commit c113b42fc19983b12ac0392612a1e41e587a7b38
author Gilles Peskine <Gilles.Peskine@arm.com> Wed Apr 10 16:27:19 2024 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Thu Apr 11 22:00:54 2024 +0200
tree a6fca69ad18a67db93fab65c12ee9b9baac72d17
parent c7b58d53fc2cdae5cf26834e8623389c88353756

hack_dependencies_not_implemented: Also read inferred PSA_WANT symbols

To determine PSA mechanisms that are not implemented, also read PSA_WANT
symbols that cannot (or are not intended to) be configured independently,
and thus are not listed in psa/crypto_config.h. Find those symbols in
the config adjustment header mbedtls/config_psa.h.

No impact on generated files yet, because hack_dependencies_not_implemented
is currently only used on key types that have explicit dependencies. This
will allow using hack_dependencies_not_implemented in other places, for
example to handle algorithm variants like PSA_WANT_ALG_ECDSA_ANY which is
inferred from PSA_WANT_ALG_ECDSA.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

scripts/mbedtls_dev/psa_information.py

diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py
index 5f62606..4ec0695 100644
--- a/scripts/mbedtls_dev/psa_information.py
+++ b/scripts/mbedtls_dev/psa_information.py
@@ -70,6 +70,8 @@
     if _implemented_dependencies is None:
         _implemented_dependencies = \
             read_implemented_dependencies('include/psa/crypto_config.h')
+        _implemented_dependencies = _implemented_dependencies.union(
+            read_implemented_dependencies('include/mbedtls/config_psa.h'))
     for dep in dependencies:
         dep = dep.lstrip('!')
         if dep.startswith('PSA_WANT') and dep not in _implemented_dependencies: