Fix the provider compatibility CI

Added missing fips version checks in rand_test.c and evprand.txt

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/24933)

diff --git a/test/rand_test.c b/test/rand_test.c
index cc0622cec6ca8552d404f0e11827dfa957ef2b6d..6d738cb242b691647f9131de636c6ffdee332a92 100644 (file)
--- a/test/rand_test.c
+++ b/test/rand_test.c
@@ -45,6 +45,10 @@ static int test_rand(void)
             || !TEST_mem_eq(outbuf, sizeof(outbuf), entropy2, sizeof(outbuf)))
         return 0;
 
+    if (fips_provider_version_lt(NULL, 3, 4, 0)) {
+        /* Skip the rest and pass the test */
+        return 1;
+    }
     /* Verify that the FIPS indicator can be read and is false */
     prov = EVP_RAND_get0_provider(EVP_RAND_CTX_get0_rand(privctx));
     if (prov != NULL
@@ -96,7 +100,8 @@ int setup_tests(void)
     if (!TEST_ptr(configfile = test_get_argument(0))
             || !TEST_true(RAND_set_DRBG_type(NULL, "TEST-RAND", "fips=no",
                                              NULL, NULL))
-            || !TEST_true(OSSL_LIB_CTX_load_config(NULL, configfile)))
+            || (fips_provider_version_ge(NULL, 3, 0, 8)
+                && !TEST_true(OSSL_LIB_CTX_load_config(NULL, configfile))))
         return 0;
 
     ADD_TEST(test_rand);

diff --git a/test/recipes/30-test_evp_data/evprand.txt b/test/recipes/30-test_evp_data/evprand.txt
index b4516f5e611274d2468aa056793541450a0beffc..3f00caf31f842ebdf30064dbbbe0023103c1c838 100644 (file)
--- a/test/recipes/30-test_evp_data/evprand.txt
+++ b/test/recipes/30-test_evp_data/evprand.txt
@@ -79779,12 +79779,14 @@ Output.14 = ee191dc6bef025e36302bb8ce0e6a949f7b0d2944b246fc52d68a20c3b2b787595ca
 
 Title = Test truncated Digests are not allowed in FIPS
 
+FIPSversion = >=3.1.0
 Availablein = fips
 RAND = HASH-DRBG
 Digest = SHA2-224
 GenerateBits = 16
 Result = EVP_RAND_CTX_set_params
 
+FIPSversion = >=3.1.0
 Availablein = fips
 RAND = HMAC-DRBG
 Digest = SHA2-384