From 3a61cd34a90d758262d63ecb01a0cc65d0abe90e Mon Sep 17 00:00:00 2001 From: Anderson Toshiyuki Sasaki Date: Tue, 30 Jul 2019 18:22:30 +0200 Subject: tests: Skip testing 1024 bits key generation in FIPS mode In torture_threads_pki_rsa, skip the test which generates 1024 bits RSA key pair when in FIPS mode. Signed-off-by: Anderson Toshiyuki Sasaki Reviewed-by: Andreas Schneider --- tests/unittests/torture_threads_pki_rsa.c | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/tests/unittests/torture_threads_pki_rsa.c b/tests/unittests/torture_threads_pki_rsa.c index 5a841ee9..03d526cd 100644 --- a/tests/unittests/torture_threads_pki_rsa.c +++ b/tests/unittests/torture_threads_pki_rsa.c @@ -571,23 +571,25 @@ static void *thread_pki_rsa_generate_key(void *threadid) session = ssh_new(); assert_non_null(session); - rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 1024, &key); - assert_ssh_return_code(session, rc); - assert_non_null(key); + if (!ssh_fips_mode()) { + rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 1024, &key); + assert_ssh_return_code(session, rc); + assert_non_null(key); - rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey); - assert_int_equal(rc, SSH_OK); - assert_non_null(pubkey); + rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey); + assert_int_equal(rc, SSH_OK); + assert_non_null(pubkey); - sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256); - assert_non_null(sign); + sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256); + assert_non_null(sign); - rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20); - assert_ssh_return_code(session, rc); + rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20); + assert_ssh_return_code(session, rc); - ssh_signature_free(sign); - SSH_KEY_FREE(key); - SSH_KEY_FREE(pubkey); + ssh_signature_free(sign); + SSH_KEY_FREE(key); + SSH_KEY_FREE(pubkey); + } rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 2048, &key); assert_ssh_return_code(session, rc); -- cgit v1.2.3