Add AWS-LC integration test #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-License-Identifier: Apache-2.0 | |
| name: AWS-LC Integration tests | |
| permissions: | |
| contents: read | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| branches: ["main"] | |
| types: [ "opened", "synchronize" ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| aws_lc_integration_fips: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| system: [ubuntu-latest, pqcp-arm64] | |
| fips: [0,1] | |
| name: AWS-LC FIPS test (${{ matrix.system }}, FIPS=${{ matrix.fips }}) | |
| runs-on: ${{ matrix.system }} | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - uses: ./.github/actions/setup-os | |
| with: | |
| packages: 'cmake' | |
| - uses: ./.github/actions/setup-aws-lc | |
| with: | |
| repository: 'hanno-becker/aws-lc' | |
| commit: 'mlkem_native' | |
| - name: Run importer | |
| run: | | |
| cd $AWSLC_DIR/crypto/fipsmodule/ml_kem | |
| rm -rf mlkem | |
| GITHUB_REPOSITORY=$GITHUB_REPOSITORY GITHUB_SHA=$GITHUB_SHA ./importer.sh | |
| - name: Build+Test AWS-LC (FIPS=${{ matrix.fips }}) | |
| run: | | |
| cd $AWSLC_DIR | |
| mkdir build | |
| cd build | |
| cmake -DFIPS=${{ matrix.fips }} .. | |
| cd .. | |
| cmake --build ./build --target all | |
| cmake --build ./build --target run_tests | |
| aws_lc_integration_posix: | |
| # This is a parallelization of the run_posix_tests.sh script | |
| strategy: | |
| max-parallel: 12 | |
| fail-fast: false | |
| matrix: | |
| system: [ubuntu-latest, pqcp-arm64, macos-latest, macos-13] | |
| test: | |
| - name: Debug mode | |
| flags: -DENABLE_DILITHIUM=ON | |
| - name: Release mode | |
| flags: -DCMAKE_BUILD_TYPE=Release -DENABLE_DILITHIUM=ON | |
| - name: Dilithium disabled | |
| flags: -DENABLE_DILITHIUM=OFF | |
| - name: Small compilation | |
| flags: -DOPENSSL_SMALL=1 -DCMAKE_BUILD_TYPE=Release -DENABLE_DILITHIUM=ON | |
| - name: LibSSL off. | |
| flags: -DBUILD_LIBSSL=OFF -DCMAKE_BUILD_TYPE=Release -DENABLE_DILITHIUM=ON | |
| - name: No-ASM | |
| flags: -DOPENSSL_NO_ASM=1 -DCMAKE_BUILD_TYPE=Release -DENABLE_DILITHIUM=ON | |
| - name: Shared | |
| flags: -DBUILD_SHARED_LIBS=1 -DCMAKE_BUILD_TYPE=Release -DENABLE_DILITHIUM=ON | |
| - name: Pre-Gen ASM | |
| flags: -DDISABLE_PERL=ON -DENABLE_DILITHIUM=ON | |
| - name: DIT | |
| flags: -DENABLE_DATA_INDEPENDENT_TIMING=ON -DCMAKE_BUILD_TYPE=Release -DENABLE_DILITHIUM=ON | |
| name: AWS-LC Posix test (${{ matrix.test.name }}, ${{ matrix.system }}) | |
| runs-on: ${{ matrix.system }} | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - uses: ./.github/actions/setup-os | |
| with: | |
| packages: 'cmake golang' | |
| - uses: ./.github/actions/setup-aws-lc | |
| with: | |
| repository: 'hanno-becker/aws-lc' | |
| commit: 'mlkem_native' | |
| - name: Run importer | |
| run: | | |
| cd $AWSLC_DIR/crypto/fipsmodule/ml_kem | |
| GITHUB_REPOSITORY=$GITHUB_REPOSITORY GITHUB_SHA=$GITHUB_SHA ./importer.sh | |
| - name: Run test | |
| run: | | |
| cd $AWSLC_DIR | |
| source tests/ci/common_posix_setup.sh | |
| build_and_test ${{ matrix.test.flags }} |