TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 5c0c858026189b106864b2763fb3f1884286b580 / . / tests / scripts / analyze_outcomes.py
blob: 0c63eff4f043d49449b182988131375ea8f2a2ff [file] [log] [blame]
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]1#!/usr/bin/env python3
2
3"""Analyze the test outcomes from a full CI run.
4
5This script can also run on outcomes from a partial run, but the results are
6less likely to be useful.
7"""
8
9import argparse
10import sys
11import traceback
Przemek Stekiel85c54ea2022-11-17 11:50:23 +0100[diff] [blame]12import re
Valerio Settia2663322023-03-24 08:20:18 +0100[diff] [blame]13import subprocess
14import os
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]15
Gilles Peskine8d3c70a2020-06-25 18:37:43 +0200[diff] [blame]16import check_test_cases
17
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]18class Results:
19 """Process analysis results."""
20
21 def __init__(self):
22 self.error_count = 0
23 self.warning_count = 0
24
25 @staticmethod
26 def log(fmt, *args, **kwargs):
27 sys.stderr.write((fmt + '\n').format(*args, **kwargs))
28
29 def error(self, fmt, *args, **kwargs):
30 self.log('Error: ' + fmt, *args, **kwargs)
31 self.error_count += 1
32
33 def warning(self, fmt, *args, **kwargs):
34 self.log('Warning: ' + fmt, *args, **kwargs)
35 self.warning_count += 1
36
37class TestCaseOutcomes:
38 """The outcomes of one test case across many configurations."""
39 # pylint: disable=too-few-public-methods
40
41 def __init__(self):
Gilles Peskine3d863f22020-06-26 13:02:30 +0200[diff] [blame]42 # Collect a list of witnesses of the test case succeeding or failing.
43 # Currently we don't do anything with witnesses except count them.
44 # The format of a witness is determined by the read_outcome_file
45 # function; it's the platform and configuration joined by ';'.
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]46 self.successes = []
47 self.failures = []
48
49 def hits(self):
50 """Return the number of times a test case has been run.
51
52 This includes passes and failures, but not skips.
53 """
54 return len(self.successes) + len(self.failures)
55
Valerio Settia2663322023-03-24 08:20:18 +0100[diff] [blame]56def execute_reference_driver_tests(ref_component, driver_component, outcome_file):
Valerio Setti22992a02023-03-29 11:15:28 +0200[diff] [blame]57 """Run the tests specified in ref_component and driver_component. Results
58 are stored in the output_file and they will be used for the following
Valerio Settia2663322023-03-24 08:20:18 +0100[diff] [blame]59 coverage analysis"""
60 # If the outcome file already exists, we assume that the user wants to
61 # perform the comparison analysis again without repeating the tests.
62 if os.path.exists(outcome_file):
Yanray Wang0e319ae2023-09-26 16:19:18 +0800[diff] [blame]63 Results.log("Outcome file {} already exists. Tests will be skipped.",
64 outcome_file)
Valerio Settia2663322023-03-24 08:20:18 +0100[diff] [blame]65 return
66
67 shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \
68 " " + ref_component + " " + driver_component
Yanray Wang0e319ae2023-09-26 16:19:18 +0800[diff] [blame]69 Results.log("Running: {}", shell_command)
Valerio Settia2663322023-03-24 08:20:18 +0100[diff] [blame]70 ret_val = subprocess.run(shell_command.split(), check=False).returncode
71
72 if ret_val != 0:
73 Results.log("Error: failed to run reference/driver components")
74 sys.exit(ret_val)
75
Tomás Gonzálezb401e112023-08-11 15:22:04 +0100[diff] [blame]76def analyze_coverage(results, outcomes, allow_list, full_coverage):
Gilles Peskine8d3c70a2020-06-25 18:37:43 +0200[diff] [blame]77 """Check that all available test cases are executed at least once."""
Gilles Peskine686c2922022-01-07 15:58:38 +0100[diff] [blame]78 available = check_test_cases.collect_available_test_cases()
Gilles Peskine8d3c70a2020-06-25 18:37:43 +0200[diff] [blame]79 for key in available:
80 hits = outcomes[key].hits() if key in outcomes else 0
Tomás González07bdcc22023-08-11 14:59:03 +0100[diff] [blame]81 if hits == 0 and key not in allow_list:
Tomás Gonzálezb401e112023-08-11 15:22:04 +0100[diff] [blame]82 if full_coverage:
83 results.error('Test case not executed: {}', key)
84 else:
85 results.warning('Test case not executed: {}', key)
Tomás González07bdcc22023-08-11 14:59:03 +0100[diff] [blame]86 elif hits != 0 and key in allow_list:
87 # Test Case should be removed from the allow list.
