mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 13:40:49 +02:00
Add ATECC608 CI tests
Also fix issues found with ATECC608
This commit is contained in:
@@ -0,0 +1,82 @@
|
||||
name: ATECC608 simulator test
|
||||
|
||||
# START OF COMMON SECTION
|
||||
on:
|
||||
push:
|
||||
branches: [ 'master', 'main', 'release/**' ]
|
||||
pull_request:
|
||||
branches: [ '*' ]
|
||||
|
||||
concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
cancel-in-progress: true
|
||||
# END OF COMMON SECTION
|
||||
|
||||
# Build the ATECC608 software simulator (https://github.com/wolfSSL/simulators,
|
||||
# ATECC608Sim/ subdirectory), build wolfSSL against cryptoauthlib + the
|
||||
# simulator's TCP HAL, and run the wolfCrypt ATECC608 test binary against the
|
||||
# simulator.
|
||||
#
|
||||
# The simulator's own Dockerfile.wolfcrypt clones a pinned wolfSSL release.
|
||||
# We patch it to COPY the PR checkout instead so CI reflects the PR's source.
|
||||
# We also strip the inline test.c patch RUN block: those guard fixes now live
|
||||
# upstream in this tree, so re-applying them would fail with "patch target not
|
||||
# found". The remaining sed-based patches in the Dockerfile (atmel.c XMEMSET
|
||||
# swap and atmel_set_slot_allocator visibility) are no-ops on pre-patched
|
||||
# source and their grep validations still pass, so we leave them alone.
|
||||
|
||||
env:
|
||||
SIMULATORS_REF: 773fe70
|
||||
|
||||
jobs:
|
||||
atecc608_sim:
|
||||
name: wolfCrypt against ATECC608 simulator
|
||||
if: github.repository_owner == 'wolfssl'
|
||||
runs-on: ubuntu-24.04
|
||||
timeout-minutes: 30
|
||||
steps:
|
||||
- name: Checkout wolfSSL (PR source)
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
path: wolfssl-src
|
||||
|
||||
- name: Clone ATECC608 simulator
|
||||
run: |
|
||||
git clone https://github.com/wolfSSL/simulators simulators
|
||||
cd simulators && git checkout "$SIMULATORS_REF"
|
||||
|
||||
- name: Stage PR wolfSSL into simulator build context
|
||||
run: mv wolfssl-src simulators/ATECC608Sim/wolfssl
|
||||
|
||||
- name: Patch Dockerfile to use PR wolfSSL and drop redundant test.c patches
|
||||
working-directory: simulators/ATECC608Sim
|
||||
run: |
|
||||
# Replace the (multi-line) `RUN git clone ... wolfssl.git /app/wolfssl`
|
||||
# with a COPY of the PR checkout so CI tests the PR's source.
|
||||
sed -i '/^RUN git clone --branch v5\.9\.1-stable/,/wolfssl\.git \/app\/wolfssl$/c\
