wolfHSM support for ML-DSA #90
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: wolfHSM simulator test | |
| on: | |
| push: | |
| branches: [ 'master', 'main', 'release/**' ] | |
| pull_request: | |
| branches: [ '*' ] | |
| workflow_dispatch: | |
| jobs: | |
| wolfhsm_simulator_test: | |
| # Matrix strategy runs all steps below for each config specified. | |
| # This allows testing multiple configurations without duplicating the workflow. | |
| strategy: | |
| matrix: | |
| config: | |
| - name: "Standard wolfHSM" | |
| file: "config/examples/sim-wolfHSM.config" | |
| - name: "wolfHSM ML-DSA" | |
| file: "config/examples/sim-wolfHSM-mldsa.config" | |
| fail-fast: false | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| submodules: true | |
| - name: Workaround for sources.list | |
| run: sudo sed -i 's|http://azure.archive.ubuntu.com/ubuntu/|http://mirror.arizona.edu/ubuntu/|g' /etc/apt/sources.list | |
| - name: Update repository | |
| run: sudo apt-get update | |
| - name: make clean | |
| run: | | |
| make distclean | |
| - name: Select config (${{ matrix.config.name }}) | |
| run: | | |
| cp ${{ matrix.config.file }} .config | |
| - name: Build tools | |
| run: | | |
| make -C tools/keytools && make -C tools/bin-assemble | |
| - name: Build wolfboot.elf | |
| run: | | |
| make clean && make test-sim-internal-flash-with-update | |
| # checkout and build wolfHSM examples repo | |
| - name: Checkout wolfHSM-examples | |
| uses: actions/checkout@v3 | |
| with: | |
| repository: wolfssl/wolfHSM-examples | |
| path: wolfHSM-examples | |
| - name: Build example POSIX TCP server | |
| run: cd wolfHSM-examples/posix/tcp/wh_server_tcp && make WOLFSSL_DIR=../../../../lib/wolfssl WOLFHSM_DIR=../../../../lib/wolfHSM | |
| # Start the server in the background | |
| - name: Run POSIX TCP server | |
| run: | | |
| cd wolfHSM-examples/posix/tcp/wh_server_tcp | |
| ./Build/wh_server_tcp.elf --client 12 --id 255 --key ../../../../wolfboot_signing_private_key_pub.der & | |
| TCP_SERVER_PID=$! | |
| echo "TCP_SERVER_PID=$TCP_SERVER_PID" >> $GITHUB_ENV | |
| # Run the sunny day update test against the server | |
| - name: Run sunny day update test | |
| run: | | |
| tools/scripts/sim-sunnyday-update.sh | |
| # Kill the server if it is still running | |
| - name: Kill POSIX TCP server | |
| if: always() | |
| run: | | |
| kill $TCP_SERVER_PID || true |