Tomás González7ebb18f2023-08-22 09:40:23 +0100[diff] [blame]88 if full_coverage:
Tomás Gonzáleza0631442023-08-22 12:17:57 +0100[diff] [blame]89 results.error('Allow listed test case was executed: {}', key)
Tomás González7ebb18f2023-08-22 09:40:23 +0100[diff] [blame]90 else:
91 results.warning('Allow listed test case was executed: {}', key)
Gilles Peskine8d3c70a2020-06-25 18:37:43 +0200[diff] [blame]92
Valerio Setti3002c992023-01-18 17:28:36 +0100[diff] [blame]93def analyze_driver_vs_reference(outcomes, component_ref, component_driver,
94 ignored_suites, ignored_test=None):
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]95 """Check that all tests executed in the reference component are also
96 executed in the corresponding driver component.
Valerio Setti3002c992023-01-18 17:28:36 +0100[diff] [blame]97 Skip:
98 - full test suites provided in ignored_suites list
99 - only some specific test inside a test suite, for which the corresponding
100 output string is provided
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]101 """
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]102 available = check_test_cases.collect_available_test_cases()
103 result = True
Yanray Wang0e319ae2023-09-26 16:19:18 +0800[diff] [blame]104 escape_curly_brace = lambda x: x.replace('{', '{{').replace('}', '}}')
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]105
106 for key in available:
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]107 # Continue if test was not executed by any component
108 hits = outcomes[key].hits() if key in outcomes else 0
Przemek Stekielc86dedf2022-10-24 09:16:04 +0200[diff] [blame]109 if hits == 0:
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]110 continue
Valerio Setti00c1ccb2023-02-02 11:33:31 +0100[diff] [blame]111 # Skip ignored test suites
112 full_test_suite = key.split(';')[0] # retrieve full test suite name
113 test_string = key.split(';')[1] # retrieve the text string of this test
114 test_suite = full_test_suite.split('.')[0] # retrieve main part of test suite name
Manuel Pégourié-Gonnard7d381f52023-03-17 15:13:08 +0100[diff] [blame]115 if test_suite in ignored_suites or full_test_suite in ignored_suites:
Valerio Setti00c1ccb2023-02-02 11:33:31 +0100[diff] [blame]116 continue
Valerio Setti3002c992023-01-18 17:28:36 +0100[diff] [blame]117 if ((full_test_suite in ignored_test) and
118 (test_string in ignored_test[full_test_suite])):
119 continue
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]120 # Search for tests that run in reference component and not in driver component
121 driver_test_passed = False
122 reference_test_passed = False
123 for entry in outcomes[key].successes:
Przemek Stekiel51f30ff2022-11-09 12:07:29 +0100[diff] [blame]124 if component_driver in entry:
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]125 driver_test_passed = True
Przemek Stekiel51f30ff2022-11-09 12:07:29 +0100[diff] [blame]126 if component_ref in entry:
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]127 reference_test_passed = True
Manuel Pégourié-Gonnardc6967d22022-12-30 13:40:34 +0100[diff] [blame]128 if(reference_test_passed and not driver_test_passed):
Yanray Wang0e319ae2023-09-26 16:19:18 +0800[diff] [blame]129 Results.log(escape_curly_brace(key))
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]130 result = False
131 return result
132
Tomás Gonzálezb401e112023-08-11 15:22:04 +0100[diff] [blame]133def analyze_outcomes(outcomes, args):
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]134 """Run all analyses on the given outcome collection."""
135 results = Results()
Tomás Gonzálezb401e112023-08-11 15:22:04 +0100[diff] [blame]136 analyze_coverage(results, outcomes, args['allow_list'],
137 args['full_coverage'])
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]138 return results
139
140def read_outcome_file(outcome_file):
141 """Parse an outcome file and return an outcome collection.
142
143An outcome collection is a dictionary mapping keys to TestCaseOutcomes objects.
144The keys are the test suite name and the test case description, separated
145by a semicolon.
