oss-fuzz/projects/libecc/Dockerfile

# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
################################################################################

# Held back because of github.com/google/oss-fuzz/pull/8313
# Please fix failure and upgrade.
FROM gcr.io/oss-fuzz-base/base-builder@sha256:111d6b9d3a52bd3392602c71dc8936c628607a7a9bc86d381db7586f9b1e840f
RUN apt-get update && apt-get install -y make autoconf automake libtool wget python bison flex texinfo lzip
RUN git clone https://github.com/ANSSI-FR/libecc.git
RUN git clone --depth 1 https://github.com/randombit/botan.git
RUN git clone https://github.com/wolfssl/wolfssl
RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz
RUN wget --no-check-certificate https://gmplib.org/download/gmp/gmp-6.2.1.tar.lz
RUN test "$(sha256sum gmp-6.2.1.tar.lz)" = "2c7f4f0d370801b2849c48c9ef3f59553b5f1d3791d070cffb04599f9fc67b41  gmp-6.2.1.tar.lz"
RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.74.0/source/boost_1_74_0.tar.bz2
COPY build.sh $SRC/
# This is to fix Fuzz Introspector build by using LLVM old pass manager
# re https://github.com/ossf/fuzz-introspector/issues/305
ENV OLD_LLVMPASS 1
[libecc] Add project libecc (#5613) 2021-04-15 16:34:32 +00:00			`# Copyright 2021 Google LLC`
			`#`
			`# Licensed under the Apache License, Version 2.0 (the "License");`
			`# you may not use this file except in compliance with the License.`
			`# You may obtain a copy of the License at`
			`#`
			`# http://www.apache.org/licenses/LICENSE-2.0`
			`#`
			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS,`
			`# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`# See the License for the specific language governing permissions and`
			`# limitations under the License.`
			`#`
			`################################################################################`

Roll clang to llvmorg-15-init-1464-gbf7f8d6f (#8313) * Roll clang to llvmorg-15-init-1464-gbf7f8d6f This is incremental roll meant to break less than #8108 * Pin some projects * pin cryptofuzz 2022-08-24 14:31:28 +00:00			`# Held back because of github.com/google/oss-fuzz/pull/8313`
			`# Please fix failure and upgrade.`
			`FROM gcr.io/oss-fuzz-base/base-builder@sha256:111d6b9d3a52bd3392602c71dc8936c628607a7a9bc86d381db7586f9b1e840f`
[libecc] Updates (#7246) * [libecc] Updates * [libecc] Use libgmp tarball 2022-02-07 20:53:09 +00:00			`RUN apt-get update && apt-get install -y make autoconf automake libtool wget python bison flex texinfo lzip`
[libecc] Add project libecc (#5613) 2021-04-15 16:34:32 +00:00			`RUN git clone https://github.com/ANSSI-FR/libecc.git`
			`RUN git clone --depth 1 https://github.com/randombit/botan.git`
[libecc] Add wolfCrypt (#7300) 2022-02-18 16:06:11 +00:00			`RUN git clone https://github.com/wolfssl/wolfssl`
[libecc] Add project libecc (#5613) 2021-04-15 16:34:32 +00:00			`RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz`
Fix libgmp download in multiple projects (#9314) The certificate of https://gmplib.org/ has expired. The website displays the following message: ``` YES, THE CERTIFICATE IS EXPIRED. Sorry about that. We're working on the renewal process. Unfortunately, our SSL provider changes the renewal interface each year, and it is always a challenge to figure out what to do. Now the only actions are REGENERATE (actiually not, as the cert is expired), REVOKE (well, not desirable) and INTERMEDIATE CERTIFICATE (which is not an action but a thing, oh well. ``` But this is breaking a lot of builds and this still hasn't been fixed after a few days, so with this PR I'm instead downloading the libgmp source archive and bypass the certificate check and manually verify the sha256 hash of the downloaded file. Only the `cryptofuzz` and `bignum-fuzzer` projects ideally need to use the latest repository checkout, instead of a versioned source archive, because with these projects the aim is to find bugs in libgmp. In all other projects, libgmp only serves as an oracle, and using the latest stable version is fine. Once gmp fixes their certificate, I will revert `cryptofuzz` and `bignum-fuzzer` to use the repository again. For now it's ok to use the latest stable version. 2022-12-30 13:32:40 +00:00			`RUN wget --no-check-certificate https://gmplib.org/download/gmp/gmp-6.2.1.tar.lz`
			`RUN test "$(sha256sum gmp-6.2.1.tar.lz)" = "2c7f4f0d370801b2849c48c9ef3f59553b5f1d3791d070cffb04599f9fc67b41 gmp-6.2.1.tar.lz"`
Update Boost download location in all projects (try 2) (#5705) bintray is deprecated now 2021-05-04 02:26:18 +00:00			`RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.74.0/source/boost_1_74_0.tar.bz2`
[libecc] Add project libecc (#5613) 2021-04-15 16:34:32 +00:00			`COPY build.sh $SRC/`
Set flags to use old pass manger (#7828) * Set flags to use old pass manger * nit * Add comment to Dockerfile * More informative comment * nit 2022-06-09 09:39:25 +00:00			`# This is to fix Fuzz Introspector build by using LLVM old pass manager`
			`# re https://github.com/ossf/fuzz-introspector/issues/305`
			`ENV OLD_LLVMPASS 1`