Skip to content

wolfHSM support for ML-DSA #79

wolfHSM support for ML-DSA

wolfHSM support for ML-DSA #79

name: wolfHSM simulator test
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
workflow_dispatch:
jobs:
wolfhsm_simulator_test:
# Matrix strategy runs all steps below for each config specified.
# This allows testing multiple configurations without duplicating the workflow.
strategy:
matrix:
config:
- name: "Standard wolfHSM"
file: "config/examples/sim-wolfHSM.config"
- name: "wolfHSM ML-DSA"
file: "config/examples/sim-wolfHSM-mldsa.config"
fail-fast: false
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
submodules: true
- name: Workaround for sources.list
run: sudo sed -i 's|http://azure.archive.ubuntu.com/ubuntu/|http://mirror.arizona.edu/ubuntu/|g' /etc/apt/sources.list
- name: Update repository
run: sudo apt-get update
- name: make clean
run: |
make distclean
- name: Select config (${{ matrix.config.name }})
run: |
cp ${{ matrix.config.file }} .config
- name: Build tools
run: |
make -C tools/keytools && make -C tools/bin-assemble
- name: Build wolfboot.elf
run: |
make clean && make test-sim-internal-flash-with-update
# checkout and build wolfHSM examples repo
- name: Checkout wolfHSM-examples
uses: actions/checkout@v3
with:
repository: wolfssl/wolfHSM-examples
path: wolfHSM-examples
- name: Build example POSIX TCP server
run: cd wolfHSM-examples/posix/tcp/wh_server_tcp && make WOLFSSL_DIR=../../../../lib/wolfssl WOLFHSM_DIR=../../../../lib/wolfHSM
# Start the server in the background
- name: Run POSIX TCP server
run: |
cd wolfHSM-examples/posix/tcp/wh_server_tcp
./Build/wh_server_tcp.elf --client 12 --id 255 --key ../../../../wolfboot_signing_private_key_pub.der &
TCP_SERVER_PID=$!
echo "TCP_SERVER_PID=$TCP_SERVER_PID" >> $GITHUB_ENV
# Run the sunny day update test against the server
- name: Run sunny day update test
run: |
tools/scripts/sim-sunnyday-update.sh
# Kill the server if it is still running
- name: Kill POSIX TCP server
if: always()
run: |
kill $TCP_SERVER_PID || true