146"""
147 outcomes = {}
148 with open(outcome_file, 'r', encoding='utf-8') as input_file:
149 for line in input_file:
150 (platform, config, suite, case, result, _cause) = line.split(';')
151 key = ';'.join([suite, case])
152 setup = ';'.join([platform, config])
153 if key not in outcomes:
154 outcomes[key] = TestCaseOutcomes()
155 if result == 'PASS':
156 outcomes[key].successes.append(setup)
157 elif result == 'FAIL':
158 outcomes[key].failures.append(setup)
159 return outcomes
160
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]161def do_analyze_coverage(outcome_file, args):
Przemek Stekiel6856f4c2022-11-09 10:50:29 +0100[diff] [blame]162 """Perform coverage analysis."""
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]163 outcomes = read_outcome_file(outcome_file)
Valerio Setti3951d1b2023-03-13 18:37:34 +0100[diff] [blame]164 Results.log("\n*** Analyze coverage ***\n")
Tomás Gonzálezb401e112023-08-11 15:22:04 +0100[diff] [blame]165 results = analyze_outcomes(outcomes, args)
Przemek Stekielc86dedf2022-10-24 09:16:04 +0200[diff] [blame]166 return results.error_count == 0
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]167
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]168def do_analyze_driver_vs_reference(outcome_file, args):
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]169 """Perform driver vs reference analyze."""
Valerio Settia2663322023-03-24 08:20:18 +0100[diff] [blame]170 execute_reference_driver_tests(args['component_ref'], \
171 args['component_driver'], outcome_file)
172
Valerio Setti3002c992023-01-18 17:28:36 +0100[diff] [blame]173 ignored_suites = ['test_suite_' + x for x in args['ignored_suites']]
Przemek Stekiel51f30ff2022-11-09 12:07:29 +0100[diff] [blame]174
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]175 outcomes = read_outcome_file(outcome_file)
Yanray Wang0e319ae2023-09-26 16:19:18 +0800[diff] [blame]176 Results.log("\n*** Analyze driver {} vs reference {} ***\n",
177 args['component_driver'], args['component_ref'])
Przemek Stekiel51f30ff2022-11-09 12:07:29 +0100[diff] [blame]178 return analyze_driver_vs_reference(outcomes, args['component_ref'],
Valerio Setti3002c992023-01-18 17:28:36 +0100[diff] [blame]179 args['component_driver'], ignored_suites,
180 args['ignored_tests'])
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]181
Przemek Stekiel6856f4c2022-11-09 10:50:29 +0100[diff] [blame]182# List of tasks with a function that can handle this task and additional arguments if required
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]183TASKS = {
184 'analyze_coverage': {
185 'test_function': do_analyze_coverage,
Tomás González07bdcc22023-08-11 14:59:03 +0100[diff] [blame]186 'args': {
Tomás González358c6c62023-08-14 15:43:46 +0100[diff] [blame]187 'allow_list': [
Tomás González50223112023-08-22 09:52:06 +0100[diff] [blame]188 # Algorithm not supported yet
189 'test_suite_psa_crypto_metadata;Asymmetric signature: pure EdDSA',
190 # Algorithm not supported yet
191 'test_suite_psa_crypto_metadata;Cipher: XTS',
Tomás Gonzálezd43cab32023-08-24 09:12:40 +0100[diff] [blame]192 ],
Tomás Gonzálezb401e112023-08-11 15:22:04 +0100[diff] [blame]193 'full_coverage': False,
Tomás González07bdcc22023-08-11 14:59:03 +0100[diff] [blame]194 }
Tomás Gonzálezd43cab32023-08-24 09:12:40 +0100[diff] [blame]195 },
Valerio Settia2663322023-03-24 08:20:18 +0100[diff] [blame]196 # There are 2 options to use analyze_driver_vs_reference_xxx locally:
197 # 1. Run tests and then analysis:
198 # - tests/scripts/all.sh --outcome-file "$PWD/out.csv" <component_ref> <component_driver>
199 # - tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
200 # 2. Let this script run both automatically:
201 # - tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]202 'analyze_driver_vs_reference_hash': {
203 'test_function': do_analyze_driver_vs_reference,
204 'args': {
