mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-09 01:25:30 +00:00
Define WANT symbols for always-supported key types
PSA_KEY_TYPE_RAW_DATA and PSA_KEY_TYPE_DERIVE are always supported. Make this explicit by declaring PSA_WANT_KEY_TYPE_RAW_DATA and PSA_WANT_KEY_TYPE_DERIVE unconditionally. This makes it easier to infer dependencies in a systematic way. Don't generate not-supported test cases for those key types. They would always be skipped, which is noise and would make it impossible to eventually validate that all test cases pass in at least one configuration over the whole CI. Don't remove the exception in set_psa_test_dependencies.py for now, to get less noise in dependencies. This may be revised later if it is deemed more important to be systematic. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
7f756876b9
commit
60b29fea46
|
@ -533,6 +533,10 @@ extern "C" {
|
||||||
|
|
||||||
#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
|
#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
|
||||||
|
|
||||||
|
/* These features are always enabled. */
|
||||||
|
#define PSA_WANT_KEY_TYPE_DERIVE 1
|
||||||
|
#define PSA_WANT_KEY_TYPE_RAW_DATA 1
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -79,6 +79,7 @@
|
||||||
#define PSA_WANT_ALG_TLS12_PRF 1
|
#define PSA_WANT_ALG_TLS12_PRF 1
|
||||||
#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
|
#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
|
||||||
#define PSA_WANT_ALG_XTS 1
|
#define PSA_WANT_ALG_XTS 1
|
||||||
|
|
||||||
#define PSA_WANT_KEY_TYPE_DERIVE 1
|
#define PSA_WANT_KEY_TYPE_DERIVE 1
|
||||||
#define PSA_WANT_KEY_TYPE_HMAC 1
|
#define PSA_WANT_KEY_TYPE_HMAC 1
|
||||||
#define PSA_WANT_KEY_TYPE_AES 1
|
#define PSA_WANT_KEY_TYPE_AES 1
|
||||||
|
@ -88,6 +89,7 @@
|
||||||
#define PSA_WANT_KEY_TYPE_DES 1
|
#define PSA_WANT_KEY_TYPE_DES 1
|
||||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
|
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
|
||||||
#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
|
#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
|
||||||
|
#define PSA_WANT_KEY_TYPE_RAW_DATA 1
|
||||||
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
|
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
|
||||||
#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
|
#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
|
||||||
|
|
||||||
|
|
|
@ -119,8 +119,12 @@ class TestGenerator:
|
||||||
filename = os.path.join(self.test_suite_directory, basename + '.data')
|
filename = os.path.join(self.test_suite_directory, basename + '.data')
|
||||||
test_case.write_data_file(filename, test_cases)
|
test_case.write_data_file(filename, test_cases)
|
||||||
|
|
||||||
@staticmethod
|
ALWAYS_SUPPORTED = frozenset([
|
||||||
|
'PSA_KEY_TYPE_DERIVE',
|
||||||
|
'PSA_KEY_TYPE_RAW_DATA',
|
||||||
|
])
|
||||||
def test_cases_for_key_type_not_supported(
|
def test_cases_for_key_type_not_supported(
|
||||||
|
self,
|
||||||
kt: crypto_knowledge.KeyType,
|
kt: crypto_knowledge.KeyType,
|
||||||
param: Optional[int] = None,
|
param: Optional[int] = None,
|
||||||
param_descr: str = '',
|
param_descr: str = '',
|
||||||
|
@ -131,8 +135,9 @@ class TestGenerator:
|
||||||
parameter not being supported. If it is absent or None, emit test cases
|
parameter not being supported. If it is absent or None, emit test cases
|
||||||
conditioned on the base type not being supported.
|
conditioned on the base type not being supported.
|
||||||
"""
|
"""
|
||||||
if kt.name == 'PSA_KEY_TYPE_RAW_DATA':
|
if kt.name in self.ALWAYS_SUPPORTED:
|
||||||
# This key type is always supported.
|
# Don't generate test cases for key types that are always supported.
|
||||||
|
# They would be skipped in all configurations, which is noise.
|
||||||
return []
|
return []
|
||||||
import_dependencies = [('!' if param is None else '') +
|
import_dependencies = [('!' if param is None else '') +
|
||||||
psa_want_symbol(kt.name)]
|
psa_want_symbol(kt.name)]
|
||||||
|
|
|
@ -112,9 +112,9 @@ WITHOUT_SYSTEMATIC_DEPENDENCIES = frozenset([
|
||||||
'PSA_ALG_ANY_HASH', # only meaningful in policies
|
'PSA_ALG_ANY_HASH', # only meaningful in policies
|
||||||
'PSA_ALG_KEY_AGREEMENT', # only a way to combine algorithms
|
'PSA_ALG_KEY_AGREEMENT', # only a way to combine algorithms
|
||||||
'PSA_ALG_TRUNCATED_MAC', # only a modifier
|
'PSA_ALG_TRUNCATED_MAC', # only a modifier
|
||||||
'PSA_KEY_TYPE_NONE', # always supported
|
'PSA_KEY_TYPE_NONE', # not a real key type
|
||||||
'PSA_KEY_TYPE_DERIVE', # always supported
|
'PSA_KEY_TYPE_DERIVE', # always supported, don't list it to reduce noise
|
||||||
'PSA_KEY_TYPE_RAW_DATA', # always supported
|
'PSA_KEY_TYPE_RAW_DATA', # always supported, don't list it to reduce noise
|
||||||
|
|
||||||
# Not implemented yet: cipher-related key types and algorithms.
|
# Not implemented yet: cipher-related key types and algorithms.
|
||||||
# Manually extracted from crypto_values.h.
|
# Manually extracted from crypto_values.h.
|
||||||
|
|
|
@ -80,22 +80,6 @@ PSA generate CHACHA20 256-bit not supported
|
||||||
depends_on:!PSA_WANT_KEY_TYPE_CHACHA20
|
depends_on:!PSA_WANT_KEY_TYPE_CHACHA20
|
||||||
generate_not_supported:PSA_KEY_TYPE_CHACHA20:256
|
generate_not_supported:PSA_KEY_TYPE_CHACHA20:256
|
||||||
|
|
||||||
PSA import DERIVE 120-bit not supported
|
|
||||||
depends_on:!PSA_WANT_KEY_TYPE_DERIVE
|
|
||||||
import_not_supported:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174"
|
|
||||||
|
|
||||||
PSA generate DERIVE 120-bit not supported
|
|
||||||
depends_on:!PSA_WANT_KEY_TYPE_DERIVE
|
|
||||||
generate_not_supported:PSA_KEY_TYPE_DERIVE:120
|
|
||||||
|
|
||||||
PSA import DERIVE 128-bit not supported
|
|
||||||
depends_on:!PSA_WANT_KEY_TYPE_DERIVE
|
|
||||||
import_not_supported:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a064617461"
|
|
||||||
|
|
||||||
PSA generate DERIVE 128-bit not supported
|
|
||||||
depends_on:!PSA_WANT_KEY_TYPE_DERIVE
|
|
||||||
generate_not_supported:PSA_KEY_TYPE_DERIVE:128
|
|
||||||
|
|
||||||
PSA import DES 64-bit not supported
|
PSA import DES 64-bit not supported
|
||||||
depends_on:!PSA_WANT_KEY_TYPE_DES
|
depends_on:!PSA_WANT_KEY_TYPE_DES
|
||||||
import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901"
|
import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901"
|
||||||
|
|
Loading…
Reference in a new issue