OpFail: only consider categories in which at least one algorithm is supported

Addresses https://github.com/Mbed-TLS/mbedtls-framework/issues/264
but perhaps not in the best way.

Keep an exception for PAKE, for which we already have algorithm
support (`PSA_ALG_JPAKE`) but no `pake_fail` function.
https://github.com/Mbed-TLS/mbedtls-framework/issues/263

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

scripts/generate_psa_tests.py

@@ -356,10 +356,14 @@ class OpFail:
         algorithms = [crypto_knowledge.Algorithm(alg)
                       for alg in self.constructors.generate_expressions(
                           algorithm_constructors)]
-        categories = [
-            cat for cat in crypto_knowledge.AlgorithmCategory
-            if cat != crypto_knowledge.AlgorithmCategory.PAKE # not implemented yet
-        ]
+        supported_categories = set()
+        for alg in algorithms:
+            supported_categories.add(alg.category)
+        # We don't have a pake_fail test function yet.
+        # https://github.com/Mbed-TLS/mbedtls-framework/issues/263
+        supported_categories.remove(crypto_knowledge.AlgorithmCategory.PAKE)
+        categories = sorted(supported_categories, key=lambda cat: cat.value)
+        assert categories # sanity check: at least one category detected
         for alg in algorithms:
             yield from self.test_cases_for_algorithm(alg, categories)