From: Tomas Mraz <tomas@openssl.org>
Date: Mon, 4 Sep 2023 19:39:30 +0000 (+0200)
Subject: 04-test_encoder_decoder.t: Use algorithm that is non-fips also on 3.0.0
X-Git-Tag: openssl-3.2.0-alpha1~22
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=75ac8f04b78e9e1283b0402a791728ba2728e159;p=thirdparty%2Fopenssl.git

04-test_encoder_decoder.t: Use algorithm that is non-fips also on 3.0.0

The test encrypted RSA key with DES3 which is still
allowed in the 3.0 fips provider.

Instead use the traditional key format that uses MD5
to create the password based key. MD5 is disallowed
in the 3.0 fips provider.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/21957)
---

diff --git a/test/recipes/04-test_encoder_decoder.t b/test/recipes/04-test_encoder_decoder.t
index 817c95ee64a..56c7d6e714a 100644
--- a/test/recipes/04-test_encoder_decoder.t
+++ b/test/recipes/04-test_encoder_decoder.t
@@ -50,10 +50,10 @@ unless ($no_fips) {
 
     my $no_des = disabled("des");
 SKIP: {
-    skip "DES disabled", 2 if disabled("des");
-    ok(run(app([ 'openssl', 'genrsa', '-des3', '-out', 'epki.pem',
-                 '-passout', 'pass:pass' ])),
-       "rsa encrypt using a non fips algorithm");
+    skip "MD5 disabled", 2 if disabled("md5");
+    ok(run(app([ 'openssl', 'genrsa', '-aes128', '-out', 'epki.pem',
+                 '-traditional', '-passout', 'pass:pass' ])),
+       "rsa encrypted using a non fips algorithm MD5 in pbe");
 
     my $conf2 = srctop_file("test", "default-and-fips.cnf");
     ok(run(test(['decoder_propq_test', '-config', $conf2,