diff --git a/.github/workflows/adhoctest.yml b/.github/workflows/adhoctest.yml
index a4c862ec2..beef72209 100644
--- a/.github/workflows/adhoctest.yml
+++ b/.github/workflows/adhoctest.yml
@@ -30,13 +30,14 @@ permissions:
jobs:
build:
+ timeout-minutes: 5
runs-on: ${{ matrix.os }}
strategy:
- max-parallel: 20
+ max-parallel: 10
matrix:
- os: [macos-13, macos-14]
- # os: [macos-11, macos-12, macos-13, ubuntu-20.04, ubuntu-22.04]
+ # https://docs.github.com/en/actions/reference/runners/github-hosted-runners#supported-runners-and-hardware-resources
+ os: [macos-15-intel, macos-26-intel, macos-14, macos-15, macos-26, ubuntu-latest, windows-latest]
fail-fast: false
steps:
@@ -47,16 +48,73 @@ jobs:
run: |
dir "C:\Program Files\OpenSSL*\*"
dir "C:\Program Files\OpenSSL*\lib\*"
- - name: Find aes.h on !Windows
+ - name: Find OpenSSL on !Windows
if: ${{ runner.os != 'Windows' }}
run: |
- set +e # want everything to run
- find /usr -name aes.h -ls || true
- find /usr -type d -name openssl -ls || true
- find /opt -name aes.h -ls || true
- find /opt -type d -name openssl -ls || true
- ls -l /usr/local/include /usr/local/opt/openssl/include || true # is this where macos12-13 find aes.h?
- ls -l /opt/local/include || true # Try this for macos-14
- find /usr -type l -name openssl -ls 2>/dev/null
- find /opt -type l -name openssl -ls 2>/dev/null
+ set +e
+ set -x
+
+ echo "=== OpenSSL Path Discovery ==="
+
+ if [[ "$OSTYPE" == "darwin"* ]]; then
+ echo "--- macOS OpenSSL Detection ---"
+
+ MAC_OS_OPENSSL_DIRS=(
+ "/opt/homebrew/opt/openssl@3"
+ "/opt/homebrew/opt/openssl@1.1"
+ "/usr/local/opt/openssl@3"
+ "/usr/local/opt/openssl@1.1"
+ "/opt/local"
+ "/opt/homebrew"
+ "/usr/local"
+ )
+
+ MAC_LIB_OPENSSL=""
+ MAC_INC_OPENSSL=""
+
+ echo "--- Checking directories ---"
+ for dir in "${MAC_OS_OPENSSL_DIRS[@]}"; do
+ lib_dir="$dir/lib"
+ inc_dir="$dir/include"
+
+ echo " Checking: $dir"
+
+ if [[ -d "$lib_dir" ]] && [[ -z "$MAC_LIB_OPENSSL" ]]; then
+ for lib in "libcrypto.dylib" "libcrypto.3.dylib" "libcrypto.1.1.dylib"; do
+ if [[ -f "$lib_dir/$lib" ]]; then
+ MAC_LIB_OPENSSL="$lib_dir"
+ echo " Found lib: $lib_dir/$lib"
+ break
+ fi
+ done
+ fi
+
+ if [[ -d "$inc_dir" ]] && [[ -z "$MAC_INC_OPENSSL" ]] && [[ -f "$inc_dir/openssl/aes.h" ]]; then
+ MAC_INC_OPENSSL="$inc_dir"
+ echo " Found include: $inc_dir/openssl/aes.h"
+ fi
+ done
+
+ echo "--- Discovery Results ---"
+ if [[ -n "$MAC_LIB_OPENSSL" ]]; then
+ echo "MAC_LIB_OPENSSL=$MAC_LIB_OPENSSL"
+ ls -la "$MAC_LIB_OPENSSL"/libcrypto*.dylib 2>/dev/null || true
+ else
+ echo "MAC_LIB_OPENSSL=NOT_FOUND"
+ fi
+
+ if [[ -n "$MAC_INC_OPENSSL" ]]; then
+ echo "MAC_INC_OPENSSL=$MAC_INC_OPENSSL"
+ ls -la "$MAC_INC_OPENSSL"/openssl/aes.h 2>/dev/null || true
+ else
+ echo "MAC_INC_OPENSSL=NOT_FOUND"
+ fi
+ else
+ echo "--- Linux OpenSSL Detection ---"
+ find /usr -name aes.h -ls 2>/dev/null || true
+ find /usr -type d -name openssl -ls 2>/dev/null || true
+ find /usr/lib* -name libcrypto.so* -ls 2>/dev/null || true
+ fi
+
+ echo "=== OpenSSL Binary Locations ==="
which -a openssl | while read a ;do echo "$a" ; "$a" version -a; echo '======='; done
diff --git a/.github/workflows/benchmarkadhoc.yml b/.github/workflows/benchmarkadhoc.yml
index 25edcda91..847dfad0e 100644
--- a/.github/workflows/benchmarkadhoc.yml
+++ b/.github/workflows/benchmarkadhoc.yml
@@ -24,16 +24,16 @@ permissions:
jobs:
build:
