mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-06 19:13:37 +00:00
bc3f917fb3
Don't list mechanisms that are not implemented in `include/psa/crypto_config.h`, even commented out. Uncommenting them wouldn't help anyway: they don't work. Having them listed, even commented out, causes `find_dependencies_not_implemented()` in `psa_test_case.py` to consider those mechanisms to be implemented, and thus causes `generate_psa_tests.py` to generate test cases that cannot be executed. The affected mechanisms are: * `PSA_ALG_CBC_MAC` (`PSA_WANT_ALG_CBC_MAC`) * `PSA_ALG_XTS` (`PSA_WANT_ALG_XTS`) * `PSA_ECC_FAMILY_SECP_K1` 224-bit (`PSA_WANT_ECC_SECP_K1_224`) Also remove the affected mechanisms from configuration adjustment files, since that is code that can never be triggered. There were already no generated test cases for SECP224K1 because `PSA_WANT_ECC_SECP_K1_224` was already detected as a dependency that cannot be implemented, because that is not a valid size: PSA defines SECP224K1 as 225-bit, and `crypto_knowledge.py` follows suite, so `generate_psa_tests.py` saw `PSA_WANT_ECC_SECP_K1_225` in its enumeration but skipped it because it was never mentioned in `crypto_config.h`. This causes generated PSA tests to no longer include positive test cases for `PSA_ALG_CBC_MAC` and `PSA_ALG_XTS`. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>