Adding pkeyutl tool to the CLI #2575
Conversation
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #2575 +/- ##
==========================================
- Coverage 78.97% 78.94% -0.03%
==========================================
Files 673 675 +2
Lines 114965 115273 +308
Branches 16166 16211 +45
==========================================
+ Hits 90794 91008 +214
- Misses 23385 23479 +94
Partials 786 786 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
…cess violations Remove redundant ReadFileToString operations in FileOutput test that were causing 0xc0000005 access violations in Windows/MSYS2 CI environments. ValidateKeyFile already confirms file existence, validity, and proper content, making the additional file reads unnecessary and problematic due to Windows file handle conflicts. Also renamed FileVsStdoutOutput to FileOutput to better reflect the actual test purpose. Fixes Windows CI failures similar to those seen in PR aws#2575. 🤖 Assisted by Amazon Q Developer
|
The msys2/ucrt64 CI failures seem related: A "0xc0000005" exit status seems to be associated with memory access violations on Windows. |
Yea I've been trying to debug why we see this. Before opening the file, we stat it to make sure it exists. In this particular use case, the file is created by the test harness, opened via BIO APIs and populated by the pkeyutl tool, and then fails when we try to read the file subsequently to validate it's contents. I added additional explicit instructions to close any BIO handles that may create resource contention but continued seeing this error. We can see this in the logs here: We also only see this access violation in msys2 ucrt64 - (Ninja/MinGW) builds. For example msys2 ucrt64 with MSYS Makefiles doesn't fail (neither do any of the other Windows CI checks). My two pending investigation avenues are as follows:
|
smittals2
force-pushed
the
pkeyutl_tool
branch
3 times, most recently
from
5486a85 to
47fde32
Compare
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
tool-openssl/pkeyutl_test.cc
Outdated
| const int buffer_size = 1024; | ||
| std::vector<char> buffer(buffer_size); | ||
| std::string output; | ||
| int bytes_read; |
There was a problem hiding this comment.
warning: variable 'bytes_read' is not initialized [cppcoreguidelines-init-variables]
| int bytes_read; | |
| int bytes_read = 0; |
I suspect the issue might be that it's linking to the wrong C++ runtime when the test runs. I have a couple of ideas we could try to debug these tests:
|
justsmth
force-pushed
the
pkeyutl_tool
branch
4 times, most recently
from
7a59b75 to
dd09936
Compare
### Description of changes: Prepare v1.62.0 release #### What's Changed * nginx now supports AWS-LC by @samuel40791765 in #2714 * Fix tests that assume X25519 will be negotiated by @alexw91 in #2682 * Fixing a bug in ML-DSA poly_uniform function by @dkostic in #2721 * Migrate integration omnibus by @skmcgrail in #2715 * Delete util/bot directory by @justsmth in #2723 * Don't ignore CMAKE_C_FLAGS w/ MSVC by @justsmth in #2722 * Bump urllib3 from 2.2.3 to 2.5.0 in /tests/ci by @dependabot[bot] in #2551 * Type fix in mldsa by @manastasova in #2308 * Centralize password handling tool-openssl by @kingstjo in #2555 * crypto/pem: replace strncmp with CRYPTO_memcmp to fix -Wstring-compare error by @R3hankhan123 in #2724 * Implement dgst CLI command by @nhatnghiho in #2638 * Add ASN.1 decoding for ML-KEM private keys as seeds by @jakemas in #2707 * Implement genrsa command by @kingstjo in #2535 * Move udiv and sencond tweak calculations to when needed by @nebeid in #2726 * Add null check on RSA key checks by @samuel40791765 in #2727 * Implement workaround for FORTIFY_SOURCE warning with jitterentropy by @skmcgrail in #2728 * Implement coverity suggestions by @skmcgrail in #2730 * Add minimal EC CLI tool implementation by @kingstjo in #2640 * Adding pkeyutl tool to the CLI by @smittals2 in #2575 * Add CI dimensions for legacy AVX512 flags by @smittals2 in #2732 * Fix Libwebsockets CI by @smittals2 in #2737 * Add option ENABLE_SOURCE_MODIFICATION by @justsmth in #2739 * Simple script to build/run tests by @justsmth in #2736 * Add build-time option to opt-out of CPU Jitter Entropy by @torben-hansen in #2733 By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.
4 participants
Description of changes:
Add pkeutl tool with:
-help
-in
-out
-sign
-verify
-inkey
-sigfile
-pubin
-passin
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.