From 81dec0047f3aa9502fce8e54c754450c1f695b95 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Jan 2021 00:59:09 +0100 Subject: [PATCH] Remove classic crypto dependencies Don't remove cipher-related dependencies because the corresponding PSA_WANT_xxx dependencies are not implemented yet. Signed-off-by: Gilles Peskine --- tests/scripts/set_psa_test_dependencies.py | 72 ++++++++++++++++++++++ 1 file changed, 72 insertions(+) diff --git a/tests/scripts/set_psa_test_dependencies.py b/tests/scripts/set_psa_test_dependencies.py index e423ec5950..34084a7205 100755 --- a/tests/scripts/set_psa_test_dependencies.py +++ b/tests/scripts/set_psa_test_dependencies.py @@ -23,6 +23,78 @@ import re import sys CLASSIC_DEPENDENCIES = frozenset([ + # This list is manually filtered from config.h. + + # Mbed TLS feature support. + # Only features that affect what can be done are listed here. + # Options that control optimizations or alternative implementations + # are omitted. + #cipher#'MBEDTLS_CIPHER_MODE_CBC', + #cipher#'MBEDTLS_CIPHER_MODE_CFB', + #cipher#'MBEDTLS_CIPHER_MODE_CTR', + #cipher#'MBEDTLS_CIPHER_MODE_OFB', + #cipher#'MBEDTLS_CIPHER_MODE_XTS', + #cipher#'MBEDTLS_CIPHER_NULL_CIPHER', + #cipher#'MBEDTLS_CIPHER_PADDING_PKCS7', + #cipher#'MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS', + #cipher#'MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN', + #cipher#'MBEDTLS_CIPHER_PADDING_ZEROS', + #curve#'MBEDTLS_ECP_DP_SECP192R1_ENABLED', + #curve#'MBEDTLS_ECP_DP_SECP224R1_ENABLED', + #curve#'MBEDTLS_ECP_DP_SECP256R1_ENABLED', + #curve#'MBEDTLS_ECP_DP_SECP384R1_ENABLED', + #curve#'MBEDTLS_ECP_DP_SECP521R1_ENABLED', + #curve#'MBEDTLS_ECP_DP_SECP192K1_ENABLED', + #curve#'MBEDTLS_ECP_DP_SECP224K1_ENABLED', + #curve#'MBEDTLS_ECP_DP_SECP256K1_ENABLED', + #curve#'MBEDTLS_ECP_DP_BP256R1_ENABLED', + #curve#'MBEDTLS_ECP_DP_BP384R1_ENABLED', + #curve#'MBEDTLS_ECP_DP_BP512R1_ENABLED', + #curve#'MBEDTLS_ECP_DP_CURVE25519_ENABLED', + #curve#'MBEDTLS_ECP_DP_CURVE448_ENABLED', + 'MBEDTLS_ECDSA_DETERMINISTIC', + #'MBEDTLS_GENPRIME', #needed for RSA key generation + 'MBEDTLS_PKCS1_V15', + 'MBEDTLS_PKCS1_V21', + 'MBEDTLS_SHA512_NO_SHA384', + + # Mbed TLS modules. + # Only modules that provide cryptographic mechanisms are listed here. + # Platform, data formatting, X.509 or TLS modules are omitted. + #cipher#'MBEDTLS_AES_C', + #cipher#'MBEDTLS_ARC4_C', + 'MBEDTLS_BIGNUM_C', + #cipher#'MBEDTLS_BLOWFISH_C', + #cipher#'MBEDTLS_CAMELLIA_C', + #cipher#'MBEDTLS_ARIA_C', + #cipher#'MBEDTLS_CCM_C', + #cipher#'MBEDTLS_CHACHA20_C', + #cipher#'MBEDTLS_CHACHAPOLY_C', + #cipher#'MBEDTLS_CMAC_C', + 'MBEDTLS_CTR_DRBG_C', + #cipher#'MBEDTLS_DES_C', + 'MBEDTLS_DHM_C', + 'MBEDTLS_ECDH_C', + 'MBEDTLS_ECDSA_C', + 'MBEDTLS_ECJPAKE_C', + 'MBEDTLS_ECP_C', + 'MBEDTLS_ENTROPY_C', + #cipher#'MBEDTLS_GCM_C', + 'MBEDTLS_HKDF_C', + 'MBEDTLS_HMAC_DRBG_C', + #cipher#'MBEDTLS_NIST_KW_C', + 'MBEDTLS_MD2_C', + 'MBEDTLS_MD4_C', + 'MBEDTLS_MD5_C', + 'MBEDTLS_PKCS5_C', + 'MBEDTLS_PKCS12_C', + #cipher#'MBEDTLS_POLY1305_C', + #cipher#'MBEDTLS_RIPEMD160_C', + 'MBEDTLS_RSA_C', + 'MBEDTLS_SHA1_C', + 'MBEDTLS_SHA256_C', + 'MBEDTLS_SHA512_C', + 'MBEDTLS_XTEA_C', ]) def is_classic_dependency(dep):