Explain why DH and DSA are still explicitly excluded

If we don't exclude them from test case enumeration, then detect_not_implemented_dependencies would cause the generated test cases to be commented out, but the test case generation would fail before that because asymmetric_key_data.py doesn't include DH and DSA keys. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-07-30 22:43:08 +03:00 · 2024-04-11 11:38:29 +02:00
parent b8ddf6acd4
commit 0311b211e4
1 changed files with 7 additions and 2 deletions
--- a/scripts/mbedtls_dev/psa_information.py
+++ b/scripts/mbedtls_dev/psa_information.py
@ -65,8 +65,13 @@ class Information:
    def remove_unwanted_macros(
            constructors: macro_collector.PSAMacroEnumerator
    ) -> None:
-        # Mbed TLS doesn't support finite-field DH yet and will not support
-        # finite-field DSA. Don't attempt to generate any related test case.
+        """Remove macros from consideration during value enumeration."""
+        # Remove some mechanisms that are declared but not implemented.
+        # The corresponding test cases would be commented out anyway
+        # thanks to the detect_not_implemented_dependencies mechanism,
+        # but for those particular key types, we don't even have enough
+        # support in the test scripts to construct test keys. So
+        # we arrange to not even attempt to generate test cases.
        constructors.key_types.discard('PSA_KEY_TYPE_DH_KEY_PAIR')
        constructors.key_types.discard('PSA_KEY_TYPE_DH_PUBLIC_KEY')
        constructors.key_types.discard('PSA_KEY_TYPE_DSA_KEY_PAIR')