From 2e1d2fe87532c311fcc1e69818a9d30b47d4fc39 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Tue, 9 Apr 2024 23:13:49 +0200
Subject: [PATCH] analyze_outcomes.py: ignore OpenSSL+dtls12+DES
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

No sure if it'd possible to build a version of OpenSSL that supports
both by tuning the config, but pretty sure improving testing for
single-DES ciphersuites is not the best use of our time in 2024.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
---
 tests/scripts/analyze_outcomes.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index d50a04e612..f88d7992e1 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -113,6 +113,18 @@ TASKS = {
                 'test_suite_psa_crypto_metadata;Asymmetric signature: pure EdDSA',
                 # Algorithm not supported yet
                 'test_suite_psa_crypto_metadata;Cipher: XTS',
+                # compat.sh tests with OpenSSL, DTLS 1.2 and singled-DES:
+                # we have no version of OpenSSL on the CI that supports both
+                # DTLS 1.2 and single-DES (1.0.2g is too recent for single-DES
+                # and 1.0.1j is too old for DTLS 1.2).
+                'compat;O->m dtls12,no DES-CBC-SHA',
+                'compat;O->m dtls12,no EDH-RSA-DES-CBC-SHA',
+                'compat;O->m dtls12,yes DES-CBC-SHA',
+                'compat;O->m dtls12,yes EDH-RSA-DES-CBC-SHA',
+                'compat;m->O dtls12,no TLS-DHE-RSA-WITH-DES-CBC-SHA',
+                'compat;m->O dtls12,no TLS-RSA-WITH-DES-CBC-SHA',
+                'compat;m->O dtls12,yes TLS-DHE-RSA-WITH-DES-CBC-SHA',
+                'compat;m->O dtls12,yes TLS-RSA-WITH-DES-CBC-SHA',
             ],
             'full_coverage': False,
         }