+ timeout-minutes: 5
runs-on: ${{ matrix.os }}
continue-on-error: ${{ matrix.experimental }}
strategy:
max-parallel: 20
matrix:
- # macos-latest and ubuntu-latest uses OpenSSL 3 which breaks tests
- os: [macos-11, ubuntu-20.04, windows-latest]
+ os: [macos-15, ubuntu-latest, windows-latest]
# Run lowest and highest Java versions only
- java: [ 8, 21 ]
+ java: [ 8, 21, 25 ]
experimental: [false]
fail-fast: false
@@ -50,7 +50,7 @@ jobs:
- name: Set up JDK ${{ matrix.java }}
uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
with:
- distribution: 'temurin'
+ distribution: 'zulu'
java-version: ${{ matrix.java }}
- name: OpenSSL version
run: openssl version -a
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 2253f26c0..853aca0a6 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -38,14 +38,15 @@ permissions:
jobs:
analyze:
name: Analyze
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-latest
+ timeout-minutes: 10
permissions:
actions: read
contents: read
security-events: write
strategy:
- max-parallel: 20
+ max-parallel: 5
fail-fast: false
matrix:
language: [ 'cpp', 'java' ]
@@ -72,7 +73,7 @@ jobs:
if: ${{ matrix.language == 'java' }}
uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
with:
- distribution: 'temurin'
+ distribution: 'zulu'
java-version: ${{ matrix.java }}
# Initializes the CodeQL tools for scanning.
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index f0d8ca94e..3e7d470f8 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -24,6 +24,7 @@ permissions:
jobs:
dependency-review:
runs-on: ubuntu-latest
+ timeout-minutes: 5
steps:
- name: 'Checkout Repository'
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
diff --git a/.github/workflows/docker_images.yml b/.github/workflows/docker_images.yml
index 5687ce70c..d2f3408fe 100644
--- a/.github/workflows/docker_images.yml
+++ b/.github/workflows/docker_images.yml
@@ -34,6 +34,7 @@ permissions:
jobs:
docker:
runs-on: ubuntu-latest
+ timeout-minutes: 20
permissions:
contents: read
packages: write
diff --git a/.github/workflows/maven_crosstest.yml b/.github/workflows/maven_crosstest.yml
index 988e69f83..681bae851 100644
--- a/.github/workflows/maven_crosstest.yml
+++ b/.github/workflows/maven_crosstest.yml
@@ -70,6 +70,7 @@ jobs:
build-cross-linux:
needs: cleanup
runs-on: ubuntu-latest
+ timeout-minutes: 10
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
@@ -94,7 +95,8 @@ jobs:
# Use macOS to build its native binaries and package them with the Linux/Windows ones
package-macos:
needs: build-cross-linux
- runs-on: macos-13 # macos-14 does not have Java 8
+ runs-on: macos-15
+ timeout-minutes: 10
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
@@ -102,18 +104,13 @@ jobs:
- name: Set up JDK
uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
with:
- distribution: 'temurin'
- java-version: 8
+ distribution: 'zulu'
+ java-version: 11
+ cache: 'maven'
# these values cause the plugin to set up the Maven settings.xml file
server-id: apache.snapshots.https # Value of the distributionManagement/repository/id field of the pom.xml
server-username: NEXUS_USER # env variable for username in deploy
server-password: NEXUS_PW # env variable for token in deploy
- - uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 #v5.0.3
- with:
- path: ~/.m2/repository
- key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
- restore-keys: |
