aboutsummaryrefslogtreecommitdiff
path: root/tests/unittests/torture_pki.c
diff options
context:
space:
mode:
authorAnderson Toshiyuki Sasaki <ansasaki@redhat.com>2019-06-05 15:30:00 +0200
committerAndreas Schneider <asn@cryptomilk.org>2019-06-13 16:29:32 +0200
commit9ef0b0b029859073b45ad33c8f1a7c9393053453 (patch)
tree6e651072bf0c52da4b1302a002467f089db8f6ed /tests/unittests/torture_pki.c
parent39c69893c7b147c8efcb43b5b6cc196c965b997c (diff)
downloadlibssh-9ef0b0b029859073b45ad33c8f1a7c9393053453.tar.gz
libssh-9ef0b0b029859073b45ad33c8f1a7c9393053453.tar.xz
libssh-9ef0b0b029859073b45ad33c8f1a7c9393053453.zip
tests/torture_pki: Skip some tests if in FIPS mode
Skip tests requiring algorithms not allowed in FIPS mode. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'tests/unittests/torture_pki.c')
-rw-r--r--tests/unittests/torture_pki.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/tests/unittests/torture_pki.c b/tests/unittests/torture_pki.c
index 97b08c7f..0e4ea1af 100644
--- a/tests/unittests/torture_pki.c
+++ b/tests/unittests/torture_pki.c
@@ -273,6 +273,16 @@ static void torture_pki_verify_mismatch(void **state)
hash <= SSH_DIGEST_SHA512;
hash++)
{
+ if (ssh_fips_mode()) {
+ if (sig_type == SSH_KEYTYPE_DSS ||
+ sig_type == SSH_KEYTYPE_ED25519 ||
+ hash == SSH_DIGEST_SHA1)
+ {
+ /* In FIPS mode, skip unsupported algorithms */
+ continue;
+ }
+ }
+
skey_attrs = key_attrs_list[sig_type][hash];
if (!skey_attrs.sign) {
@@ -332,6 +342,15 @@ static void torture_pki_verify_mismatch(void **state)
key_type <= SSH_KEYTYPE_ED25519_CERT01;
key_type++)
{
+ if (ssh_fips_mode()) {
+ if (key_type == SSH_KEYTYPE_DSS ||
+ key_type == SSH_KEYTYPE_ED25519)
+ {
+ /* In FIPS mode, skip unsupported algorithms */
+ continue;
+ }
+ }
+
vkey_attrs = key_attrs_list[key_type][hash];
if (!vkey_attrs.verify) {
continue;