Closed gilles-peskine-arm closed 1 year ago
Can reproduce with https://github.com/Mbed-TLS/mbedtls/commit/a745c7d4398b22ceae1ce21bfbcb2fa2f7fab4d3, but cannot reproduce with development - looks like this has been fixed.
Note: I also had to unset PSA_WANT_KEY_TYPE_HMAC
to reproduce, i.e.
mtest MBEDTLS_PSA_CRYPTO_C MBEDTLS_PSA_CRYPTO_CONFIG MBEDTLS_AES_C MBEDTLS_CTR_DRBG_C MBEDTLS_ENTROPY_C PSA_WANT_ALG_SHA_224 PSA_WANT_ALG_SHA_256 PSA_WANT_KEY_TYPE_ECC_KEYPAIR PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY PSA_WANT_ECC_SECP_R1_256 PSA_WANT_ALG_ECDSA -PSA_WANT_KEY_TYPE_HMAC test_suite_psa_crypto test_suite_psa_crypto_not_supported.generated
If PSA is compiled without support for HMAC keys, it still accepts creating them, which causes
test_suite_psa_crypto_not_supported.generated
to fail. See also https://github.com/Mbed-TLS/mbedtls/pull/5783#discussion_r864813228.There is no product bug, and not even useless code (HMAC keys are just a bunch of bytes with no special handling). But it's annoying that the unit tests fail.
To reproduce:
Failing tests from
test_suite_psa_crypto_not_supported.generated
as of a745c7d4398b22ceae1ce21bfbcb2fa2f7fab4d3:In this configuration, there's also a unused-variable warning, and in
test_suite_psa_crypto
there's one failing test case due to an incorrect dependency: