Merge branch 'master' of github.com:ColtonWilley/wolfProvider into wp_rsa_crypt_nopad

Author: ColtonWilley

.github/scripts/check-workflow-result.sh

@@ -0,0 +1,93 @@
+#!/bin/bash
+
+set -e
+
+if [ $# -lt 1 ]; then
+    echo "Usage: $0 <test_result> [WOLFPROV_FORCE_FAIL] [TEST_SUITE]"
+    exit 1
+fi
+
+TEST_RESULT="$1"
+WOLFPROV_FORCE_FAIL="${2:-}"
+TEST_SUITE="${3:-}"
+
+# If force fail is empty treat second arg as test suite
+if [ -z "$WOLFPROV_FORCE_FAIL" ]; then
+    TEST_SUITE="${2:-}"
+fi
+
+if [ "$WOLFPROV_FORCE_FAIL" = "WOLFPROV_FORCE_FAIL=1" ]; then
+    if [ "$TEST_SUITE" = "curl" ]; then
+        # --- curl-specific logic ---
+        if [ -f "tests/test.log" ]; then
+            # Extract and clean the failed test list from the log
+            ACTUAL_FAILS=$(grep -a '^TESTFAIL: These test cases failed:' tests/test.log | sed 's/.*failed: //')
+        else
+            echo "Error: tests/test.log not found"
+            exit 1
+        fi
+
+        # Get curl version from the workflow ref
+        CURL_VERSION="${CURL_REF:-}"
+
+        # Define expected failures based on curl version
+        case "$CURL_VERSION" in
+            "curl-8_4_0")
+                EXPECTED_FAILS="9 31 39 41 44 46 61 64 65 70 71 72 73 88 153 154 158 163 166 167 168 169 170 171 173 186 206 245 246 258 259 273 277 327 335 388 420 444 540 551 552 554 565 579 584 643 645 646 647 648 649 650 651 652 653 654 666 667 668 669 670 671 672 673 977 1001 1002 1030 1053 1060 1061 1071 1072 1079 1095 1105 1133 1136 1151 1155 1158 1160 1161 1186 1187 1189 1190 1191 1192 1193 1194 1195 1196 1198 1199 1229 1284 1285 1286 1293 1315 1404 1412 1415 1418 1437 1568 1903 1905 1916 1917 1964 2024 2026 2027 2028 2030 2058 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 2069 2073 2076 2200 2201 2202 2203 2204 3017 3018"
+                ;;
+            "master")
+                EXPECTED_FAILS="9 31 39 41 44 46 61 64 65 70 71 72 73 88 153 154 158 163 166 167 168 169 170 171 173 186 206 245 246 258 259 273 277 327 335 388 420 444 483 540 551 552 554 565 579 584 643 645 646 647 648 649 650 651 652 653 654 666 667 668 669 670 671 672 673 695 977 1001 1002 1030 1053 1060 1061 1071 1072 1079 1095 1105 1133 1136 1151 1155 1158 1160 1161 1186 1187 1189 1190 1191 1192 1193 1194 1195 1196 1198 1199 1229 1284 1285 1286 1293 1315 1404 1412 1415 1418 1437 1476 1568 1608 1610 1615 1654 1660 1903 1905 1916 1917 1964 2024 2026 2027 2028 2030 2058 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 2069 2073 2076 2200 2201 2202 2203 2204 3017 3018"
+                ;;
+            *)
+                echo "Error: Unknown curl version: $CURL_VERSION"
+                exit 1
+                ;;
+        esac
+
+        # Create temporary files for sorted lists
+        TEMP_DIR=$(mktemp -d)
+        ACTUAL_SORTED="${TEMP_DIR}/actual_sorted.txt"
+        EXPECTED_SORTED="${TEMP_DIR}/expected_sorted.txt"
+
+        # Clean and sort both lists and remove empty lines
+        echo "$ACTUAL_FAILS" | tr ' ' '\n' | grep -v '^$' | sort -n > "$ACTUAL_SORTED"
+        echo "$EXPECTED_FAILS" | tr ' ' '\n' | grep -v '^$' | sort -n > "$EXPECTED_SORTED"
+
+        echo "DEBUG: Sorted actual fails: $(tr '\n' ' ' < "$ACTUAL_SORTED")"
+        echo "DEBUG: Sorted expected fails: $(tr '\n' ' ' < "$EXPECTED_SORTED")"
+
+        # Find missing in actual (in expected but not in actual)
+        MISSING=$(comm -23 "$EXPECTED_SORTED" "$ACTUAL_SORTED" | tr '\n' ' ')
+        # Find extra in actual (in actual but not in expected)
+        EXTRA=$(comm -13 "$EXPECTED_SORTED" "$ACTUAL_SORTED" | tr '\n' ' ')
+
+        # Clean up temporary files
+        rm -rf "$TEMP_DIR"
+
+        echo "Test(s) that should have failed: $MISSING"
+        echo "Test(s) that shouldn't have failed: $EXTRA"
+
+        if [ -z "$MISSING" ] && [ -z "$EXTRA" ]; then
+            echo "PASS: Actual failed tests match expected."
+            exit 0
+        else
+            echo "FAIL: Actual failed tests do not match expected."
+            exit 1
+        fi
+    else
+        # --- generic force-fail logic for other suites ---
+        if [ $TEST_RESULT -eq 0 ]; then
+            echo "Test unexpectedly succeeded with force fail enabled"
+            exit 1 # failure was not seen when expected
+        else
+            echo "Test failed as expected with force fail enabled"
+            exit 0 # expected failure occurred
+        fi
+    fi
+elif [ $TEST_RESULT -ne 0 ]; then
+    echo "Tests failed unexpectedly"
+    exit 1
+else
+    echo "Tests passed successfully"
+    exit 0
+fi

.github/workflows/codespell.yml

@@ -0,0 +1,47 @@
+name: Codespell test
+
+# START OF COMMON SECTION
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+jobs:
+  codespell:
+    name: Check for spelling errors
+    runs-on: ubuntu-22.04
+    timeout-minutes: 5
+    steps:
+      - name: Checkout wolfProvider
+        uses: actions/checkout@v4
+
+      - name: Create exclude file if needed
+        run: |
+          if [ ! -f .codespellexcludelines ]; then
+            touch .codespellexcludelines
+          fi
+
+      - name: Run codespell
+        uses: codespell-project/[email protected]
+        with:
+          check_filenames: true
+          check_hidden: true
+          # Add comma separated list of words that occur multiple times that should be ignored (sorted alphabetically, case sensitive)
+          ignore_words_list: adin,addIn,aNULL,brunch,carryIn,chainG,ciph,cLen,cliKs,dout,emac,haveA,inCreated,inOut,inout,larg,LEAPYEAR,Merget,optionA,parm,parms,repid,rIn,userA,ser,siz,te,Te,toLen
+          # The exclude_file contains lines of code that should be ignored. This is useful for individual lines which have non-words that can safely be ignored.
+          exclude_file: '.codespellexcludelines'
+          # To skip files entirely from being processed, add it to the following list:
+          skip: '*.cproject,*.der,*.mtpj,*.pem,*.vcxproj,.git,*.launch,*.scfg,*.revoked,*.txt'
+
+      - name: Print errors
+        if: ${{ failure() }}
+        run: |
+          if [ -f test-suite.log ] ; then
+            cat test-suite.log
+          fi

.github/workflows/curl.yml

@@ -73,7 +73,11 @@ jobs:
       matrix:
         curl_ref: [ 'master', 'curl-8_4_0' ]
         wolfssl_ref: [ 'master', 'v5.7.4-stable' ]
+        force_fail: ['WOLFPROV_FORCE_FAIL=1', '']
     steps:
+      - name: Checkout wolfProvider
+        uses: actions/checkout@v4
+
       - name: Retrieving OpenSSL from cache
         uses: actions/cache/restore@v4
         id: openssl-cache
@@ -109,13 +113,30 @@ jobs:
           repository: curl/curl
           path: curl
           ref: ${{ matrix.curl_ref }}
-          configure: --with-openssl=$GITHUB_WORKSPACE/openssl-install/
+          configure: --with-openssl
           check: false
 
+      - name: Generate certificates for curl master force-fail tests
+        run: |
+          if [ "${{ matrix.force_fail }}" = "WOLFPROV_FORCE_FAIL=1" ] &&
+             [ "${{ matrix.curl_ref }}" = "master" ]; then
+            cd curl/tests/certs
+            make test-ca.cacert
+            cd ../..
+          fi
       - name: Test curl with wolfProvider
         working-directory: curl
         run: |
+          # Set environment variables
           export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/wolfssl-install/lib:$GITHUB_WORKSPACE/openssl-install/lib64
           export OPENSSL_CONF=$GITHUB_WORKSPACE/provider.conf
           export OPENSSL_MODULES=$GITHUB_WORKSPACE/wolfprov-install/lib
-          make -j $(nproc) test-ci
+          export PKG_CONFIG_PATH=$GITHUB_WORKSPACE/openssl-install/lib64/pkgconfig
+          export ${{ matrix.force_fail }}
+          export CURL_REF=${{ matrix.curl_ref }}
+
+          # Run tests and save output to test.log
+          mkdir -p tests
+          make -j$(nproc) test-ci 2>&1 | tee tests/test.log || true
+          TEST_RESULT=$?
+          $GITHUB_WORKSPACE/.github/scripts/check-workflow-result.sh $TEST_RESULT ${{ matrix.force_fail }} curl

.github/workflows/multi-compiler.yml

@@ -0,0 +1,114 @@
+name: Multi-Compiler Tests
+
+# START OF COMMON SECTION
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+jobs:
+  build_wolfprovider:
+    name: Build with ${{ matrix.CC }}
+    runs-on: ${{ matrix.OS }}
+    timeout-minutes: 20
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - CC: gcc-9
+            CXX: g++-9
+            OS: ubuntu-latest
+            wolfssl_ref: master
+          - CC: gcc-10
+            CXX: g++-10
+            OS: ubuntu-latest
+            wolfssl_ref: master
+          - CC: gcc-10
+            CXX: g++-10
+            OS: ubuntu-latest
+            wolfssl_ref: v5.7.4-stable
+          - CC: gcc-11
+            CXX: g++-11
+            OS: ubuntu-latest
+            wolfssl_ref: master
+          - CC: gcc-12
+            CXX: g++-12
+            OS: ubuntu-latest
+            wolfssl_ref: master
+          - CC: clang-12
+            CXX: clang++-12
+            OS: ubuntu-22.04
+            wolfssl_ref: master
+          - CC: clang-13
+            CXX: clang++-13
+            OS: ubuntu-22.04
+            wolfssl_ref: master
+          - CC: clang-14
+            CXX: clang++-14
+            OS: ubuntu-latest
+            wolfssl_ref: master
+          - CC: clang-15
+            CXX: clang++-15
+            OS: ubuntu-latest
+            wolfssl_ref: master
+    steps:
+      - name: Checkout wolfProvider
+        uses: actions/checkout@v4
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y ${{ matrix.CC }} ${{ matrix.CXX }} automake libtool
+
+      # Check if this version of wolfssl/wolfprovider has already been built,
+      # mark to cache these items on post if we do end up building
+      - name: Checking wolfSSL/wolfProvider in cache
+        uses: actions/cache@v4
+        id: wolfprov-cache
+        with:
+          path: |
+            wolfssl-source
+            wolfssl-install
+            wolfprov-install
+            provider.conf
+
+          key: wolfprov-${{ matrix.wolfssl_ref }}-${{ matrix.CC }}-${{ github.sha }}
+          lookup-only: true
+
+      # If wolfssl/wolfprovider have not yet been built, pull ossl from cache
+      - name: Checking OpenSSL in cache
+        if: steps.wolfprov-cache.outputs.cache-hit != 'true'
+        uses: actions/cache@v4
+        id: openssl-cache
+        with:
+          path: |
+            openssl-source
+            openssl-install
+
+          key: ossl-${{ matrix.CC }}-depends
+
+      # If not yet built this version, build it now
+      - name: Build wolfProvider
+        if: steps.wolfprov-cache.outputs.cache-hit != 'true'
+        env:
+          CC: ${{ matrix.CC }}
+          CXX: ${{ matrix.CXX }}
+        run: |
+          WOLFSSL_TAG=${{ matrix.wolfssl_ref }} ./scripts/build-wolfprovider.sh
+
+      - name: Print errors
+        if: ${{ failure() }}
+        run: |
+          if [ -f test-suite.log ]; then
+            cat test-suite.log
+          fi
+          if [ -f config.log ]; then
+            cat config.log
+          fi
+

