-
Notifications
You must be signed in to change notification settings - Fork 62
237 lines (213 loc) · 6.45 KB
/
make-test-swtpm.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
name: WolfTPM Build Tests
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
jobs:
build:
runs-on: ubuntu-latest
steps:
# pull wolfTPM
- uses: actions/checkout@master
# setup wolfssl
- uses: actions/checkout@master
with:
repository: wolfssl/wolfssl
path: wolfssl
- name: wolfssl autogen
working-directory: ./wolfssl
run: ./autogen.sh
- name: wolfssl configure
working-directory: ./wolfssl
run: ./configure --enable-wolftpm --enable-pkcallbacks
- name: wolfssl make install
working-directory: ./wolfssl
run: |
make
sudo make install
# setup ibmswtpm2
- uses: actions/checkout@master
with:
repository: kgoldman/ibmswtpm2
path: ibmswtpm2
- name: ibmswtpm2 make
working-directory: ./ibmswtpm2/src
run: |
make
./tpm_server &
# setup and test defaults (with simulator)
- name: autogen
run: ./autogen.sh
- name: configure
run: ./configure --enable-swtpm
- name: make
run: make
- name: make check
run: |
make check
WOLFSSL_PATH=./wolfssl ./examples/run_examples.sh
- name: make install
run: sudo make install
- name: make dist
run: make dist
# build and test CSharp wrapper
- name: Install mono
run: |
sudo apt-get install -y mono-mcs mono-tools-devel nunit nunit-console
- name: Build CSharp wrapper
working-directory: ./wrapper/CSharp
run: |
mcs wolfTPM.cs wolfTPM-tests.cs -r:/usr/lib/cli/nunit.framework-2.6.3/nunit.framework.dll -t:library
- name: Run self test
working-directory: ./wrapper/CSharp
run: |
LD_LIBRARY_PATH=../../src/.libs/:../../wolfssl/src/.libs/ nunit-console wolfTPM.dll -run=tpm_csharp_test.WolfTPMTest.TrySelfTest
- name: Run unit tests
working-directory: ./wrapper/CSharp
run: |
LD_LIBRARY_PATH=../../src/.libs/:../../wolfssl/src/.libs/ nunit-console wolfTPM.dll
# test no wolfcrypt
- name: configure no wolfCrypt
run: ./configure --enable-swtpm --disable-wolfcrypt
- name: make no wolfCrypt
run: make
- name: make check no wolfCrypt
run: |
make check
WOLFSSL_PATH=./wolfssl WOLFCRYPT_ENABLE=0 ./examples/run_examples.sh
# test no wrapper
- name: configure no wrapper
run: ./configure --enable-swtpm --disable-wrapper
- name: make no wrapper
run: make
- name: make check no wrapper
run: ./examples/native/native_test
# test small stack
- name: configure smallstack
run: ./configure --enable-swtpm --enable-smallstack
- name: make smallstack
run: make
- name: make check smallstack
run: |
make check
WOLFSSL_PATH=./wolfssl ./examples/run_examples.sh
# test tislock
- name: configure tislock
run: ./configure --enable-tislock
- name: make tislock
run: make
# build debug
- name: configure debug
run: ./configure --enable-debug
- name: make debug
run: make
# build verbose
- name: configure debug verbose
run: ./configure --enable-debug=verbose
- name: make debug verbose
run: make
# build io
- name: configure debug io
run: ./configure --enable-debug=io CFLAGS="-DWOLFTPM_DEBUG_TIMEOUT"
- name: make debug io
run: make
# build advio
- name: configure advio
run: ./configure --enable-advio
- name: make debug io
run: make
# build pedantic
- name: configure pedantic
run: ./configure CFLAGS="-Wpedantic"
- name: make pedantic
run: make
# build not provisioning
- name: configure not provisioning
run: ./configure --disable-provisioning
- name: make not provisioning
run: make
# test without ECC
- name: wolfssl no ECC
working-directory: ./wolfssl
run: |
./configure --enable-wolftpm --disable-ecc
make
sudo make install
- name: wolftpm no ECC
run: |
./configure --enable-swtpm
make
make check
WOLFSSL_PATH=./wolfssl WOLFCRYPT_ECC=0 ./examples/run_examples.sh
# test without RSA
- name: wolfssl no RSA
working-directory: ./wolfssl
run: |
./configure --enable-wolftpm --disable-rsa
make
sudo make install
- name: wolftpm no RSA
run: |
./configure --enable-swtpm
make
make check
WOLFSSL_PATH=./wolfssl WOLFCRYPT_RSA=0 ./examples/run_examples.sh
# test with default configure (no AES CFB, no PKCS7, no crpyto cb, no cert gen)
- name: wolfssl default configure
working-directory: ./wolfssl
run: |
./configure CFLAGS="-DWOLFSSL_PUBLIC_MP"
make
sudo make install
- name: wolftpm default configure
run: |
./configure --enable-swtpm
make
make check
WOLFSSL_PATH=./wolfssl WOLFCRYPT_DEFAULT=1 ./examples/run_examples.sh
# test with no filesystem / threading
- name: wolfssl no filesystem
working-directory: ./wolfssl
run: |
./configure --enable-wolftpm --disable-filesystem --enable-singlethreaded
make
sudo make install
- name: wolftpm no filesystem
run: |
./configure --enable-swtpm
make
make check
WOLFSSL_PATH=./wolfssl NO_FILESYSTEM=1 ./examples/run_examples.sh
# test with older wolfCrypt (v4.7.0)
- uses: actions/checkout@master
with:
repository: wolfssl/wolfssl
path: wolfssl-old
ref: v4.7.0-stable
- name: wolfssl old
working-directory: ./wolfssl
run: |
./configure --enable-wolftpm CFLAGS="-DWOLFSSL_PUBLIC_MP -DWOLFSSL_TEST_CERT -DWOLFSSL_KEY_GEN"
make
sudo make install
- name: wolftpm with old wolfssl
# Old wolfSSL before PR #5075 does not support using a public key in place of private key with
# crypto callbacks enabled.
# To use PKCS7 or TLS Server a dummy private key must be used for older wolfSSL versions.
# Use newer wolfSSL TLS client/server to resolve test certificate expirations
run: |
./configure --enable-swtpm
make
make check
WOLFSSL_PATH=./wolfssl NO_PUBASPRIV=1 ./examples/run_examples.sh
# capture logs on failure
- name: Upload failure logs
if: failure()
uses: actions/upload-artifact@v4
with:
name: wolftpm-test-logs
path: |
run.out
test-suite.log
retention-days: 5