Attempt test fix for wolfHSM regressions

danielinux · danielinux · commit 18f5c9bad560 · 2026-03-19T16:29:05.000+01:00
diff --git a/.github/workflows/test-wolfhsm-simulator.yml b/.github/workflows/test-wolfhsm-simulator.yml
@@ -18,31 +18,37 @@ jobs:
             file: "config/examples/sim-wolfHSM-client-ecc.config"
             needs_posix_server: true
             posix_server_nvminit: false
+            posix_server_keyfile: false
             needs_nvm_image: false
           - name: "wolfHSM client ML-DSA"
             file: "config/examples/sim-wolfHSM-client-mldsa.config"
             needs_posix_server: true
             posix_server_nvminit: false
+            posix_server_keyfile: false
             needs_nvm_image: false
           - name: "wolfHSM client cert chain verify ECC"
             file: "config/examples/sim-wolfHSM-client-certchain-ecc.config"
             needs_posix_server: true
             posix_server_nvminit: true
+            posix_server_keyfile: false
             needs_nvm_image: false
           - name: "wolfHSM client cert chain verify RSA4096"
             file: "config/examples/sim-wolfHSM-client-certchain-rsa4096.config"
             needs_posix_server: true
             posix_server_nvminit: true
+            posix_server_keyfile: false
             needs_nvm_image: false
           - name: "wolfHSM server cert chain verify ECC"
             file: "config/examples/sim-wolfHSM-server-certchain-ecc.config"
             needs_posix_server: false
             posix_server_nvminit: false
+            posix_server_keyfile: false
             needs_nvm_image: true
           - name: "wolfHSM server cert chain verify RSA4096"
             file: "config/examples/sim-wolfHSM-server-certchain-rsa4096.config"
             needs_posix_server: false
             posix_server_nvminit: false
+            posix_server_keyfile: false
             needs_nvm_image: true
 
       fail-fast: false
@@ -132,9 +138,11 @@ jobs:
             tmpfile=$(mktemp)
             echo "obj 1 0xFFFF 0x0000 \"cert CA\" ../../../../../test-dummy-ca/root-cert.der" >> $tmpfile
             ./Build/wh_posix_server.elf --type tcp --nvminit $tmpfile &
-          else
+          elif [ "${{ matrix.config.posix_server_keyfile }}" = "true" ]; then
             # --flags=0x100 sets the WH_NVM_FLAGS_USAGE_VERIFY flag
             ./Build/wh_posix_server.elf --type tcp --client 12 --id 255 --flags 0x100 --key ../../../../../wolfboot_signing_private_key_pub.der &
+          else
+            ./Build/wh_posix_server.elf --type tcp &
           fi
           TCP_SERVER_PID=$!
           echo "TCP_SERVER_PID=$TCP_SERVER_PID" >> $GITHUB_ENV
diff --git a/config/examples/sim-wolfHSM-client-ecc.config b/config/examples/sim-wolfHSM-client-ecc.config
@@ -25,7 +25,7 @@ WOLFHSM_CLIENT=1
 
 # Uncomment the following to use wolfHSM ephemeral keys from the keystore
 # for image auth
-#WOLFHSM_CLIENT_LOCAL_KEYS=1
+WOLFHSM_CLIENT_LOCAL_KEYS=1
 
 # Uncomment for verbose wolfHSM printf statements
 #CFLAGS_EXTRA+=-DDEBUG_CRYPTOCB -DDEBUG_CRYPTOCB_VERBOSE
diff --git a/config/examples/sim-wolfHSM-client-mldsa.config b/config/examples/sim-wolfHSM-client-mldsa.config
@@ -46,7 +46,7 @@ WOLFHSM_CLIENT=1
 
 # Uncomment the following to use public wolfHSM ephemeral keys from the keystore
 # for image auth
-#WOLFHSM_CLIENT_LOCAL_KEYS=1
+WOLFHSM_CLIENT_LOCAL_KEYS=1
 
 # Uncomment for verbose wolfHSM printf statements
 #CFLAGS_EXTRA+=-DDEBUG_CRYPTOCB -DDEBUG_CRYPTOCB_VERBOSE
diff --git a/tools/scripts/sim-sunnyday-update.sh b/tools/scripts/sim-sunnyday-update.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-V=`./wolfboot.elf success update_trigger get_version 2>/dev/null`
+V=`./wolfboot.elf update_trigger get_version 2>/dev/null`
 if [ "x$V" != "x1" ]; then
     echo "Failed first boot with update_trigger"
     exit 1
@@ -14,4 +14,3 @@ fi
 
 echo Test successful.
 exit 0
-
