Reject block cipher modes that are not implemented in Mbed TLS Mbed TLS doesn't support certain block cipher mode combinations. This limitation should probably be lifted, but for now, test them as unsupported. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

commit: 7095d47749cc043a9ac11966449fd72a2ae465e0 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Sat Mar 19 10:49:43 2022 +0100
committer: Gilles Peskine <Gilles.Peskine@arm.com> Fri Apr 15 11:10:14 2022 +0200
tree: 30d9689346bb9cfdcdbd2b40544aef8d2983dff4
parent: e3a0890e4f5b1122ee68063035c827e340d715e2 [diff] [blame]
diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py
index 7d2e755..55eb54d 100644
--- a/scripts/mbedtls_dev/crypto_knowledge.py
+++ b/scripts/mbedtls_dev/crypto_knowledge.py

@@ -230,6 +230,9 @@
            alg.head in frozenset.union(BLOCK_MAC_MODES,
                                        BLOCK_CIPHER_MODES,
                                        BLOCK_AEAD_MODES):
+            if alg.head in ['CMAC', 'OFB'] and \
+               self.head in ['ARIA', 'CAMELLIA']:
+                return False # not implemented in Mbed TLS
             return True
         if self.head == 'CHACHA20' and alg.head == 'CHACHA20_POLY1305':
             return True
commit	7095d47749cc043a9ac11966449fd72a2ae465e0	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Sat Mar 19 10:49:43 2022 +0100
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Fri Apr 15 11:10:14 2022 +0200
tree	30d9689346bb9cfdcdbd2b40544aef8d2983dff4
parent	e3a0890e4f5b1122ee68063035c827e340d715e2 [diff] [blame]