Introduce sm-cipher workflow tests to wolfssl

[gojimmypi]

Description

This PR introduces SM ShangMi cipher tests in GitHub workflow for the wolfssl repo.

The SM TLS 1.3 is currently not working properly; Thus this PR can be merged as-is to show that, or wait until #9175 is merged. I could also temporarily disable the TLS 1.3 tests in this PR.

See sample action history: https://github.com/gojimmypi/wolfssl/actions/workflows/sm-cipher.yml

(failing as expected on current pr-sm-cipher-test but working on espressif-latest-debug with the needed #9175 patch)

See also:

• wolfSSL 1 FAIL at Raspberry Pi 4 Model B #9169
• SM2 TLS1.3: Fix certificate verify #9175
• Add SM Cipher certificate test header: certs_test_sm.h #6825
• Introduce sm-cipher workflow tests to wolfsm wolfsm#28
• Add SM3 in wolfSSL_HmacCopy #9190
• [Bug]: SM3 HMAC fails when using the EVP_DigestSign APIs because wolfSSL_HmacCopy doesn't consider SM3 #9187

I also have a WIP wolfsm companion SM Cipher Test (2 of 2) test. See sample for that. Update: merged in wolfsm #28

SM tests are currently failing there in the wolfsm repo as I do not manually apply the needed patch from #9175 . (merged)

Update: Example GitHub Actions Output:

• https://github.com/wolfSSL/wolfssl/actions/runs/17931183074/job/50988532573
• https://github.com/gojimmypi/wolfssl/actions/runs/17931182325/job/50988530803

Fixes zd# n/a

Testing

Tested on my branches:

• https://github.com/gojimmypi/wolfssl/actions/workflows/sm-cipher.yml
• https://github.com/gojimmypi/wolfsm/actions/workflows/sm-cipher.yml

Checklist

• added tests
• updated/added doxygen
• updated appropriate READMEs
• Updated manual and documentation

[JacobBarthelmeh]

@gojimmypi does this need rebased after the SM fix was merged? I manually clicked to re-run the SM GitHub action test and it failed at the same location.

[gojimmypi]

Hi @JacobBarthelmeh - yes, the new sm-cipher.yml workflow needs #9175 in order to run successfully.

Now that it is merged, I've refreshed from upstream and confirmed the new test runs successfully in this PR.

[gojimmypi]

Jenkins retest this please.

For org.jenkinsci.plugins.workflow.support.steps.AgentOfflineException: Unable to create live FilePath for wolf-linux-cloud-node-[n]; wolf-linux-cloud-node-[n] was marked offline: Connection was broken

[gojimmypi]

The SM Cipher test over in wolfsm repo should be nearly identical to this one.

After code review there, I've updated the sm-cipher.yml in this PR with those changes.

[gojimmypi]

Jenkins retest this please

For StreamCorruptedException: invalid stream header: 636F7272
at java.base/java.io.ObjectInputStream.readStreamHeader(ObjectInputStream.java:958)

[dgarske]

Fix comment... Arduino is not part of this test.

[dgarske]

Same issue with other sm-cipher.yml. https://github.com/wolfSSL/wolfsm/blob/master/.github/workflows/sm-cipher.yml#L3C33-L3C40

[dgarske]

Why do we need a sm-cipher test in wolfSSL and also in wolfSM? Why duplicated? I recommend only having the one in wolfsm and adding rules to run automatically on schedule. https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows#schedule

[wolfSSL-Bot]

Can one of the admins verify this patch?

[JacobBarthelmeh]

Closed since tests are added here #9795