.github/workflows/simple.yml

@@ -3,8 +3,7 @@ name: Simple Tests
 # START OF COMMON SECTION
 on:
   push:
-    branches: [ '*' ]
-#    branches: [ 'master', 'main', 'release/**' ]
+    branches: [ 'master', 'main', 'release/**' ]
   pull_request:
     branches: [ '*' ]
 
@@ -14,30 +13,62 @@ concurrency:
 # END OF COMMON SECTION
 
 jobs:
-  make_check:
+  simple_test:
+    name: Simple Test
+    runs-on: ubuntu-22.04
+    timeout-minutes: 20
     strategy:
       matrix:
-        config: [
-          # Add new configs here
-          '',
-          'OPENSSL_TAG=master',
-          'WOLFSSL_TAG=master',
-          'OPENSSL_TAG=master WOLFSSL_TAG=master',
-        ]
-    name: make check
-    runs-on: ubuntu-latest
-    # This should be a safe limit for the tests to run.
-    timeout-minutes: 10
+        build_ref:
+          - ''
+          - 'OPENSSL_TAG=master'
+          - 'WOLFSSL_TAG=master'
+          - 'OPENSSL_TAG=master WOLFSSL_TAG=master'
+        force_fail: ['WOLFPROV_FORCE_FAIL=1', '']
+
     steps:
-      - uses: actions/checkout@v4
-        name: Checkout wolfProvider
+      - name: Checkout wolfProvider
+        uses: actions/checkout@v4
+
+      # Check if this version of wolfssl/wolfprovider has already been built,
+      # mark to cache these items on post if we do end up building
+      - name: Checking wolfSSL/wolfProvider in cache
+        uses: actions/cache@v4
+        id: wolfprov-cache
+        with:
+          path: |
+            wolfssl-source
+            wolfssl-install
+            wolfprov-install
+            provider.conf
+
+          key: wolfprov-${{ matrix.build_ref }}-${{ github.sha }}
+          lookup-only: true
+
+      # If wolfssl/wolfprovider have not yet been built, pull ossl from cache
+      - name: Checking OpenSSL in cache
+        if: steps.wolfprov-${{ matrix.build_ref }}-cache.hit != 'true'
+        uses: actions/cache@v4
+        id: openssl-cache
+        with:
+          path: |
+            openssl-source
+            openssl-install
+
+          key: ossl-depends
+
+      # If not yet built this version, build it now
+      - name: Build wolfProvider
+        if: steps.wolfprov-${{ matrix.build_ref }}-cache.hit != 'true'
+        run: |
+          ${{ matrix.build_ref.openssl }} ${{ matrix.build_ref.wolfssl }} ./scripts/build-wolfprovider.sh
 
-      - name: Test wolfProvider
+      - name: Run simple tests
         run: |
-          ${{ matrix.config }} ./scripts/build-wolfprovider.sh
+          ./scripts/cmd_test/do-cmd-tests.sh ${{ matrix.force_fail }}
 
-      - name: Print errors 
-        if: ${{ failure() }}
+      - name: Print test logs
+        if: always()
         run: |
           if [ -f test-suite.log ] ; then
             cat test-suite.log