Przemek Stekiel51f30ff2022-11-09 12:07:29 +0100[diff] [blame]205 'component_ref': 'test_psa_crypto_config_reference_hash_use_psa',
206 'component_driver': 'test_psa_crypto_config_accel_hash_use_psa',
Manuel Pégourié-Gonnard10e39632022-12-29 12:29:09 +0100[diff] [blame]207 'ignored_suites': [
208 'shax', 'mdx', # the software implementations that are being excluded
Manuel Pégourié-Gonnard7d381f52023-03-17 15:13:08 +0100[diff] [blame]209 'md.psa', # purposefully depends on whether drivers are present
Valerio Setti3002c992023-01-18 17:28:36 +0100[diff] [blame]210 ],
211 'ignored_tests': {
212 }
213 }
214 },
Valerio Setti4d25a8d2023-06-14 10:33:10 +0200[diff] [blame]215 'analyze_driver_vs_reference_ecp_light_only': {
Valerio Setti42d5f192023-03-20 13:54:41 +0100[diff] [blame]216 'test_function': do_analyze_driver_vs_reference,
217 'args': {
Valerio Setti4d25a8d2023-06-14 10:33:10 +0200[diff] [blame]218 'component_ref': 'test_psa_crypto_config_reference_ecc_ecp_light_only',
219 'component_driver': 'test_psa_crypto_config_accel_ecc_ecp_light_only',
Valerio Setti42d5f192023-03-20 13:54:41 +0100[diff] [blame]220 'ignored_suites': [
221 'ecdsa',
222 'ecdh',
223 'ecjpake',
224 ],
225 'ignored_tests': {
226 'test_suite_random': [
227 'PSA classic wrapper: ECDSA signature (SECP256R1)',
228 ],
Valerio Setti0c477d32023-04-07 15:54:20 +0200[diff] [blame]229 # In the accelerated test ECP_C is not set (only ECP_LIGHT is)
230 # so we must ignore disparities in the tests for which ECP_C
231 # is required.
232 'test_suite_ecp': [
233 'ECP check public-private #1 (OK)',
234 'ECP check public-private #2 (group none)',
235 'ECP check public-private #3 (group mismatch)',
236 'ECP check public-private #4 (Qx mismatch)',
237 'ECP check public-private #5 (Qy mismatch)',
238 'ECP check public-private #6 (wrong Qx)',
239 'ECP check public-private #7 (wrong Qy)',
240 'ECP gen keypair [#1]',
241 'ECP gen keypair [#2]',
242 'ECP gen keypair [#3]',
243 'ECP gen keypair wrapper',
244 'ECP point muladd secp256r1 #1',
245 'ECP point muladd secp256r1 #2',
246 'ECP point multiplication Curve25519 (element of order 2: origin) #3',
247 'ECP point multiplication Curve25519 (element of order 4: 1) #4',
248 'ECP point multiplication Curve25519 (element of order 8) #5',
249 'ECP point multiplication Curve25519 (normalized) #1',
250 'ECP point multiplication Curve25519 (not normalized) #2',
251 'ECP point multiplication rng fail Curve25519',
252 'ECP point multiplication rng fail secp256r1',
253 'ECP test vectors Curve25519',
254 'ECP test vectors Curve448 (RFC 7748 6.2, after decodeUCoordinate)',
255 'ECP test vectors brainpoolP256r1 rfc 7027',
256 'ECP test vectors brainpoolP384r1 rfc 7027',
257 'ECP test vectors brainpoolP512r1 rfc 7027',
258 'ECP test vectors secp192k1',
259 'ECP test vectors secp192r1 rfc 5114',
260 'ECP test vectors secp224k1',
261 'ECP test vectors secp224r1 rfc 5114',
262 'ECP test vectors secp256k1',
263 'ECP test vectors secp256r1 rfc 5114',
264 'ECP test vectors secp384r1 rfc 5114',
265 'ECP test vectors secp521r1 rfc 5114',
Valerio Settie50a75f2023-05-19 17:43:06 +0200[diff] [blame]266 ],
Valerio Setti5f540202023-06-30 17:20:49 +0200[diff] [blame]267 }
Valerio Setti42d5f192023-03-20 13:54:41 +0100[diff] [blame]268 }
269 },
Valerio Setti4d25a8d2023-06-14 10:33:10 +0200[diff] [blame]270 'analyze_driver_vs_reference_no_ecp_at_all': {
Valerio Settie618cb02023-04-12 14:59:16 +0200[diff] [blame]271 'test_function': do_analyze_driver_vs_reference,
272 'args': {
Valerio Setti4d25a8d2023-06-14 10:33:10 +0200[diff] [blame]273 'component_ref': 'test_psa_crypto_config_reference_ecc_no_ecp_at_all',
274 'component_driver': 'test_psa_crypto_config_accel_ecc_no_ecp_at_all',
Valerio Settie618cb02023-04-12 14:59:16 +0200[diff] [blame]275 'ignored_suites': [
276 # Ignore test suites for the modules that are disabled in the
277 # accelerated test case.