- ${{ runner.os }}-maven-
- name: Build on macOS
run: |
mvn -V -B -ntp test -DskipTests
@@ -157,19 +154,23 @@ jobs:
standalone:
needs: package-macos
runs-on: ${{ matrix.os }}
+ timeout-minutes: 10
# continue-on-error: ${{ matrix.experimental }}
strategy:
- max-parallel: 20
+ max-parallel: 20
matrix:
include:
- - os: macos-13 # macos-14 does not have Java 8
- java: 8
+ - os: macos-15-intel
+ java: 11
expectedPath: Mac/x86_64
+ - os: macos-15
+ java: 11
+ expectedPath: Mac/aarch64
- os: ubuntu-latest
- java: 8
+ java: 11
expectedPath: Linux/x86_64
- os: windows-latest
- java: 8
+ java: 11
expectedPath: Windows/x86_64
steps:
- name: Checkout code
@@ -185,18 +186,12 @@ jobs:
fail-on-cache-miss: true
- name: Show files
run: ls -l target
- - name: Cache Maven
- uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 #v5.0.3
- with:
- path: ~/.m2/repository
- key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
- restore-keys: |
- ${{ runner.os }}-maven-
- name: Set up JDK ${{ matrix.java }}
uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
with:
- distribution: 'temurin'
+ distribution: 'zulu'
java-version: ${{ matrix.java }}
+ cache: 'maven'
- name: OpenSSL version (default)
run: openssl version -a
- name: OpenSSL engine (macOS)
@@ -214,6 +209,7 @@ jobs:
test-cross-linux:
needs: package-macos
runs-on: ubuntu-latest
+ timeout-minutes: 10
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -234,7 +230,7 @@ jobs:
IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f src/docker/docker-compose-gh.yaml run --quiet-pull crypto-aarch64-gh \
src/docker/test_cross.sh -Ptest-with-jar -DOsInfoTest.expectedPath=Linux/aarch64
- name: Run on riscv64
- # See https://github.com/java-native-access/jna/issues/1557
+ # locked to 5.12.0 - see https://github.com/java-native-access/jna/issues/1557
run: |
IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f src/docker/docker-compose-gh.yaml run --quiet-pull crypto-riscv64-gh \
src/docker/test_cross.sh -Ptest-with-jar -DOsInfoTest.expectedPath=Linux/riscv64 -Djna.version=5.12.0
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
index 3250f5ee3..adbf13995 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -32,7 +32,8 @@ jobs:
analysis:
name: "Scorecards analysis"
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-latest
+ timeout-minutes: 5
permissions:
# Needed to upload the results to the code-scanning dashboard.
security-events: write
diff --git a/pom.xml b/pom.xml
index 1c41a495a..44bf2ddec 100644
--- a/pom.xml
+++ b/pom.xml
@@ -81,7 +81,7 @@ The following provides more details on the included cryptographic software:
Running examples (these are under the test tree, so need test scope):
mvn -q -Dexec.classpathScope=test -Dexec.mainClass=org.apache.commons.crypto.examples.CLASSNAME
where CLASSNAME is CipherByteArrayExample, CipherByteBufferExample, RandomExample, StreamExample
-
+
Additional options
-Djna.debug_load - debug JNA loading
-Dcommons.crypto.debug - add some Commons Crypto debugging
@@ -318,11 +318,12 @@ The following provides more details on the included cryptographic software:
maven-surefire-plugin
/dev/null
+ ${project.build.testOutputDirectory}
${project.build.directory}/${project.artifactId}-${project.version}.jar
-
+
@@ -623,7 +624,7 @@ The following provides more details on the included cryptographic software:
org.junit.jupiter
- junit-jupiter
+ junit-jupiter-api
test