Explain why DH and DSA are still explicitly excluded
If we don't exclude them from test case enumeration, then
detect_not_implemented_dependencies would cause the generated test cases to
be commented out, but the test case generation would fail before that
because asymmetric_key_data.py doesn't include DH and DSA keys.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py
index 58480fc..fe07149 100644
--- a/scripts/mbedtls_dev/psa_information.py
+++ b/scripts/mbedtls_dev/psa_information.py
@@ -65,8 +65,13 @@
def remove_unwanted_macros(
constructors: macro_collector.PSAMacroEnumerator
) -> None:
- # Mbed TLS doesn't support finite-field DH yet and will not support
- # finite-field DSA. Don't attempt to generate any related test case.
+ """Remove macros from consideration during value enumeration."""
+ # Remove some mechanisms that are declared but not implemented.
+ # The corresponding test cases would be commented out anyway
+ # thanks to the detect_not_implemented_dependencies mechanism,
+ # but for those particular key types, we don't even have enough
+ # support in the test scripts to construct test keys. So
+ # we arrange to not even attempt to generate test cases.
constructors.key_types.discard('PSA_KEY_TYPE_DH_KEY_PAIR')
constructors.key_types.discard('PSA_KEY_TYPE_DH_PUBLIC_KEY')
constructors.key_types.discard('PSA_KEY_TYPE_DSA_KEY_PAIR')