278 'ecp',
279 'ecdsa',
280 'ecdh',
281 'ecjpake',
282 ],
283 'ignored_tests': {
284 'test_suite_random': [
285 'PSA classic wrapper: ECDSA signature (SECP256R1)',
286 ],
287 'test_suite_psa_crypto': [
288 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
289 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
290 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
291 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1',
292 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0',
293 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1',
294 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)',
295 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)',
296 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)',
297 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)',
298 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)',
299 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)',
300 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)',
Valerio Settiaddeee42023-06-14 10:46:55 +0200[diff] [blame]301 ],
302 'test_suite_pkparse': [
Valerio Setti5bd25232023-06-19 19:32:14 +0200[diff] [blame]303 # When PK_PARSE_C and ECP_C are defined then PK_PARSE_EC_COMPRESSED
304 # is automatically enabled in build_info.h (backward compatibility)
305 # even if it is disabled in config_psa_crypto_no_ecp_at_all(). As a
306 # consequence compressed points are supported in the reference
307 # component but not in the accelerated one, so they should be skipped
308 # while checking driver's coverage.
309 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)',
310 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)',
311 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)',
312 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)',
313 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)',
314 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)',
315 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)',
316 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)',
317 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)',
318 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)',
319 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)',
320 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)',
321 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)',
322 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)',
323 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)',
324 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)',
Valerio Settiaddeee42023-06-14 10:46:55 +0200[diff] [blame]325 ],
Valerio Settie618cb02023-04-12 14:59:16 +0200[diff] [blame]326 }
327 }
328 },
Valerio Setti307810b2023-08-15 10:12:25 +0200[diff] [blame]329 'analyze_driver_vs_reference_ecc_no_bignum': {
Manuel Pégourié-Gonnardabd00d02023-06-12 17:51:33 +0200[diff] [blame]330 'test_function': do_analyze_driver_vs_reference,
331 'args': {
332 'component_ref': 'test_psa_crypto_config_reference_ecc_no_bignum',
333 'component_driver': 'test_psa_crypto_config_accel_ecc_no_bignum',
334 'ignored_suites': [
335 # Ignore test suites for the modules that are disabled in the
336 # accelerated test case.
337 'ecp',
338 'ecdsa',
339 'ecdh',
340 'ecjpake',
Valerio Setti9b3dbcc2023-07-26 18:00:31 +0200[diff] [blame]341 'bignum_core',
342 'bignum_random',
343 'bignum_mod',
344 'bignum_mod_raw',
345 'bignum.generated',
346 'bignum.misc',
Manuel Pégourié-Gonnardabd00d02023-06-12 17:51:33 +0200[diff] [blame]347 ],
348 'ignored_tests': {
349 'test_suite_random': [
350 'PSA classic wrapper: ECDSA signature (SECP256R1)',
351 ],
352 'test_suite_psa_crypto': [
353 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
354 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
355 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
356 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1',
357 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0',
358 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1',
359 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)',
360 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)',
361 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)',
362 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)',
363 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)',
364 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)',
365 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)',
366 ],
367 'test_suite_pkparse': [
368 # See the description provided above in the
369 # analyze_driver_vs_reference_no_ecp_at_all component.
