gh-130149: fix HMAC tests for some FIPS-only build bots (#130788)

Skips some HMAC tests for some FIPS-only build bots that do not have the underlying hash functions.

diff --git a/Lib/test/test_hmac.py b/Lib/test/test_hmac.py
index 982a5c53e0f3241c7c37d1ae1e94b4c7fd8fbf5f..c8c806dc1baf8bf969157ecc43d7836ff3ae2e5b 100644 (file)
--- a/Lib/test/test_hmac.py
+++ b/Lib/test/test_hmac.py
@@ -566,32 +566,52 @@ class RFCTestCasesMixin(TestVectorsMixin):
             cache.pop('foo')
 
 
-class PyRFCTestCase(PyTestVectorsMixin, ThroughObjectMixin,
-                    RFCTestCasesMixin, unittest.TestCase):
-    """Python implementation of HMAC using hmac.HMAC()."""
-
-
-class PyDotNewRFCTestCase(PyTestVectorsMixin, ThroughModuleAPIMixin,
-                          RFCTestCasesMixin, unittest.TestCase):
-    """Python implementation of HMAC using hmac.new()."""
-
-
-@hashlib_helper.requires_hashlib()
-class OpenSSLRFCTestCase(OpenSSLTestVectorsMixin, RFCTestCasesMixin,
-                         unittest.TestCase):
-    """OpenSSL implementation of HMAC."""
+class RFCWithOpenSSLHashFunctionTestCasesMixin(RFCTestCasesMixin):
 
     def __init_subclass__(cls, *args, **kwargs):
         super().__init_subclass__(*args, **kwargs)
 
         for name in cls.ALGORITHMS:
             @property
+            @hashlib_helper.requires_hashlib()
             @hashlib_helper.requires_hashdigest(name, openssl=True)
             def func(self, *, __name=name):  # __name needed to bind 'name'
                 return getattr(_hashlib, f'openssl_{__name}')
             setattr(cls, name, func)
 
 
+class PyRFCTestCase(PyTestVectorsMixin, ThroughObjectMixin,
+                    RFCWithOpenSSLHashFunctionTestCasesMixin,
+                    unittest.TestCase):
+    """Python implementation of HMAC using hmac.HMAC().
+
+    The underlying hash functions are OpenSSL-based.
+    """
+
+
+class PyDotNewRFCTestCase(PyTestVectorsMixin, ThroughModuleAPIMixin,
+                          RFCWithOpenSSLHashFunctionTestCasesMixin,
+                          unittest.TestCase):
+    """Python implementation of HMAC using hmac.new().
+
+    The underlying hash functions are OpenSSL-based.
+    """
+
+
+class OpenSSLRFCTestCase(OpenSSLTestVectorsMixin,
+                         RFCWithOpenSSLHashFunctionTestCasesMixin,
+                         unittest.TestCase):
+    """OpenSSL implementation of HMAC.
+
+    The underlying hash functions are also OpenSSL-based."""
+
+
+# TODO(picnixz): once we have a HACL* HMAC, we should also test the Python
+# implementation of HMAC with a HACL*-based hash function. For now, we only
+# test it partially via the '_sha2' module, but for completeness we could
+# also test the RFC test vectors against all possible implementations.
+
+
 class DigestModTestCaseMixin(CreatorMixin, DigestMixin):
     """Tests for the 'digestmod' parameter."""