purecrypto 0.6.13

name: CI

on:
  push:
    branches: [master]
  pull_request:

permissions:
  contents: read

env:
  CARGO_TERM_COLOR: always

jobs:
  test:
    name: Test & lint (${{ matrix.os }})
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        os: [ubuntu-latest, windows-latest, macos-latest]
    steps:
      - uses: actions/checkout@v6

      - name: Install Rust
        uses: dtolnay/rust-toolchain@stable
        with:
          components: rustfmt, clippy

      - name: Cache
        uses: Swatinem/rust-cache@v2
        with:
          key: ${{ matrix.os }}

      - name: Format
        if: runner.os == 'Linux' # formatting is platform-independent
        run: cargo fmt --all --check

      - name: Clippy (all features, warnings denied)
        run: cargo clippy --all-targets --all-features -- -D warnings

      - name: Test (all features)
        run: cargo test --all-features

  no_std:
    name: no_std builds (${{ matrix.target }})
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        # thumbv7em-none-eabi is a 32-bit bare-metal target: it catches both
        # accidental `std` dependencies and 64-bit-only arithmetic (e.g.
        # `usize` shifts that overflow when `usize` is 32 bits wide).
        target: [x86_64-unknown-linux-gnu, thumbv7em-none-eabi]
    steps:
      - uses: actions/checkout@v6

      - name: Install Rust
        uses: dtolnay/rust-toolchain@stable
        with:
          targets: ${{ matrix.target }}

      - name: Cache
        uses: Swatinem/rust-cache@v2
        with:
          key: ${{ matrix.target }}

      - name: Build bare no_std (no default features)
        run: cargo build --target ${{ matrix.target }} --no-default-features

      - name: Build no_std with all module features
        run: cargo build --target ${{ matrix.target }} --no-default-features --features bignum,hash,cipher,kdf

      # `ec` + `der` without `x509`: regression guard for the SM2 SPKI codecs,
      # which must not reach into the `x509`-gated `oid` module.
      - name: Build ec + der without x509
        run: cargo build --target ${{ matrix.target }} --no-default-features --features ec,der

  c_abi:
    name: C ABI smoke test
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6

      - name: Install Rust
        uses: dtolnay/rust-toolchain@stable

      - name: Cache
        uses: Swatinem/rust-cache@v2

      - name: Build the C library (static + shared)
        run: |
          cargo rustc --lib --release --features ffi --crate-type staticlib
          cargo rustc --lib --release --features ffi --crate-type cdylib

      - name: Compile and run the C smoke tests
        run: |
          cc tests/ffi_smoke.c -I include target/release/libpurecrypto.a \
             -lpthread -ldl -lm -o ffi_smoke
          ./ffi_smoke
          cc tests/ffi_tls_smoke.c -I include target/release/libpurecrypto.a \
             -lpthread -ldl -lm -o ffi_tls_smoke
          ./ffi_tls_smoke
          cc tests/ffi_dtls_smoke.c -I include target/release/libpurecrypto.a \
             -lpthread -ldl -lm -o ffi_dtls_smoke
          ./ffi_dtls_smoke
          cc tests/ffi_quic_smoke.c -I include target/release/libpurecrypto.a \
             -lpthread -ldl -lm -o ffi_quic_smoke
          ./ffi_quic_smoke

  docs:
    name: Docs build (warnings denied)
    runs-on: ubuntu-latest
    env:
      RUSTDOCFLAGS: -D warnings -D rustdoc::broken-intra-doc-links
    steps:
      - uses: actions/checkout@v6

      - name: Install Rust
        uses: dtolnay/rust-toolchain@stable

      - name: Cache
        uses: Swatinem/rust-cache@v2

      - name: cargo doc --no-deps --all-features
        run: cargo doc --no-deps --all-features