TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 4d25a8d48ac74804656b4c27b054f12e62f2589c / . / tests / scripts / analyze_outcomes.py
blob: f58185068456c9eb4ef7415f1f6e347d92120ebd [file] [log] [blame]
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]1#!/usr/bin/env python3
2
3"""Analyze the test outcomes from a full CI run.
4
5This script can also run on outcomes from a partial run, but the results are
6less likely to be useful.
7"""
8
9import argparse
10import sys
11import traceback
Przemek Stekiel85c54ea2022-11-17 11:50:23 +0100[diff] [blame]12import re
Valerio Settia2663322023-03-24 08:20:18 +0100[diff] [blame]13import subprocess
14import os
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]15
Gilles Peskine8d3c70a2020-06-25 18:37:43 +0200[diff] [blame]16import check_test_cases
17
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]18class Results:
19 """Process analysis results."""
20
21 def __init__(self):
22 self.error_count = 0
23 self.warning_count = 0
24
25 @staticmethod
26 def log(fmt, *args, **kwargs):
27 sys.stderr.write((fmt + '\n').format(*args, **kwargs))
28
29 def error(self, fmt, *args, **kwargs):
30 self.log('Error: ' + fmt, *args, **kwargs)
31 self.error_count += 1
32
33 def warning(self, fmt, *args, **kwargs):
34 self.log('Warning: ' + fmt, *args, **kwargs)
35 self.warning_count += 1
36
37class TestCaseOutcomes:
38 """The outcomes of one test case across many configurations."""
39 # pylint: disable=too-few-public-methods
40
41 def __init__(self):
Gilles Peskine3d863f22020-06-26 13:02:30 +0200[diff] [blame]42 # Collect a list of witnesses of the test case succeeding or failing.
43 # Currently we don't do anything with witnesses except count them.
44 # The format of a witness is determined by the read_outcome_file
45 # function; it's the platform and configuration joined by ';'.
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]46 self.successes = []
47 self.failures = []
48
49 def hits(self):
50 """Return the number of times a test case has been run.
51
52 This includes passes and failures, but not skips.
53 """
54 return len(self.successes) + len(self.failures)
55
Valerio Settia2663322023-03-24 08:20:18 +0100[diff] [blame]56def execute_reference_driver_tests(ref_component, driver_component, outcome_file):
Valerio Setti22992a02023-03-29 11:15:28 +0200[diff] [blame]57 """Run the tests specified in ref_component and driver_component. Results
58 are stored in the output_file and they will be used for the following
Valerio Settia2663322023-03-24 08:20:18 +0100[diff] [blame]59 coverage analysis"""
60 # If the outcome file already exists, we assume that the user wants to
61 # perform the comparison analysis again without repeating the tests.
62 if os.path.exists(outcome_file):
63 Results.log("Outcome file (" + outcome_file + ") already exists. " + \
64 "Tests will be skipped.")
65 return
66
67 shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \
68 " " + ref_component + " " + driver_component
Valerio Settif109c662023-03-29 11:15:44 +0200[diff] [blame]69 Results.log("Running: " + shell_command)
Valerio Settia2663322023-03-24 08:20:18 +0100[diff] [blame]70 ret_val = subprocess.run(shell_command.split(), check=False).returncode
71
72 if ret_val != 0:
73 Results.log("Error: failed to run reference/driver components")
74 sys.exit(ret_val)
75
Gilles Peskine8d3c70a2020-06-25 18:37:43 +0200[diff] [blame]76def analyze_coverage(results, outcomes):
77 """Check that all available test cases are executed at least once."""
Gilles Peskine686c2922022-01-07 15:58:38 +0100[diff] [blame]78 available = check_test_cases.collect_available_test_cases()
Gilles Peskine8d3c70a2020-06-25 18:37:43 +0200[diff] [blame]79 for key in available:
80 hits = outcomes[key].hits() if key in outcomes else 0
81 if hits == 0:
82 # Make this a warning, not an error, as long as we haven't
83 # fixed this branch to have full coverage of test cases.
