From 0311b211e4cee1099185d36c3b2253f5c6f04f58 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 11 Apr 2024 11:38:29 +0200 Subject: [PATCH] Explain why DH and DSA are still explicitly excluded If we don't exclude them from test case enumeration, then detect_not_implemented_dependencies would cause the generated test cases to be commented out, but the test case generation would fail before that because asymmetric_key_data.py doesn't include DH and DSA keys. Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/psa_information.py | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py index 58480fc857..fe0714943d 100644 --- a/scripts/mbedtls_dev/psa_information.py +++ b/scripts/mbedtls_dev/psa_information.py @@ -65,8 +65,13 @@ class Information: def remove_unwanted_macros( constructors: macro_collector.PSAMacroEnumerator ) -> None: - # Mbed TLS doesn't support finite-field DH yet and will not support - # finite-field DSA. Don't attempt to generate any related test case. + """Remove macros from consideration during value enumeration.""" + # Remove some mechanisms that are declared but not implemented. + # The corresponding test cases would be commented out anyway + # thanks to the detect_not_implemented_dependencies mechanism, + # but for those particular key types, we don't even have enough + # support in the test scripts to construct test keys. So + # we arrange to not even attempt to generate test cases. constructors.key_types.discard('PSA_KEY_TYPE_DH_KEY_PAIR') constructors.key_types.discard('PSA_KEY_TYPE_DH_PUBLIC_KEY') constructors.key_types.discard('PSA_KEY_TYPE_DSA_KEY_PAIR')