Fix edge case with half-supported ECDSA: automatic test cases

gilles-peskine-arm · gilles-peskine-arm · commit 814196869328 · 2025-01-09T18:24:59.000+01:00
ECDSA has two variants: deterministic (PSA_ALG_DETERMINISTIC_ECDSA) and
randomized (PSA_ALG_ECDSA). The two variants are different for signature but
identical for verification. Mbed TLS accepts either variant as the algorithm
parameter for verification even when only the other variant is supported,
so we need to handle this as a special case when generating not-supported
test cases.

In this commit, suppress generated test cases for operation failures due to
unsupported ECDSA when exactly one of the two ECDSA variants is supported.
This edge case will only be tested manually (done in mbedtls or
TF-PSA-Crypto in the commit
"Fix edge case with half-supported ECDSA (manual test cases)").

Changes to the generated output: in
`test_suite_psa_crypto_op_fail.generated.data`, wherever one of
`!PSA_WANT_ALG_DETERMINISTIC_ECDSA` or `!PSA_WANT_ALG_ECDSA` appears as a
dependency, add the other one.

Signed-off-by: Gilles Peskine &lt;Gilles.Peskine@arm.com&gt;
diff --git a/scripts/generate_psa_tests.py b/scripts/generate_psa_tests.py
@@ -266,6 +266,21 @@ def make_test_case(
         if reason == self.Reason.NOT_SUPPORTED:
             assert not_supported is not None
             tc.assumes_not_supported(not_supported)
+            # Special case: if one of deterministic/randomized
+            # ECDSA is supported but not the other, then the one
+            # that is not supported in the signature direction is
+            # still supported in the verification direction,
+            # because the two verification algorithms are
+            # identical. This property is how Mbed TLS chooses to
+            # behave, the specification would also allow it to
+            # reject the algorithm. In the generated test cases,
+            # we avoid this difficulty by not running the
+            # not-supported test case when exactly one of the
+            # two variants is supported.
+            if not_supported == 'PSA_WANT_ALG_ECDSA':
+                tc.add_dependencies(['!PSA_WANT_ALG_DETERMINISTIC_ECDSA'])
+            if not_supported == 'PSA_WANT_ALG_DETERMINISTIC_ECDSA':
+                tc.add_dependencies(['!PSA_WANT_ALG_ECDSA'])
         tc.set_arguments(arguments)
         return tc
 