370 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)',
371 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)',
372 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)',
373 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)',
374 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)',
375 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)',
376 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)',
377 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)',
378 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)',
379 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)',
380 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)',
381 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)',
382 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)',
383 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)',
384 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)',
385 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)',
386 ],
Valerio Setti9b3dbcc2023-07-26 18:00:31 +0200[diff] [blame]387 'test_suite_asn1parse': [
388 # This test depends on BIGNUM_C
389 'INTEGER too large for mpi',
390 ],
391 'test_suite_asn1write': [
392 # Following tests depends on BIGNUM_C
393 'ASN.1 Write mpi 0 (1 limb)',
394 'ASN.1 Write mpi 0 (null)',
395 'ASN.1 Write mpi 0x100',
396 'ASN.1 Write mpi 0x7f',
397 'ASN.1 Write mpi 0x7f with leading 0 limb',
398 'ASN.1 Write mpi 0x80',
399 'ASN.1 Write mpi 0x80 with leading 0 limb',
400 'ASN.1 Write mpi 0xff',
401 'ASN.1 Write mpi 1',
402 'ASN.1 Write mpi, 127*8 bits',
403 'ASN.1 Write mpi, 127*8+1 bits',
404 'ASN.1 Write mpi, 127*8-1 bits',
405 'ASN.1 Write mpi, 255*8 bits',
406 'ASN.1 Write mpi, 255*8-1 bits',
407 'ASN.1 Write mpi, 256*8-1 bits',
408 ],
Valerio Settie0be95e2023-08-01 09:07:43 +0200[diff] [blame]409 'test_suite_debug': [
410 # Following tests depends on BIGNUM_C
411 'Debug print mbedtls_mpi #2: 3 bits',
412 'Debug print mbedtls_mpi: 0 (empty representation)',
413 'Debug print mbedtls_mpi: 0 (non-empty representation)',
414 'Debug print mbedtls_mpi: 49 bits',
415 'Debug print mbedtls_mpi: 759 bits',
416 'Debug print mbedtls_mpi: 764 bits #1',
417 'Debug print mbedtls_mpi: 764 bits #2',
418 ],
Manuel Pégourié-Gonnardabd00d02023-06-12 17:51:33 +0200[diff] [blame]419 }
420 }
421 },
Valerio Setti307810b2023-08-15 10:12:25 +0200[diff] [blame]422 'analyze_driver_vs_reference_ecc_ffdh_no_bignum': {
423 'test_function': do_analyze_driver_vs_reference,
424 'args': {
425 'component_ref': 'test_psa_crypto_config_reference_ecc_ffdh_no_bignum',
426 'component_driver': 'test_psa_crypto_config_accel_ecc_ffdh_no_bignum',
427 'ignored_suites': [
428 # Ignore test suites for the modules that are disabled in the
429 # accelerated test case.
430 'ecp',
431 'ecdsa',
432 'ecdh',
433 'ecjpake',
434 'bignum_core',
435 'bignum_random',
436 'bignum_mod',
437 'bignum_mod_raw',
438 'bignum.generated',
439 'bignum.misc',
440 'dhm',
441 ],
442 'ignored_tests': {
443 'test_suite_random': [
444 'PSA classic wrapper: ECDSA signature (SECP256R1)',
445 ],
446 'test_suite_psa_crypto': [
447 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
448 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
449 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
450 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1',
451 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0',
452 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1',
453 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)',
454 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)',
455 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)',
456 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)',
457 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)',
458 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)',
459 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)',
460 ],
461 'test_suite_pkparse': [
462 # See the description provided above in the
463 # analyze_driver_vs_reference_no_ecp_at_all component.
464 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)',
465 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)',
466 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)',
467 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)',
468 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)',
469 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)',
470 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)',
471 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)',
472 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)',
473 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)',
474 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)',
475 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)',
476 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)',
477 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)',
478 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)',
479 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)',
480 ],
481 'test_suite_asn1parse': [
482 # This test depends on BIGNUM_C
483 'INTEGER too large for mpi',
484 ],
485 'test_suite_asn1write': [
486 # Following tests depends on BIGNUM_C
487 'ASN.1 Write mpi 0 (1 limb)',
488 'ASN.1 Write mpi 0 (null)',
489 'ASN.1 Write mpi 0x100',
490 'ASN.1 Write mpi 0x7f',
491 'ASN.1 Write mpi 0x7f with leading 0 limb',
492 'ASN.1 Write mpi 0x80',
493 'ASN.1 Write mpi 0x80 with leading 0 limb',
494 'ASN.1 Write mpi 0xff',
495 'ASN.1 Write mpi 1',
496 'ASN.1 Write mpi, 127*8 bits',
497 'ASN.1 Write mpi, 127*8+1 bits',
498 'ASN.1 Write mpi, 127*8-1 bits',
499 'ASN.1 Write mpi, 255*8 bits',
500 'ASN.1 Write mpi, 255*8-1 bits',
501 'ASN.1 Write mpi, 256*8-1 bits',
502 ],
503 'test_suite_debug': [
504 # Following tests depends on BIGNUM_C
505 'Debug print mbedtls_mpi #2: 3 bits',
506 'Debug print mbedtls_mpi: 0 (empty representation)',
507 'Debug print mbedtls_mpi: 0 (non-empty representation)',
508 'Debug print mbedtls_mpi: 49 bits',
509 'Debug print mbedtls_mpi: 759 bits',
510 'Debug print mbedtls_mpi: 764 bits #1',
511 'Debug print mbedtls_mpi: 764 bits #2',
512 ],
513 }
514 }
515 },
Przemek Stekiel85b64422023-05-26 09:55:23 +0200[diff] [blame]516 'analyze_driver_vs_reference_ffdh_alg': {
517 'test_function': do_analyze_driver_vs_reference,
518 'args': {
519 'component_ref': 'test_psa_crypto_config_reference_ffdh',
520 'component_driver': 'test_psa_crypto_config_accel_ffdh',
Przemek Stekiel84f4ff12023-07-04 12:35:31 +0200[diff] [blame]521 'ignored_suites': ['dhm'],
Przemek Stekiel565353e2023-07-05 11:07:07 +0200[diff] [blame]522 'ignored_tests': {}
Przemek Stekiel85b64422023-05-26 09:55:23 +0200[diff] [blame]523 }
524 },
Valerio Settif01d6482023-08-04 13:51:18 +0200[diff] [blame]525 'analyze_driver_vs_reference_tfm_config': {
526 'test_function': do_analyze_driver_vs_reference,
527 'args': {
528 'component_ref': 'test_tfm_config',
529 'component_driver': 'test_tfm_config_p256m_driver_accel_ec',
Manuel Pégourié-Gonnarde9d97972023-08-08 18:34:47 +0200[diff] [blame]530 'ignored_suites': [
531 # Ignore test suites for the modules that are disabled in the
532 # accelerated test case.
Yanray Wang5c0c8582023-09-26 16:52:33 +0800[diff] [blame^]533 'asn1parse',
534 'asn1write',
Manuel Pégourié-Gonnarde9d97972023-08-08 18:34:47 +0200[diff] [blame]535 'ecp',
536 'ecdsa',
537 'ecdh',
538 'ecjpake',
539 'bignum_core',
540 'bignum_random',
541 'bignum_mod',
542 'bignum_mod_raw',
543 'bignum.generated',
544 'bignum.misc',
545 ],
Valerio Settif01d6482023-08-04 13:51:18 +0200[diff] [blame]546 'ignored_tests': {
547 # Ignore all tests that require DERIVE support which is disabled
548 # in the driver version
549 'test_suite_psa_crypto': [
550 'PSA key agreement setup: ECDH + HKDF-SHA-256: good',
551 ('PSA key agreement setup: ECDH + HKDF-SHA-256: good, key algorithm broader '
552 'than required'),
553 'PSA key agreement setup: ECDH + HKDF-SHA-256: public key not on curve',
554 'PSA key agreement setup: KDF instead of a key agreement algorithm',
555 'PSA key agreement setup: bad key agreement algorithm',
556 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160',
557 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32',
558 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 1+31',
559 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 31+1',
560 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0',
561 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+32',
562 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 64+0',
563 'PSA key derivation: ECDH on P256 with HKDF-SHA256, info first',
564 'PSA key derivation: ECDH on P256 with HKDF-SHA256, key output',
565 'PSA key derivation: ECDH on P256 with HKDF-SHA256, missing info',
566 'PSA key derivation: ECDH on P256 with HKDF-SHA256, omitted salt',
567 'PSA key derivation: ECDH on P256 with HKDF-SHA256, raw output',
568 'PSA key derivation: ECDH on P256 with HKDF-SHA256, salt after secret',
569 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, good case',
570 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label',
571 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label and secret',
572 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, no inputs',
