Sync to wolfsm version

gojimmypi · gojimmypi · commit cdcd4570cd46 · 2025-09-22T16:20:56.000-07:00
diff --git a/.github/workflows/sm-cipher.yml b/.github/workflows/sm-cipher.yml
@@ -23,17 +23,13 @@ on:
     branches: [ '**', 'master', 'main', 'release/**' ]
     paths:
       - '.github/workflows/sm-cipher.yml'
-      - 'src/**'
-      - 'wolfcrypt/**'
-      - 'wolfssl/**'
+      - './**'
   pull_request:
     # Run after merge on protected branches
     branches: [ "main", "master", "release/**" ]
     paths:
       - '.github/workflows/sm-cipher.yml'
-      - 'src/**'
-      - 'wolfcrypt/**'
-      - 'wolfssl/**'
+      - './**'
   workflow_dispatch:
 
 concurrency:
@@ -43,7 +39,6 @@ concurrency:
 
 jobs:
   build:
-    # TODO:
     # if: github.repository_owner == 'wolfssl'
     runs-on: ubuntu-latest
     env:
@@ -74,10 +69,13 @@ jobs:
 
           echo "GITHUB_ENV=$GITHUB_ENV"
 
+          git status
+
           echo "contents..."
           # typically "/home/runner/work/wolfssl/wolfssl" contains wolfssl source
           pwd
           ls
+          # ** END ** Set job environment variables
 
       - name: Get wolfsm
         run: |
@@ -140,119 +138,57 @@ jobs:
           pwd
           ls
 
-          # Done with install wolfsm
+          # ** END ** Install wolfsm
 
       - name: Compile wolfssl
         run: |
           # Compile fresh wolfSSL with wolfsm code
 
           # We're already in $WOLFSSL_ROOT
-
           echo "Current directory:           $PWD"
 
           ./autogen.sh
           ./configure --enable-sm3 --enable-sm4-ecb --enable-sm4-cbc --enable-sm4-ctr --enable-sm4-gcm --enable-sm4-ccm --enable-sm2
           make
-          # Done with compile wolfssl
 
-      - name: Test SM wolfcrypt
-        shell: bash
+          # ** END ** Compile wolfssl
+
+      - name: make check
         run: |
-          # Run client / server tests from cloned wolfssl directory
+          # make check
 
-          cd "$WOLFSSL_ROOT"
+          # We're already in $WOLFSSL_ROOT
           echo "Current directory:           $PWD"
 
-          set -euo pipefail
+          make check
 
-          ./wolfcrypt/test/testwolfcrypt
+          # ** END ** make check
 
-      - name: Run SM benchmark
-        shell: bash
+      - name: Unit test
         run: |
-          # Run client / server tests from cloned wolfssl directory
+          # Run unit.test ./tests/test-sm2.conf
 
-          cd "$WOLFSSL_ROOT"
+          # We're already in $WOLFSSL_ROOT
           echo "Current directory:           $PWD"
 
-          set -euo pipefail
+          echo "looking for test-sm2.conf"
+          ls ./tests/test-sm2.conf
 
-          ./wolfcrypt/benchmark/benchmark
+          echo "Run unit test: ./tests/unit.test ./tests/test-sm2.conf"
+          ./tests/unit.test ./tests/test-sm2.conf
+
+          # ** END ** Unit test
 
-      - name: Test SM client/server (TLS 1.2 and 1.3)
+      - name: Run SM benchmark
         shell: bash
         run: |
-          # Run client / server tests from cloned wolfssl directory
+          # Run benchmark from cloned wolfssl directory
 
-          cd "$WOLFSSL_ROOT"
+          # We're already in $WOLFSSL_ROOT
           echo "Current directory:           $PWD"
 
           set -euo pipefail
 
-          # Parameterized cases
-          cases=(
-            "-v 3 -l ECDHE-ECDSA-SM4-CBC-SM3"
-            "-v 3 -l ECDHE-ECDSA-SM4-GCM-SM3"
-            "-v 3 -l ECDHE-ECDSA-SM4-CCM-SM3"
-            "-v 4 -l TLS13-SM4-GCM-SM3"
-            "-v 4 -l TLS13-SM4-CCM-SM3 "
-          )
-
-          srv_bin=./examples/server/server
-          cli_bin=./examples/client/client
-
-          srv_cert=./certs/sm2/server-sm2.pem
-          srv_key=./certs/sm2/server-sm2-priv.pem
-          cli_cert=./certs/sm2/client-sm2.pem
-          cli_key=./certs/sm2/client-sm2-priv.pem
-          ca_root=./certs/sm2/root-sm2.pem
-
-          # Use an explicit port so we can start/stop cleanly
-          port=11111
-
-          # Ensure background server is cleaned up even on failure
-          cleanup() { pkill -P $$ >/dev/null 2>&1 || true; }
-          trap cleanup EXIT
-
-          for args in "${cases[@]}"; do
-            echo "=== Testing ${args} on port ${port} ==="
-
-            # Start server in background; capture PID
-            "${srv_bin}" ${args} \
-              -c "${srv_cert}" -k "${srv_key}" \
-              -A "${cli_cert}" -V \
-              -p "${port}" &
-            srv_pid=$!
-
-            # Wait briefly for the server to listen
-            if command -v ss >/dev/null 2>&1; then
-              for _ in {1..40}; do
-                ss -ltn | grep -q ":${port} " && break
-                echo "Waiting for server on port ${port} ..."
-                sleep 0.25
-              done
-            else
-              sleep 2
-            fi
-
-            # Run client with timeout so CI does not hang
-            set +e
-            timeout 60s "${cli_bin}" ${args}       \
-                        -h 127.0.0.1 -p "${port}"  \
-                        -c "${cli_cert}"           \
-                        -k "${cli_key}"            \
-                        -A "${ca_root}" -C
-            rc=$?
-            set -e
-
-            # Graceful shutdown: only kill if still running; keep quiet
-            if kill -0 "${srv_pid}" >/dev/null 2>&1; then
-              kill "${srv_pid}" # >/dev/null 2>&1 || true
-            fi
-            wait "${srv_pid}"   # >/dev/null 2>&1 || true
-
-            if [ ${rc} -ne 0 ]; then
-              echo "Client failed for: ${args} (rc=${rc})"
-              exit ${rc}
-            fi
-          done
+          ./wolfcrypt/benchmark/benchmark
+
+          # ** END ** un SM benchmark
