From: Pauli <ppzgs1@gmail.com>
Date: Thu, 1 Aug 2024 03:45:27 +0000 (+1000)
Subject: cms: fix tests in light of PKCS#1 version 1.5 padding check
X-Git-Tag: openssl-3.4.0-alpha1~201
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=29a0f0403f9b678bb921e37f6ebaf16f8d467dcf;p=thirdparty%2Fopenssl.git

cms: fix tests in light of PKCS#1 version 1.5 padding check

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25070)
---

diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t
index c103b3055a0..dc30fe53c3b 100644
--- a/test/recipes/80-test_cms.t
+++ b/test/recipes/80-test_cms.t
@@ -25,6 +25,7 @@ use lib srctop_dir('Configurations');
 use lib bldtop_dir('.');
 
 my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
+my $old_fips = 0;
 
 plan skip_all => "CMS is not supported by this OpenSSL build"
     if disabled("cms");
@@ -63,6 +64,7 @@ unless ($no_fips) {
     run(test(["fips_version_test", "-config", $provconf, "<3.4.0"]),
     capture => 1, statusvar => \$dsaallow);
     $no_dsa = 1 if $dsaallow == '0';
+    $old_fips = 1 if $dsaallow != '0';
 }
 
 $ENV{OPENSSL_TEST_LIBCTX} = "1";
@@ -241,19 +243,23 @@ my @smime_pkcs7_tests = (
       \&final_compare
     ],
 
-    [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
-      [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
-        "-aes256", "-stream", "-out", "{output}.cms",
-        $smrsa1,
-        catfile($smdir, "smrsa2.pem"),
-        catfile($smdir, "smrsa3.pem") ],
-      [ "{cmd2}", @prov, "-decrypt", "-recip", $smrsa1,
-        "-in", "{output}.cms", "-out", "{output}.txt" ],
-      \&final_compare
-    ],
-
 );
 
+if ($no_fips || $old_fips) {
+    push(@smime_pkcs7_tests,
+         [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
+           [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
+             "-aes256", "-stream", "-out", "{output}.cms",
+             $smrsa1,
+             catfile($smdir, "smrsa2.pem"),
+             catfile($smdir, "smrsa3.pem") ],
+           [ "{cmd2}", @prov, "-decrypt", "-recip", $smrsa1,
+             "-in", "{output}.cms", "-out", "{output}.txt" ],
+           \&final_compare
+         ]
+    );
+}
+
 my @smime_cms_tests = (
 
     [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",