|
||||
COPY wolfssl /app/wolfssl' Dockerfile.wolfcrypt
|
||||
# Fail fast if the pattern drifted upstream -- better a clear error
|
||||
# than a CI run that silently tests a stale release.
|
||||
grep -q '^ *COPY wolfssl /app/wolfssl$' Dockerfile.wolfcrypt
|
||||
! grep -q 'git clone .*wolfssl\.git' Dockerfile.wolfcrypt
|
||||
|
||||
# Strip the inline test.c patch RUN block -- those guard fixes now
|
||||
# live upstream in this tree.
|
||||
sed -i "/^RUN python3 - <<'PY'$/,/^PY$/d" Dockerfile.wolfcrypt
|
||||
! grep -q "RUN python3 - <<'PY'" Dockerfile.wolfcrypt
|
||||
|
||||
- uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Build wolfCrypt-ATECC608 test image
|
||||
uses: docker/build-push-action@v5
|
||||
with:
|
||||
context: simulators/ATECC608Sim
|
||||
file: simulators/ATECC608Sim/Dockerfile.wolfcrypt
|
||||
push: false
|
||||
load: true
|
||||
tags: wolfssl-atecc608-sim:ci
|
||||
cache-from: type=gha
|
||||
cache-to: type=gha,mode=max
|
||||
|
||||
- name: Run wolfCrypt tests against simulator
|
||||
run: docker run --rm wolfssl-atecc608-sim:ci
|
||||
@@ -193,8 +193,10 @@ int wolfCrypt_ATECC_SetConfig(ATCAIfaceCfg* cfg)
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* copy configuration into our local struct */
|
||||
XMEMSET(&cfg_ateccx08a_i2c_pi, 0, sizeof(cfg_ateccx08a_i2c_pi));
|
||||
/* Copy whole struct so non-I2C interface unions (e.g. atcacustom function
|
||||
* pointers when iface_type == ATCA_CUSTOM_IFACE) survive. The field-by-
|
||||
* field assignments below then refresh the I2C-specific fields. */
|
||||
XMEMCPY(&cfg_ateccx08a_i2c_pi, cfg, sizeof(cfg_ateccx08a_i2c_pi));
|
||||
cfg_ateccx08a_i2c_pi.iface_type = cfg->iface_type;
|
||||
cfg_ateccx08a_i2c_pi.devtype = cfg->devtype;
|
||||
#ifdef ATCA_ENABLE_DEPRECATED
|
||||
@@ -232,7 +234,7 @@ int atmel_ecc_translate_err(int status)
|
||||
}
|
||||
|
||||
/* Function to set the slotId allocator and deallocator */
|
||||
int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc,
|
||||
WOLFSSL_API int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc,
|
||||
atmel_slot_dealloc_cb dealloc)
|
||||
{
|
||||
#ifndef SINGLE_THREADED
|
||||
|
||||
+14
-7
@@ -36916,7 +36916,8 @@ static wc_test_ret_t ecc_test_curve(WC_RNG* rng, int keySize, int curve_id)
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT) && \
|
||||
!defined(NO_ASN_CRYPT) && !defined(WC_NO_RNG)
|
||||
!defined(NO_ASN_CRYPT) && !defined(WC_NO_RNG) && \
|
||||
!defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
|
||||
ret = ecc_test_key_decode(rng, keySize);
|
||||
if (ret < 0) {
|
||||
if (ret == WC_NO_ERR_TRACE(ECC_CURVE_OID_E)) {
|
||||
@@ -36929,7 +36930,8 @@ static wc_test_ret_t ecc_test_curve(WC_RNG* rng, int keySize, int curve_id)
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT) && !defined(WC_NO_RNG)
|
||||
#if defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT) && !defined(WC_NO_RNG) && \
|
||||
!defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
|
||||
ret = ecc_test_key_gen(rng, keySize);
|
||||
if (ret < 0) {
|
||||
if (ret == WC_NO_ERR_TRACE(ECC_CURVE_OID_E)) {
|
||||
@@ -37379,7 +37381,8 @@ done:
|
||||
#endif /* HAVE_ECC_KEY_IMPORT && HAVE_ECC_KEY_EXPORT */
|
||||
|
||||
#if defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT) && \
|
||||
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
|
||||
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) && \
|
||||
!defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
|
||||
static wc_test_ret_t ecc_mulmod_test(ecc_key* key1)
|
||||
{
|
||||
wc_test_ret_t ret;
|
||||
@@ -37561,8 +37564,10 @@ static wc_test_ret_t ecc_def_curve_test(WC_RNG *rng)
|
||||
#endif
|
||||
TEST_SLEEP();
|
||||
|
||||
#if defined(HAVE_ECC_DHE) && !defined(WOLFSSL_CRYPTOCELL) && \
|
||||
!defined(WOLF_CRYPTO_CB_ONLY_ECC)
|
||||
#if defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG) && \
|
||||
!defined(WOLF_CRYPTO_CB_ONLY_ECC) && !defined(WOLFSSL_ATECC508A) && \
|
||||
!defined(WOLFSSL_ATECC608A) && !defined(PLUTON_CRYPTO_ECC) && \
|
||||
!defined(WOLFSSL_CRYPTOCELL)
|
||||
ret = ecc_ssh_test(key, rng);
|
||||
if (ret < 0)
|
||||
goto done;
|
||||
@@ -37607,13 +37612,15 @@ static wc_test_ret_t ecc_def_curve_test(WC_RNG *rng)
|
||||
goto done;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)
|
||||
#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT) && \
|
||||
!defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
|
||||
ret = ecc_exp_imp_test(key);
|
||||
if (ret < 0)
|
||||
goto done;
|
||||
#endif
|
||||
#if defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT) && \
|
||||
!defined(WOLFSSL_CRYPTOCELL)
|
||||
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_ATECC508A) && \
|
||||
!defined(WOLFSSL_ATECC608A)
|
||||
ret = ecc_mulmod_test(key);
|
||||
if (ret < 0)
|
||||
goto done;
|
||||
|
||||
@@ -100,7 +100,7 @@ void atmel_ecc_free(int slotId);
|
||||
|
||||
typedef int (*atmel_slot_alloc_cb)(int);
|
||||
typedef void (*atmel_slot_dealloc_cb)(int);
|
||||
int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc,
|
||||
WOLFSSL_API int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc,
|
||||
atmel_slot_dealloc_cb dealloc);
|
||||
|
||||
int atmel_ecc_translate_err(int status);
|
||||
|
||||
Reference in New Issue
Block a user