From 91d88c300104c66ec14bc3d570c2569ff30158ae Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Fri, 18 Aug 2017 13:56:04 +0200 Subject: gnutls-cli-debug: do not run non-FIPS cipher tests when in FIPS mode Signed-off-by: Nikos Mavrogiannopoulos --- src/tests.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/src/tests.c b/src/tests.c index 92c1bd20c4..c39cae1353 100644 --- a/src/tests.c +++ b/src/tests.c @@ -676,11 +676,15 @@ test_code_t test_camellia_cbc(gnutls_session_t session) { int ret; + if (gnutls_fips140_mode_enabled()) + return TEST_IGNORE; + sprintf(prio_str, INIT_STR "+CAMELLIA-128-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":%s", protocol_str, rest); _gnutls_priority_set_direct(session, prio_str); + gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred); ret = do_handshake(session); @@ -691,6 +695,9 @@ test_code_t test_camellia_gcm(gnutls_session_t session) { int ret; + if (gnutls_fips140_mode_enabled()) + return TEST_IGNORE; + sprintf(prio_str, INIT_STR "+CAMELLIA-128-GCM:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":%s", protocol_str, rest); @@ -746,6 +753,9 @@ test_code_t test_md5(gnutls_session_t session) { int ret; + if (gnutls_fips140_mode_enabled()) + return TEST_IGNORE; + sprintf(prio_str, INIT_STR "+AES-128-CBC:" ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:+MD5:" ALL_KX ":%s", protocol_str, @@ -823,6 +833,9 @@ test_code_t test_arcfour(gnutls_session_t session) { int ret; + if (gnutls_fips140_mode_enabled()) + return TEST_IGNORE; + sprintf(prio_str, INIT_STR "+ARCFOUR-128:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":%s", protocol_str, rest); @@ -837,6 +850,9 @@ test_code_t test_chacha20(gnutls_session_t session) { int ret; + if (gnutls_fips140_mode_enabled()) + return TEST_IGNORE; + sprintf(prio_str, INIT_STR "+CHACHA20-POLY1305:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":%s", protocol_str, rest); -- cgit v1.2.1