PSA test case generation: dependency inference class: operation fail

Use psa_information.TestCase for operation failure test cases.

This changes the generated output in two ways:

* Not-implemented mechanisms now have a `DEPENDENCY_NOT_IMPLEMENTED_YET_xxx`
  dependency in addition to the never-fulfilled `PSA_WANT_xxx` dependency.
  This does not affect when test cases run.
* ECC test cases now have correct dependency symbols, e.g.
  `PSA_WANT_ECC_SECP_R1_192` instead of `PSA_WANT_ECC_FAMILY_SECP_R1`. This
  is a bug fix: ECC test cases were formerly never executed because of
  incorrect dependency symbols.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

scripts/mbedtls_dev/psa_information.py

@@ -111,7 +111,12 @@ class Information:
 
 
 class TestCase(test_case.TestCase):
-    """A PSA test case with automatically inferred dependencies."""
+    """A PSA test case with automatically inferred dependencies.
+
+    For mechanisms like ECC curves where the support status includes
+    the key bit-size, this class assumes that only one bit-size is
+    involved in a given test case.
+    """
 
     def __init__(self) -> None:
         super().__init__()
@@ -124,12 +129,13 @@ class TestCase(test_case.TestCase):
         Call this function before set_arguments() for a test case that should
         run if the given mechanism is not supported.
 
-        A mechanism is a PSA_XXX symbol, e.g. PSA_KEY_TYPE_AES, PSA_ALG_HMAC,
-        etc. For mechanisms like ECC curves where the support status includes
-        the key bit-size, this class assumes that only one bit-size is
-        involved in a given test case.
+        A mechanism is either a PSA_XXX symbol (e.g. PSA_KEY_TYPE_AES,
+        PSA_ALG_HMAC, etc.) or a PSA_WANT_XXX symbol.
         """
-        self.negated_dependencies.add(psa_want_symbol(name))
+        symbol = name
+        if not symbol.startswith('PSA_WANT_'):
+            symbol = psa_want_symbol(name)
+        self.negated_dependencies.add(symbol)
 
     def set_key_bits(self, key_bits: Optional[int]) -> None:
         """Use the given key size for automatic dependency generation.

tests/scripts/generate_psa_tests.py

@@ -208,7 +208,7 @@ class OpFail:
     ) -> test_case.TestCase:
         """Construct a failure test case for a one-key or keyless operation."""
         #pylint: disable=too-many-arguments,too-many-locals
-        tc = test_case.TestCase()
+        tc = psa_information.TestCase()
         pretty_alg = alg.short_expression()
         if reason == self.Reason.NOT_SUPPORTED:
             short_deps = [re.sub(r'PSA_WANT_ALG_', r'', dep)
@@ -227,22 +227,21 @@ class OpFail:
                                    pretty_alg,
                                    pretty_reason,
                                    ' with ' + pretty_type if pretty_type else ''))
-        dependencies = psa_information.automatic_dependencies(alg.base_expression, key_type)
-        for i, dep in enumerate(dependencies):
-            if dep in not_deps:
-                dependencies[i] = '!' + dep
-        tc.set_dependencies(sorted(dependencies))
         tc.set_function(category.name.lower() + '_fail')
         arguments = [] # type: List[str]
         if kt:
-            key_material = kt.key_material(kt.sizes_to_test()[0])
+            bits = kt.sizes_to_test()[0]
+            key_material = kt.key_material(bits)
             arguments += [key_type, test_case.hex_string(key_material)]
+            tc.set_key_bits(bits)
         arguments.append(alg.expression)
         if category.is_asymmetric():
             arguments.append('1' if reason == self.Reason.PUBLIC else '0')
         error = ('NOT_SUPPORTED' if reason == self.Reason.NOT_SUPPORTED else
                  'INVALID_ARGUMENT')
         arguments.append('PSA_ERROR_' + error)
+        for dep in not_deps:
+            tc.assumes_not_supported(dep)
         tc.set_arguments(arguments)
         return tc