|
| 1 | +# SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT |
| 2 | + |
| 3 | +name: 'Custom config tests' |
| 4 | +description: 'Build and test mldsa-native with various custom configs' |
| 5 | +inputs: |
| 6 | + gh_token: |
| 7 | + description: 'GitHub token' |
| 8 | + required: true |
| 9 | + tests: |
| 10 | + description: 'List of tests to run (space-separated IDs) or "all" for all tests. Available IDs: pct-enabled, pct-enabled-broken, custom-zeroize, no-asm, custom-randombytes, custom-memcpy, custom-memset, custom-stdlib' |
| 11 | + required: false |
| 12 | + default: 'all' |
| 13 | + opt: |
| 14 | + description: 'Optimization level to pass to multi-functest' |
| 15 | + required: false |
| 16 | + default: 'all' |
| 17 | +runs: |
| 18 | + using: 'composite' |
| 19 | + steps: |
| 20 | + - name: "PCT enabled" |
| 21 | + if: ${{ inputs.tests == 'all' || contains(inputs.tests, 'pct-enabled') }} |
| 22 | + uses: ./.github/actions/multi-functest |
| 23 | + with: |
| 24 | + gh_token: ${{ inputs.gh_token }} |
| 25 | + compile_mode: native |
| 26 | + cflags: "-DMLD_CONFIG_KEYGEN_PCT -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all" |
| 27 | + func: true |
| 28 | + kat: true |
| 29 | + acvp: true |
| 30 | + opt: ${{ inputs.opt }} |
| 31 | + examples: true |
| 32 | + - name: "PCT enabled + broken" |
| 33 | + if: ${{ inputs.tests == 'all' || contains(inputs.tests, 'pct-enabled-broken') }} |
| 34 | + shell: bash |
| 35 | + run: | |
| 36 | + make clean |
| 37 | + CFLAGS='-DMLD_CONFIG_FILE=\"../test/break_pct_config.h\"' make func -j4 |
| 38 | + # PCT breakage is done at runtime via MLD_BREAK_PCT |
| 39 | + make run_func # Should be OK |
| 40 | + MLD_BREAK_PCT=0 make run_func # Should be OK |
| 41 | + if (MLD_BREAK_PCT=1 make run_func 2>&1 >/dev/null); then |
| 42 | + echo "PCT failure expected" |
| 43 | + exit 1 |
| 44 | + else |
| 45 | + echo "PCT failed as expected" |
| 46 | + fi |
| 47 | + - name: "Custom zeroization (explicit_bzero)" |
| 48 | + if: ${{ inputs.tests == 'all' || contains(inputs.tests, 'custom-zeroize') }} |
| 49 | + uses: ./.github/actions/multi-functest |
| 50 | + with: |
| 51 | + gh_token: ${{ inputs.gh_token }} |
| 52 | + compile_mode: native |
| 53 | + cflags: "-std=c11 -D_GNU_SOURCE -DMLD_CONFIG_FILE=\\\\\\\"../test/custom_zeroize_config.h\\\\\\\" -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all" |
| 54 | + func: true |
| 55 | + kat: true |
| 56 | + acvp: true |
| 57 | + opt: ${{ inputs.opt }} |
| 58 | + examples: false # Some examples use a custom config themselves |
| 59 | + - name: "No ASM" |
| 60 | + if: ${{ inputs.tests == 'all' || contains(inputs.tests, 'no-asm') }} |
| 61 | + uses: ./.github/actions/multi-functest |
| 62 | + with: |
| 63 | + gh_token: ${{ inputs.gh_token }} |
| 64 | + compile_mode: native |
| 65 | + cflags: "-std=c11 -D_GNU_SOURCE -DMLD_CONFIG_FILE=\\\\\\\"../test/no_asm_config.h\\\\\\\" -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all" |
| 66 | + func: true |
| 67 | + kat: true |
| 68 | + acvp: true |
| 69 | + opt: ${{ inputs.opt }} |
| 70 | + examples: false # Some examples use a custom config themselves |
| 71 | + - name: "Custom randombytes" |
| 72 | + if: ${{ inputs.tests == 'all' || contains(inputs.tests, 'custom-randombytes') }} |
| 73 | + uses: ./.github/actions/multi-functest |
| 74 | + with: |
| 75 | + gh_token: ${{ inputs.gh_token }} |
| 76 | + compile_mode: native |
| 77 | + cflags: "-std=c11 -D_GNU_SOURCE -DMLD_CONFIG_FILE=\\\\\\\"../test/custom_randombytes_config.h\\\\\\\" -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all" |
| 78 | + func: true |
| 79 | + kat: true |
| 80 | + acvp: true |
| 81 | + opt: ${{ inputs.opt }} |
| 82 | + examples: false # Some examples use a custom config themselves |
| 83 | + - name: "Custom memcpy" |
| 84 | + if: ${{ inputs.tests == 'all' || contains(inputs.tests, 'custom-memcpy') }} |
| 85 | + uses: ./.github/actions/multi-functest |
| 86 | + with: |
| 87 | + gh_token: ${{ inputs.gh_token }} |
| 88 | + compile_mode: native |
| 89 | + cflags: "-std=c11 -D_GNU_SOURCE -DMLD_CONFIG_FILE=\\\\\\\"../test/custom_memcpy_config.h\\\\\\\" -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all" |
| 90 | + func: true |
| 91 | + kat: true |
| 92 | + acvp: true |
| 93 | + opt: ${{ inputs.opt }} |
| 94 | + examples: false # Some examples use a custom config themselves |
| 95 | + - name: "Custom memset" |
| 96 | + if: ${{ inputs.tests == 'all' || contains(inputs.tests, 'custom-memset') }} |
| 97 | + uses: ./.github/actions/multi-functest |
| 98 | + with: |
| 99 | + gh_token: ${{ inputs.gh_token }} |
| 100 | + compile_mode: native |
| 101 | + cflags: "-std=c11 -D_GNU_SOURCE -DMLD_CONFIG_FILE=\\\\\\\"../test/custom_memset_config.h\\\\\\\" -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all" |
| 102 | + func: true |
| 103 | + kat: true |
| 104 | + acvp: true |
| 105 | + opt: ${{ inputs.opt }} |
| 106 | + examples: false # Some examples use a custom config themselves |
| 107 | + - name: "Custom stdlib (memcpy + memset)" |
| 108 | + if: ${{ inputs.tests == 'all' || contains(inputs.tests, 'custom-stdlib') }} |
| 109 | + uses: ./.github/actions/multi-functest |
| 110 | + with: |
| 111 | + gh_token: ${{ inputs.gh_token }} |
| 112 | + compile_mode: native |
| 113 | + cflags: "-std=c11 -D_GNU_SOURCE -DMLD_CONFIG_FILE=\\\\\\\"../test/custom_stdlib_config.h\\\\\\\" -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all" |
| 114 | + func: true |
| 115 | + kat: true |
| 116 | + acvp: true |
| 117 | + opt: ${{ inputs.opt }} |
| 118 | + examples: false # Some examples use a custom config themselves |
0 commit comments