From: Dmitry Eremin-Solenikov Date: Tue, 25 Dec 2018 11:43:56 +0000 (+0300) Subject: tests: cipher-openssl-compat: don't fail if OpenSSL doesn't provide cipher X-Git-Tag: gnutls_3_6_6~41^2~1 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=bfd036b31f2a47ae40e104b2ea1a0e095900cf52;p=thirdparty%2Fgnutls.git tests: cipher-openssl-compat: don't fail if OpenSSL doesn't provide cipher LibreSSL does not provide ChaCha20-Poly1305 through EVP_CIPHER interface, so let's skip the test if cipher is not available. Signed-off-by: Dmitry Eremin-Solenikov --- diff --git a/tests/slow/cipher-openssl-compat.c b/tests/slow/cipher-openssl-compat.c index c9b39d0261..a4cb3522df 100644 --- a/tests/slow/cipher-openssl-compat.c +++ b/tests/slow/cipher-openssl-compat.c @@ -38,6 +38,19 @@ static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher, success("cipher: %s\n", ocipher); + /* decrypt with openssl */ + evp_cipher = EVP_get_cipherbyname(ocipher); + if (!evp_cipher) { + /* XXX: fix version check later when LibreSSL fixes support for aes-ccm and chacha20-poly1305 */ +#ifdef LIBRESSL_VERSION_NUMBER + fprintf(stderr, "EVP_get_cipherbyname failed for %s\n", ocipher); + return -1; +#else + /* OpenSSL should always work! */ + fail("EVP_get_cipherbyname failed for %s\n", ocipher); +#endif + } + for (i = 0; i < 32; i++) { /* try with multiple keys and nonces */ assert(gnutls_rnd (GNUTLS_RND_NONCE, orig_plain_data, @@ -88,11 +101,6 @@ static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher, gnutls_aead_cipher_deinit(hd); - /* decrypt with openssl */ - evp_cipher = EVP_get_cipherbyname(ocipher); - if (!evp_cipher) - fail("EVP_get_cipherbyname failed for %s\n", ocipher); - ctx = EVP_CIPHER_CTX_new(); #if OPENSSL_VERSION_NUMBER >= 0x10100000L