@@ -119,43 +119,11 @@ jobs:
119119 grep -q "\\[BKPT\\] imm=0x7f" /tmp/m33mu-fwtpm.log
120120 grep -q "\\[EXPECT BKPT\\] Success" /tmp/m33mu-fwtpm.log
121121
122- - name : Clean and build test with wolfHSM (stm32h5)
123- run : |
124- make clean distclean
125- cd port/stmicro/stm32h5-tz-wolfhsm
126- make
127- test -f out/wolfboot.bin
128- test -f out/image_v1_signed.bin
129- test -f out/manifest.env
130-
131- - name : Prepare wolfHSM persistence directory
132- run : |
133- rm -rf /tmp/m33mu-wolfhsm-persist
134- mkdir -p /tmp/m33mu-wolfhsm-persist
135-
136- - name : Run wolfHSM whTest_ClientConfig (stm32h5)
137- run : |
138- cd /tmp/m33mu-wolfhsm-persist
139- m33mu "$GITHUB_WORKSPACE/wolfboot.bin" \
140- "$GITHUB_WORKSPACE/test-app/image_v1_signed.bin:0x60000" \
141- --persist --uart-stdout --timeout 600 --expect-bkpt 0x7d \
142- --quit-on-faults \
143- | tee /tmp/m33mu-wolfhsm.log
144-
145- - name : Verify wolfHSM whTest_ClientConfig (stm32h5)
146- run : |
147- # Final success marker - the test itself reports PASSED.
148- grep -q "wolfHSM whTest_ClientConfig PASSED" /tmp/m33mu-wolfhsm.log
149- # Spot-check that the major test phases each landed.
150- grep -q "RNG DEVID=0x5748534D SUCCESS" /tmp/m33mu-wolfhsm.log
151- grep -q "AES GCM DEVID=0x5748534D SUCCESS" /tmp/m33mu-wolfhsm.log
152- grep -q "RSA SUCCESS" /tmp/m33mu-wolfhsm.log
153- grep -q "ECC ephemeral ECDH SUCCESS" /tmp/m33mu-wolfhsm.log
154- grep -q "SHA256 DEVID=0x5748534D SUCCESS" /tmp/m33mu-wolfhsm.log
155- grep -q "HKDF SUCCESS" /tmp/m33mu-wolfhsm.log
156- # App reached the success BKPT and m33mu trapped on it.
157- grep -q "\\[BKPT\\] imm=0x7d" /tmp/m33mu-wolfhsm.log
158- grep -q "\\[EXPECT BKPT\\] Success" /tmp/m33mu-wolfhsm.log
122+ # The wolfHSM STM32H5 TrustZone integration is exercised by the
123+ # nightly cross-repo job in wolfHSM
124+ # (.github/workflows/wolfboot-tz-integration.yml), which builds
125+ # this demo against the latest wolfHSM main and runs it under
126+ # m33mu. It is intentionally not gated on every wolfBoot PR.
159127
160128 - name : Clean and build test with DICE attestation + OTP (stm32h5)
161129 run : |
0 commit comments