573 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
574 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
575 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
576 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 0+48, ka',
577 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 24+24, ka',
578 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 48+0, ka',
579 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #1, ka',
580 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #3, ka',
581 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #4, ka',
582 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)',
583 'PSA key derivation: bits=7 invalid for ECC MONTGOMERY (ECC enabled)',
584 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)',
585 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)',
586 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)',
587 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)',
588 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)',
589 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)',
590 'PSA raw key agreement: ECDH SECP256R1 (RFC 5903)',
591 ],
Manuel Pégourié-Gonnarde9d97972023-08-08 18:34:47 +0200[diff] [blame]592 'test_suite_random': [
593 'PSA classic wrapper: ECDSA signature (SECP256R1)',
594 ],
Valerio Settif01d6482023-08-04 13:51:18 +0200[diff] [blame]595 'test_suite_psa_crypto_pake': [
596 'PSA PAKE: ecjpake size macros',
Manuel Pégourié-Gonnarde9d97972023-08-08 18:34:47 +0200[diff] [blame]597 ],
Valerio Settif01d6482023-08-04 13:51:18 +0200[diff] [blame]598 }
599 }
600 }
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]601}
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]602
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]603def main():
604 try:
605 parser = argparse.ArgumentParser(description=__doc__)
Przemek Stekiel58bbc232022-10-24 08:10:10 +0200[diff] [blame]606 parser.add_argument('outcomes', metavar='OUTCOMES.CSV',
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]607 help='Outcome file to analyze')
Przemek Stekiel542d9322022-11-17 09:43:34 +0100[diff] [blame]608 parser.add_argument('task', default='all', nargs='?',
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]609 help='Analysis to be done. By default, run all tasks. '
610 'With one or more TASK, run only those. '
611 'TASK can be the name of a single task or '
Przemek Stekiel85c54ea2022-11-17 11:50:23 +0100[diff] [blame]612 'comma/space-separated list of tasks. ')
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]613 parser.add_argument('--list', action='store_true',
614 help='List all available tasks and exit.')
Tomás Gonzálezb401e112023-08-11 15:22:04 +0100[diff] [blame]615 parser.add_argument('--require-full-coverage', action='store_true',
616 dest='full_coverage', help="Require all available "
617 "test cases to be executed and issue an error "
618 "otherwise. This flag is ignored if 'task' is "
619 "neither 'all' nor 'analyze_coverage'")
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]620 options = parser.parse_args()
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]621
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]622 if options.list:
623 for task in TASKS:
Valerio Setti3951d1b2023-03-13 18:37:34 +0100[diff] [blame]624 Results.log(task)
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]625 sys.exit(0)
626
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]627 result = True
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]628
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]629 if options.task == 'all':
Przemek Stekield3068af2022-11-14 16:15:19 +0100[diff] [blame]630 tasks = TASKS.keys()
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]631 else:
Przemek Stekiel85c54ea2022-11-17 11:50:23 +0100[diff] [blame]632 tasks = re.split(r'[, ]+', options.task)
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]633
Przemek Stekield3068af2022-11-14 16:15:19 +0100[diff] [blame]634 for task in tasks:
635 if task not in TASKS:
Yanray Wang0e319ae2023-09-26 16:19:18 +0800[diff] [blame]636 Results.log('Error: invalid task: {}', task)
Przemek Stekield3068af2022-11-14 16:15:19 +0100[diff] [blame]637 sys.exit(1)
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]638
Tomás Gonzálezb401e112023-08-11 15:22:04 +0100[diff] [blame]639 TASKS['analyze_coverage']['args']['full_coverage'] = \
640 options.full_coverage
641
Przemek Stekiel992de3c2022-11-09 13:54:49 +0100[diff] [blame]642 for task in TASKS:
643 if task in tasks:
Przemek Stekiel4d13c832022-10-26 16:11:26 +0200[diff] [blame]644 if not TASKS[task]['test_function'](options.outcomes, TASKS[task]['args']):
645 result = False
Przemek Stekiel4e955902022-10-21 13:42:08 +0200[diff] [blame]646
Przemek Stekielc86dedf2022-10-24 09:16:04 +0200[diff] [blame]647 if result is False:
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]648 sys.exit(1)
Valerio Setti3951d1b2023-03-13 18:37:34 +0100[diff] [blame]649 Results.log("SUCCESS :-)")
Gilles Peskine15c2cbf2020-06-25 18:36:28 +0200[diff] [blame]650 except Exception: # pylint: disable=broad-except
651 # Print the backtrace and exit explicitly with our chosen status.
652 traceback.print_exc()
653 sys.exit(120)
654
655if __name__ == '__main__':
656 main()