheckForBannedSymbols();
UpdateVersionNumber();
UpdateVersionNumber(); // retrieve & update if needed
if( m_option_inc_version )
{
// Incrementing the version # should be followed by a checkin of the new #,
// so we don't build after the change.
return;
}
CleanReleaseDirectory();
CreateGitTag();
// CreateGitTag();
BuildAndUnitTest();
@ -983,7 +996,7 @@ class ScBuild
public static int Main( string[] args )
{
int res = 0;
try
{
new ScBuild( args );

4
unittest/lib/env_SymCryptUnittest.cpp
Просмотреть файл

@ -46,7 +46,7 @@ SYMCRYPT_CPU_FEATURES SYMCRYPT_CALL SymCryptCpuFeaturesNeverPresentEnvUnittest()
VOID
SYMCRYPT_CALL
SymCryptInitEnvUnittest()
SymCryptInitEnvUnittest( UINT32 version )
{
if( g_SymCryptFlags & SYMCRYPT_FLAG_LIB_INITIALIZED )
{
@ -80,7 +80,7 @@ SymCryptInitEnvUnittest()
#endif
SymCryptInitEnvCommon();
SymCryptInitEnvCommon( version );
}
_Analysis_noreturn_

2
unittest/sys_Win7nLater/sources
Просмотреть файл

@ -26,8 +26,6 @@ TARGETLIBS= \
# $(DS_LIB_PATH)\rsa32.lib \
# $(SDK_LIB_PATH)\powrprof.lib \
$(DDK_LIB_PATH)\ksecdd.lib \
#***** REMOVE NEXT LINE BEFORE SHIP *****
$(MINWIN_INTERNAL_PRIV_SDK_LIB_PATH_L)\symcrypt-$(BUILD_TYPE).lib \
$(OBJECT_ROOT)\symcrypt\lib\$(O)\symcrypt.lib \
!IF "$(386)" == "1"

2
unittest/sys_legacy/sources
Просмотреть файл

@ -26,8 +26,6 @@ TARGETLIBS= \
# $(DS_LIB_PATH)\rsa32.lib \
# $(SDK_LIB_PATH)\powrprof.lib \
$(DDK_LIB_PATH)\ksecdd.lib \
#***** REMOVE NEXT LINE BEFORE SHIP *****
$(MINWIN_INTERNAL_PRIV_SDK_LIB_PATH_L)\symcrypt-$(BUILD_TYPE).lib \
$(OBJECT_ROOT)\symcrypt\lib\$(O)\symcrypt.lib \
!IF "$(386)" == "1"

2
unittest/sys_test/sources
Просмотреть файл

@ -26,8 +26,6 @@ TARGETLIBS= \
# $(DS_LIB_PATH)\rsa32.lib \
# $(SDK_LIB_PATH)\powrprof.lib \
$(DDK_LIB_PATH)\cng.lib \
#***** REMOVE NEXT LINE BEFORE SHIP *****
$(MINWIN_INTERNAL_PRIV_SDK_LIB_PATH_L)\symcrypt-$(BUILD_TYPE).lib \
$(OBJECT_ROOT)\symcrypt\lib\$(O)\symcrypt.lib \