Add ML-DSA (FIPS 204) support to PKCS#7/CMS SignedData per RFC 9882 #208
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: No Malloc Tests | |
| # START OF COMMON SECTION | |
| on: | |
| push: | |
| branches: [ 'release/**' ] | |
| pull_request: | |
| types: [opened, synchronize, reopened, ready_for_review] | |
| branches: [ '*' ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # END OF COMMON SECTION | |
| jobs: | |
| # All former runner-per-config matrix entries build on one runner via | |
| # .github/scripts/parallel-make-check.py (see os-check.yml for the full | |
| # pattern): each config builds in its own out-of-tree ("VPATH") build | |
| # directory off one checkout/autogen, on a pool of one-per-CPU worker | |
| # threads, longest first. | |
| make_check: | |
| name: make check | |
| if: ${{ (github.repository_owner == 'wolfssl') && (github.event_name != 'pull_request' || github.event.pull_request.draft == false) }} | |
| runs-on: ubuntu-24.04 | |
| # Generous for a cold ccache; warm reruns finish in a fraction. | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| name: Checkout wolfSSL | |
| - name: Install dependencies | |
| uses: ./.github/actions/install-apt-deps | |
| with: | |
| packages: autoconf automake libtool build-essential | |
| # ccache via the cross-platform composite; the script passes the | |
| # compiler to configure as CC="ccache gcc" (or a per-config "cc"). | |
| - name: Set up ccache | |
| uses: ./.github/actions/ccache-setup | |
| with: | |
| workflow-id: no-malloc | |
| max-size: 100M | |
| # The JSON list below is the former runner-per-config matrix. These | |
| # configs never ran the TLS check phase - just the build plus | |
| # testwolfcrypt - hence "check": false with an explicit "run". | |
| - name: Build all configs (parallel, out-of-tree) | |
| run: | | |
| cat > "$RUNNER_TEMP/no-malloc-configs.json" <<'EOF' | |
| [ | |
| {"name": "rsa-keygen", "minutes": 0.8, | |
| "configure": ["--enable-rsa", "--enable-keygen", "--disable-dh", | |
| "CFLAGS=-DWOLFSSL_NO_MALLOC -DRSA_MIN_SIZE=1024 -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"], | |
| "check": false, | |
| "run": [["./wolfcrypt/test/testwolfcrypt"]]}, | |
| {"name": "pk-mlkem", "minutes": 0.8, | |
| "configure": ["--enable-ecc", "--enable-rsa", "--enable-keygen", | |
| "--enable-ed25519", "--enable-curve25519", "--enable-ed448", | |
| "--enable-curve448", "--enable-mlkem", | |
| "CFLAGS=-DWOLFSSL_NO_MALLOC -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"], | |
| "check": false, | |
| "run": [["./wolfcrypt/test/testwolfcrypt"]]}, | |
| {"name": "pk-mlkem-staticmemory", "minutes": 0.8, | |
| "configure": ["--enable-ecc", "--enable-rsa", "--enable-keygen", | |
| "--enable-ed25519", "--enable-curve25519", "--enable-ed448", | |
| "--enable-curve448", "--enable-mlkem", "--enable-staticmemory", | |
| "CFLAGS=-DWOLFSSL_NO_MALLOC -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"], | |
| "check": false, | |
| "run": [["./wolfcrypt/test/testwolfcrypt"]]} | |
| ] | |
| EOF | |
| .github/scripts/parallel-make-check.py \ | |
| "$RUNNER_TEMP/no-malloc-configs.json" | |
| - name: ccache stats | |
| if: always() | |
| run: ccache -s || true | |
| - name: Upload logs on failure | |
| if: failure() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: no-malloc-logs | |
| path: | | |
| build-*/make-check.log | |
| build-*/test-suite.log | |
| build-*/config.log | |
| if-no-files-found: ignore |