Skip to content

Merge pull request #729 from cryspen/franziskus/mldsa-c-ci #1454

Merge pull request #729 from cryspen/franziskus/mldsa-c-ci

Merge pull request #729 from cryspen/franziskus/mldsa-c-ci #1454

Workflow file for this run

name: ML-KEM
on:
push:
branches: ["main", "dev"]
pull_request:
branches: ["main", "dev", "*"]
workflow_dispatch:
merge_group:
env:
CARGO_TERM_COLOR: always
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
strategy:
fail-fast: false
matrix:
bits: [32, 64]
os:
- macos-13 # Intel mac
- macos-latest # macos-14 m1
- ubuntu-latest
- windows-latest
exclude:
- bits: 32
os: "macos-latest"
- bits: 32
os: "macos-13"
runs-on: ${{ matrix.os }}
defaults:
run:
shell: bash
working-directory: libcrux-ml-kem
steps:
- uses: actions/checkout@v4
- uses: taiki-e/install-action@cargo-hack
- name: Update dependencies
run: cargo update
- run: echo "RUST_TARGET_FLAG=" > $GITHUB_ENV
if: ${{ matrix.bits == 64 }}
- run: echo 'EXCLUDE_FEATURES=--exclude-features simd256' > $GITHUB_ENV
if: ${{ matrix.os == 'macos-latest' }}
- run: echo 'EXCLUDE_FEATURES=--exclude-features simd128' > $GITHUB_ENV
if: ${{ matrix.os != 'macos-latest' }}
- name: πŸ› οΈ Setup Rust Nightly
run: rustup toolchain install nightly
- name: πŸ› οΈ Setup Ubuntu x86
if: ${{ matrix.bits == 32 && matrix.os == 'ubuntu-latest' }}
run: |
rustup target add i686-unknown-linux-gnu
sudo apt-get update
sudo apt-get install -y gcc-multilib g++-multilib
- name: πŸ› οΈ Setup Ubuntu x64
if: ${{ matrix.bits == 64 && matrix.os == 'ubuntu-latest' }}
run: |
rustup target add aarch64-unknown-linux-gnu
# Set up 32 bit systems
- name: πŸ› οΈ Config Windows x86
run: echo "RUST_TARGET_FLAG=--target=i686-pc-windows-msvc" > $GITHUB_ENV
if: ${{ matrix.bits == 32 && matrix.os == 'windows-latest' }}
- name: πŸ› οΈ Config Linux x86
run: |
echo "RUST_TARGET_FLAG=--target=i686-unknown-linux-gnu" > $GITHUB_ENV
if: ${{ matrix.bits == 32 && matrix.os == 'ubuntu-latest' }}
# Build ...
- name: πŸ”¨ Build
run: |
rustc --print=cfg
cargo build --verbose $RUST_TARGET_FLAG
- name: πŸ”¨ Build Release
run: cargo build --verbose --release $RUST_TARGET_FLAG
- name: πŸƒπŸ» Asan MacOS
if: ${{ matrix.os == 'macos-latest' }}
run: RUSTDOCFLAGS=-Zsanitizer=address RUSTFLAGS=-Zsanitizer=address cargo +nightly test --release --target aarch64-apple-darwin
# - name: ⬆ Upload build
# uses: ./.github/actions/upload_artifacts
# with:
# name: build_${{ matrix.os }}_${{ matrix.bits }}
# We get false positives here.
# TODO: Figure out what is going on here
# - name: πŸƒπŸ» Asan Linux
# if: ${{ matrix.bits == 64 && matrix.os == 'ubuntu-latest' }}
# run: RUSTDOCFLAGS=-Zsanitizer=address RUSTFLAGS=-Zsanitizer=address cargo +nightly test --release --target x86_64-unknown-linux-gnu
# Test SHA3
- name: πŸƒπŸ»β€β™€οΈ SHA3 Test
working-directory: libcrux-sha3
run: |
cargo clean
cargo test --verbose $RUST_TARGET_FLAG
- name: πŸƒπŸ»β€β™€οΈ SHA3 Test Release
working-directory: libcrux-sha3
run: |
cargo clean
cargo test --release --verbose $RUST_TARGET_FLAG
- name: πŸƒπŸ»β€β™€οΈ SHA3 Test Portable
working-directory: libcrux-sha3
run: |
cargo clean
LIBCRUX_DISABLE_SIMD128=1 LIBCRUX_DISABLE_SIMD256=1 cargo test --verbose $RUST_TARGET_FLAG
- name: πŸƒπŸ»β€β™€οΈ SHA3 Test Portable Release
working-directory: libcrux-sha3
run: |
cargo clean
LIBCRUX_DISABLE_SIMD128=1 LIBCRUX_DISABLE_SIMD256=1 cargo test --verbose --release $RUST_TARGET_FLAG
# Test ...
- name: πŸƒπŸ»β€β™€οΈ Test
run: |
cargo clean
cargo test --verbose $RUST_TARGET_FLAG
- name: πŸƒπŸ»β€β™€οΈ Test Release
run: |
cargo clean
cargo test --verbose --release $RUST_TARGET_FLAG
- name: πŸƒπŸ»β€β™€οΈ Test Portable
run: |
cargo clean
LIBCRUX_DISABLE_SIMD128=1 LIBCRUX_DISABLE_SIMD256=1 cargo test --verbose $RUST_TARGET_FLAG
- name: πŸƒπŸ»β€β™€οΈ Test Portable Release
run: |
cargo clean
LIBCRUX_DISABLE_SIMD128=1 LIBCRUX_DISABLE_SIMD256=1 cargo test --verbose --release $RUST_TARGET_FLAG
- name: πŸƒπŸ»β€β™€οΈ Test Kyber
run: |
cargo clean
cargo test ,kyber --verbose $RUST_TARGET_FLAG
- name: πŸƒπŸ»β€β™€οΈ Cargo Check Features
if: ${{ matrix.bits == 64 }}
run: |
cargo clean
cargo hack check --feature-powerset $EXCLUDE_FEATURES --verbose --no-dev-deps $RUST_TARGET_FLAG
- name: πŸƒπŸ»β€β™€οΈ Cargo Test Features
if: ${{ matrix.bits == 64 }}
run: |
cargo clean
cargo hack test --each-feature $EXCLUDE_FEATURES --verbose $RUST_TARGET_FLAG
fuzz:
strategy:
fail-fast: false
matrix:
os:
- macos-latest # macos-14 m1
- ubuntu-latest
runs-on: ${{ matrix.os }}
defaults:
run:
shell: bash
working-directory: libcrux-ml-kem
steps:
- uses: actions/checkout@v4
- name: πŸ› οΈ Setup Rust Nightly
run: |
rustup toolchain install nightly
cargo install cargo-fuzz
- name: πŸ› οΈ Update dependencies
run: cargo update
- name: πŸƒπŸ»β€β™€οΈ Decaps
run: CARGO_PROFILE_RELEASE_LTO=false cargo +nightly fuzz run decaps -- -runs=100000
- name: πŸƒπŸ»β€β™€οΈ Encaps
run: CARGO_PROFILE_RELEASE_LTO=false cargo +nightly fuzz run encaps -- -runs=100000
- name: πŸƒπŸ»β€β™€οΈ KeyGen
run: CARGO_PROFILE_RELEASE_LTO=false cargo +nightly fuzz run keygen -- -runs=1000000