84 results.warning('Test case not executed: {}', key)
85
Valerio Setti3002c992023-01-18 17:28:36 +0100[diff] [blame]86def analyze_driver_vs_reference(outcomes, component_ref, component_driver,
87 ignored_suites, ignored_test=None):
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]88 """Check that all tests executed in the reference component are also
89 executed in the corresponding driver component.
Valerio Setti3002c992023-01-18 17:28:36 +0100[diff] [blame]90 Skip:
91 - full test suites provided in ignored_suites list
92 - only some specific test inside a test suite, for which the corresponding
93 output string is provided
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]94 """
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]95 available = check_test_cases.collect_available_test_cases()
96 result = True
97
98 for key in available:
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]99 # Continue if test was not executed by any component
100 hits = outcomes[key].hits() if key in outcomes else 0
Przemek Stekielc86dedf2022-10-24 09:16:04 +0200[diff] [blame]101 if hits == 0:
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]102 continue
Valerio Setti00c1ccb2023-02-02 11:33:31 +0100[diff] [blame]103 # Skip ignored test suites
104 full_test_suite = key.split(';')[0] # retrieve full test suite name
105 test_string = key.split(';')[1] # retrieve the text string of this test
106 test_suite = full_test_suite.split('.')[0] # retrieve main part of test suite name
Manuel Pégourié-Gonnard7d381f52023-03-17 15:13:08 +0100[diff] [blame]107 if test_suite in ignored_suites or full_test_suite in ignored_suites:
Valerio Setti00c1ccb2023-02-02 11:33:31 +0100[diff] [blame]108 continue
Valerio Setti3002c992023-01-18 17:28:36 +0100[diff] [blame]109 if ((full_test_suite in ignored_test) and
110 (test_string in ignored_test[full_test_suite])):
111 continue
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]112 # Search for tests that run in reference component and not in driver component
113 driver_test_passed = False
114 reference_test_passed = False
115 for entry in outcomes[key].successes:
Przemek Stekiel51f30ff2022-11-09 12:07:29 +0100[diff] [blame]116 if component_driver in entry:
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]117 driver_test_passed = True
Przemek Stekiel51f30ff2022-11-09 12:07:29 +0100[diff] [blame]118 if component_ref in entry:
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]119 reference_test_passed = True
Manuel Pégourié-Gonnardc6967d22022-12-30 13:40:34 +0100[diff] [blame]120 if(reference_test_passed and not driver_test_passed):
Valerio Setti3951d1b2023-03-13 18:37:34 +0100[diff] [blame]121 Results.log(key)
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]122 result = False
123 return result
124
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]125def analyze_outcomes(outcomes):
126 """Run all analyses on the given outcome collection."""
127 results = Results()
Gilles Peskine8d3c70a2020-06-25 18:37:43 +0200[diff] [blame]128 analyze_coverage(results, outcomes)
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]129 return results
130
131def read_outcome_file(outcome_file):
132 """Parse an outcome file and return an outcome collection.
133
134An outcome collection is a dictionary mapping keys to TestCaseOutcomes objects.
135The keys are the test suite name and the test case description, separated
136by a semicolon.
137"""
138 outcomes = {}
139 with open(outcome_file, 'r', encoding='utf-8') as input_file:
140 for line in input_file:
141 (platform, config, suite, case, result, _cause) = line.split(';')
142 key = ';'.join([suite, case])
143 setup = ';'.join([platform, config])
144 if key not in outcomes:
145 outcomes[key] = TestCaseOutcomes()
146 if result == 'PASS':
147 outcomes[key].successes.append(setup)
148 elif result == 'FAIL':
149 outcomes[key].failures.append(setup)
150 return outcomes
151
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]152def do_analyze_coverage(outcome_file, args):
Przemek Stekiel6856f4c2022-11-09 10:50:29 +0100[diff] [blame]153 """Perform coverage analysis."""
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]154 del args # unused
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]155 outcomes = read_outcome_file(outcome_file)
Valerio Setti3951d1b2023-03-13 18:37:34 +0100[diff] [blame]156 Results.log("\n*** Analyze coverage ***\n")
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]157 results = analyze_outcomes(outcomes)
Przemek Stekielc86dedf2022-10-24 09:16:04 +0200[diff] [blame]158 return results.error_count == 0
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]159
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]160def do_analyze_driver_vs_reference(outcome_file, args):
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]161 """Perform driver vs reference analyze."""
Valerio Settia2663322023-03-24 08:20:18 +0100[diff] [blame]162 execute_reference_driver_tests(args['component_ref'], \
163 args['component_driver'], outcome_file)
164
Valerio Setti3002c992023-01-18 17:28:36 +0100[diff] [blame]165 ignored_suites = ['test_suite_' + x for x in args['ignored_suites']]
Przemek Stekiel51f30ff2022-11-09 12:07:29 +0100[diff] [blame]166
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]167 outcomes = read_outcome_file(outcome_file)
Valerio Setti3951d1b2023-03-13 18:37:34 +0100[diff] [blame]168 Results.log("\n*** Analyze driver {} vs reference {} ***\n".format(
Manuel Pégourié-Gonnardc6967d22022-12-30 13:40:34 +0100[diff] [blame]169 args['component_driver'], args['component_ref']))
Przemek Stekiel51f30ff2022-11-09 12:07:29 +0100[diff] [blame]170 return analyze_driver_vs_reference(outcomes, args['component_ref'],
Valerio Setti3002c992023-01-18 17:28:36 +0100[diff] [blame]171 args['component_driver'], ignored_suites,
172 args['ignored_tests'])
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]173
Przemek Stekiel6856f4c2022-11-09 10:50:29 +0100[diff] [blame]174# List of tasks with a function that can handle this task and additional arguments if required
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]175TASKS = {
176 'analyze_coverage': {
177 'test_function': do_analyze_coverage,
Manuel Pégourié-Gonnard10e39632022-12-29 12:29:09 +0100[diff] [blame]178 'args': {}
179 },
Valerio Settia2663322023-03-24 08:20:18 +0100[diff] [blame]180 # There are 2 options to use analyze_driver_vs_reference_xxx locally:
181 # 1. Run tests and then analysis:
182 # - tests/scripts/all.sh --outcome-file "$PWD/out.csv" <component_ref> <component_driver>
183 # - tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
184 # 2. Let this script run both automatically:
185 # - tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]186 'analyze_driver_vs_reference_hash': {
187 'test_function': do_analyze_driver_vs_reference,
188 'args': {
Przemek Stekiel51f30ff2022-11-09 12:07:29 +0100[diff] [blame]189 'component_ref': 'test_psa_crypto_config_reference_hash_use_psa',
190 'component_driver': 'test_psa_crypto_config_accel_hash_use_psa',
Manuel Pégourié-Gonnard10e39632022-12-29 12:29:09 +0100[diff] [blame]191 'ignored_suites': [
192 'shax', 'mdx', # the software implementations that are being excluded
Manuel Pégourié-Gonnard7d381f52023-03-17 15:13:08 +0100[diff] [blame]193 'md.psa', # purposefully depends on whether drivers are present
Valerio Setti3002c992023-01-18 17:28:36 +0100[diff] [blame]194 ],
195 'ignored_tests': {
196 }
197 }
198 },
Valerio Setti4d25a8d2023-06-14 10:33:10 +0200[diff] [blame^]199 'analyze_driver_vs_reference_ecp_light_only': {
Valerio Setti42d5f192023-03-20 13:54:41 +0100[diff] [blame]200 'test_function': do_analyze_driver_vs_reference,
201 'args': {
Valerio Setti4d25a8d2023-06-14 10:33:10 +0200[diff] [blame^]202 'component_ref': 'test_psa_crypto_config_reference_ecc_ecp_light_only',
203 'component_driver': 'test_psa_crypto_config_accel_ecc_ecp_light_only',
Valerio Setti42d5f192023-03-20 13:54:41 +0100[diff] [blame]204 'ignored_suites': [
205 'ecdsa',
206 'ecdh',
207 'ecjpake',
208 ],
209 'ignored_tests': {
210 'test_suite_random': [
211 'PSA classic wrapper: ECDSA signature (SECP256R1)',
212 ],
Valerio Setti0c477d32023-04-07 15:54:20 +0200[diff] [blame]213 # In the accelerated test ECP_C is not set (only ECP_LIGHT is)
214 # so we must ignore disparities in the tests for which ECP_C
215 # is required.
216 'test_suite_ecp': [
217 'ECP check public-private #1 (OK)',
218 'ECP check public-private #2 (group none)',
219 'ECP check public-private #3 (group mismatch)',
220 'ECP check public-private #4 (Qx mismatch)',
221 'ECP check public-private #5 (Qy mismatch)',
222 'ECP check public-private #6 (wrong Qx)',
223 'ECP check public-private #7 (wrong Qy)',
224 'ECP gen keypair [#1]',
225 'ECP gen keypair [#2]',
226 'ECP gen keypair [#3]',
227 'ECP gen keypair wrapper',
228 'ECP point muladd secp256r1 #1',
229 'ECP point muladd secp256r1 #2',
230 'ECP point multiplication Curve25519 (element of order 2: origin) #3',
231 'ECP point multiplication Curve25519 (element of order 4: 1) #4',
232 'ECP point multiplication Curve25519 (element of order 8) #5',
233 'ECP point multiplication Curve25519 (normalized) #1',
234 'ECP point multiplication Curve25519 (not normalized) #2',
235 'ECP point multiplication rng fail Curve25519',
236 'ECP point multiplication rng fail secp256r1',
237 'ECP test vectors Curve25519',
238 'ECP test vectors Curve448 (RFC 7748 6.2, after decodeUCoordinate)',
239 'ECP test vectors brainpoolP256r1 rfc 7027',
240 'ECP test vectors brainpoolP384r1 rfc 7027',
241 'ECP test vectors brainpoolP512r1 rfc 7027',
242 'ECP test vectors secp192k1',
243 'ECP test vectors secp192r1 rfc 5114',
244 'ECP test vectors secp224k1',
245 'ECP test vectors secp224r1 rfc 5114',
246 'ECP test vectors secp256k1',
247 'ECP test vectors secp256r1 rfc 5114',
248 'ECP test vectors secp384r1 rfc 5114',
249 'ECP test vectors secp521r1 rfc 5114',
Valerio Settie50a75f2023-05-19 17:43:06 +0200[diff] [blame]250 ],
251 'test_suite_pkparse': [
252 # This is a known difference for Montgomery curves: in
253 # reference component private keys are parsed using
254 # mbedtls_mpi_read_binary_le(), while in driver version they
255 # they are imported in PSA and there the parsing is done
256 # through mbedtls_ecp_read_key(). Unfortunately the latter
257 # fixes the errors which are intentionally set on the parsed
258 # key and therefore the following test case is not failing
259 # as expected.
260 # This cause the following test to be guarded by ECP_C and
261 # not being executed on the driver version.
