From 338534cb65cc87b110de54f7c96f2f5b23e13304 Mon Sep 17 00:00:00 2001 From: Mark Atwood Date: Fri, 17 Apr 2026 15:42:41 -0700 Subject: [PATCH 1/4] ci: add wycheproof vector test job --- .github/workflows/wycheproof.yml | 75 ++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) create mode 100644 .github/workflows/wycheproof.yml diff --git a/.github/workflows/wycheproof.yml b/.github/workflows/wycheproof.yml new file mode 100644 index 0000000000..04cb7242f7 --- /dev/null +++ b/.github/workflows/wycheproof.yml @@ -0,0 +1,75 @@ +name: Wycheproof Vectors + +# START OF COMMON SECTION +on: + push: + branches: [ 'master', 'main', 'release/**' ] + pull_request: + branches: [ '*' ] + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true +# END OF COMMON SECTION + +jobs: + wycheproof: + name: wycheproof vectors + if: github.repository_owner == 'wolfssl' + runs-on: ubuntu-latest + timeout-minutes: 30 + + steps: + - name: Checkout wolfSSL + uses: actions/checkout@v4 + + - name: Build wolfSSL + run: | + autoreconf -i + ./configure \ + --enable-cryptocb \ + --enable-ecc \ + --enable-aesgcm \ + --enable-aesccm \ + --enable-aeseax \ + --enable-aessiv \ + --enable-aesxts \ + --enable-keywrap \ + --enable-siphash \ + --enable-hkdf \ + --enable-mldsa \ + --enable-mlkem \ + --enable-slhdsa \ + --disable-examples + make -j$(nproc) + + - name: Checkout wychcheck + uses: actions/checkout@v4 + with: + repository: wolfSSL/wychcheck + path: wychcheck + + - name: Init wycheproof vectors submodule + working-directory: wychcheck + run: git submodule update --init wycheproof + + - name: Build wolfcrypt-check + working-directory: wychcheck + run: | + cmake -B build -DWOLFSSL_DIR=${{ github.workspace }} + cmake --build build -j$(nproc) + + - name: Run wycheproof tests + working-directory: wychcheck + run: | + ctest --test-dir build \ + --output-on-failure \ + --parallel $(nproc) \ + --output-junit test-results.xml + + - name: Upload test results + if: always() + uses: actions/upload-artifact@v4 + with: + name: wycheproof-results + path: wychcheck/test-results.xml From 055b48f89157cbe6462cad3598de3f0a4b2c7841 Mon Sep 17 00:00:00 2001 From: Mark Atwood Date: Fri, 17 Apr 2026 15:55:49 -0700 Subject: [PATCH 2/4] Update .github/workflows/wycheproof.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/wycheproof.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/wycheproof.yml b/.github/workflows/wycheproof.yml index 04cb7242f7..e480a96309 100644 --- a/.github/workflows/wycheproof.yml +++ b/.github/workflows/wycheproof.yml @@ -5,7 +5,7 @@ on: push: branches: [ 'master', 'main', 'release/**' ] pull_request: - branches: [ '*' ] + branches: [ '**' ] concurrency: group: ${{ github.workflow }}-${{ github.ref }} From 9c6502417aae359f9a30e307b5095fb3fa629721 Mon Sep 17 00:00:00 2001 From: Mark Atwood Date: Fri, 17 Apr 2026 15:56:31 -0700 Subject: [PATCH 3/4] Update .github/workflows/wycheproof.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/wycheproof.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/wycheproof.yml b/.github/workflows/wycheproof.yml index e480a96309..5f3b7589d6 100644 --- a/.github/workflows/wycheproof.yml +++ b/.github/workflows/wycheproof.yml @@ -47,6 +47,7 @@ jobs: uses: actions/checkout@v4 with: repository: wolfSSL/wychcheck + ref: ${{ vars.WYCHCHECK_REF }} path: wychcheck - name: Init wycheproof vectors submodule From 2d7c9a4f7b821ff8d29049ed1453f5daa49d28fb Mon Sep 17 00:00:00 2001 From: Mark Atwood Date: Fri, 17 Apr 2026 15:56:44 -0700 Subject: [PATCH 4/4] Update .github/workflows/wycheproof.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/wycheproof.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/wycheproof.yml b/.github/workflows/wycheproof.yml index 5f3b7589d6..61a622ddff 100644 --- a/.github/workflows/wycheproof.yml +++ b/.github/workflows/wycheproof.yml @@ -52,7 +52,7 @@ jobs: - name: Init wycheproof vectors submodule working-directory: wychcheck - run: git submodule update --init wycheproof + run: git submodule update --init --depth 1 wycheproof - name: Build wolfcrypt-check working-directory: wychcheck