262 ('Key ASN1 (OneAsymmetricKey X25519, doesn\'t match masking '
263 'requirements, from RFC8410 Appendix A but made into version 0)'),
264 ],
Valerio Setti42d5f192023-03-20 13:54:41 +0100[diff] [blame]265 }
266 }
267 },
Valerio Setti4d25a8d2023-06-14 10:33:10 +0200[diff] [blame^]268 'analyze_driver_vs_reference_no_ecp_at_all': {
Valerio Settie618cb02023-04-12 14:59:16 +0200[diff] [blame]269 'test_function': do_analyze_driver_vs_reference,
270 'args': {
Valerio Setti4d25a8d2023-06-14 10:33:10 +0200[diff] [blame^]271 'component_ref': 'test_psa_crypto_config_reference_ecc_no_ecp_at_all',
272 'component_driver': 'test_psa_crypto_config_accel_ecc_no_ecp_at_all',
Valerio Settie618cb02023-04-12 14:59:16 +0200[diff] [blame]273 'ignored_suites': [
274 # Ignore test suites for the modules that are disabled in the
275 # accelerated test case.
276 'ecp',
277 'ecdsa',
278 'ecdh',
279 'ecjpake',
280 ],
281 'ignored_tests': {
282 'test_suite_random': [
283 'PSA classic wrapper: ECDSA signature (SECP256R1)',
284 ],
285 'test_suite_psa_crypto': [
286 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
287 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
288 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
289 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1',
290 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0',
291 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1',
292 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)',
293 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)',
294 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)',
295 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)',
296 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)',
297 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)',
298 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)',
299 ]
300 }
301 }
302 },
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]303}
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]304
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]305def main():
306 try:
307 parser = argparse.ArgumentParser(description=__doc__)
Przemek Stekiel58bbc232022-10-24 08:10:10 +0200[diff] [blame]308 parser.add_argument('outcomes', metavar='OUTCOMES.CSV',
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]309 help='Outcome file to analyze')
Przemek Stekiel542d9322022-11-17 09:43:34 +0100[diff] [blame]310 parser.add_argument('task', default='all', nargs='?',
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]311 help='Analysis to be done. By default, run all tasks. '
312 'With one or more TASK, run only those. '
313 'TASK can be the name of a single task or '
Przemek Stekiel85c54ea2022-11-17 11:50:23 +0100[diff] [blame]314 'comma/space-separated list of tasks. ')
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]315 parser.add_argument('--list', action='store_true',
316 help='List all available tasks and exit.')
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]317 options = parser.parse_args()
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]318
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]319 if options.list:
320 for task in TASKS:
Valerio Setti3951d1b2023-03-13 18:37:34 +0100[diff] [blame]321 Results.log(task)
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]322 sys.exit(0)
323
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]324 result = True
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]325
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]326 if options.task == 'all':
Przemek Stekield3068af2022-11-14 16:15:19 +0100[diff] [blame]327 tasks = TASKS.keys()
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]328 else:
Przemek Stekiel85c54ea2022-11-17 11:50:23 +0100[diff] [blame]329 tasks = re.split(r'[, ]+', options.task)
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]330
Przemek Stekield3068af2022-11-14 16:15:19 +0100[diff] [blame]331 for task in tasks:
332 if task not in TASKS:
Valerio Setti3951d1b2023-03-13 18:37:34 +0100[diff] [blame]333 Results.log('Error: invalid task: {}'.format(task))
Przemek Stekield3068af2022-11-14 16:15:19 +0100[diff] [blame]334 sys.exit(1)
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]335
336 for task in TASKS:
337 if task in tasks:
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]338 if not TASKS[task]['test_function'](options.outcomes, TASKS[task]['args']):
339 result = False
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]340
Przemek Stekielc86dedf2022-10-24 09:16:04 +0200[diff] [blame]341 if result is False:
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]342 sys.exit(1)
Valerio Setti3951d1b2023-03-13 18:37:34 +0100[diff] [blame]343 Results.log("SUCCESS :-)")
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]344 except Exception: # pylint: disable=broad-except
345 # Print the backtrace and exit explicitly with our chosen status.
346 traceback.print_exc()
347 sys.exit(120)
348
349if __name__ == '__main__':
350 main()