tests: cipher-openssl-compat: don't fail if OpenSSL doesn't provide cipher

LibreSSL does not provide ChaCha20-Poly1305 through EVP_CIPHER
interface, so let's skip the test if cipher is not available.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

diff --git a/tests/slow/cipher-openssl-compat.c b/tests/slow/cipher-openssl-compat.c
index c9b39d026162d6fbbb21eb2a3028844cc777459b..a4cb3522df67dafa40c6b5e2290d4e1a81bdd70b 100644 (file)
--- a/tests/slow/cipher-openssl-compat.c
+++ b/tests/slow/cipher-openssl-compat.c
@@ -38,6 +38,19 @@ static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher,
 
        success("cipher: %s\n", ocipher);
 
+       /* decrypt with openssl */
+       evp_cipher = EVP_get_cipherbyname(ocipher);
+       if (!evp_cipher) {
+               /* XXX: fix version check later when LibreSSL fixes support for aes-ccm and chacha20-poly1305 */
+#ifdef LIBRESSL_VERSION_NUMBER
+               fprintf(stderr, "EVP_get_cipherbyname failed for %s\n", ocipher);
+               return -1;
+#else
+               /* OpenSSL should always work! */
+               fail("EVP_get_cipherbyname failed for %s\n", ocipher);
+#endif
+       }
+
        for (i = 0; i < 32; i++) {      /* try with multiple keys and nonces */
                assert(gnutls_rnd
                       (GNUTLS_RND_NONCE, orig_plain_data,
@@ -88,11 +101,6 @@ static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher,
 
                gnutls_aead_cipher_deinit(hd);
 
-               /* decrypt with openssl */
-               evp_cipher = EVP_get_cipherbyname(ocipher);
-               if (!evp_cipher)
-                       fail("EVP_get_cipherbyname failed for %s\n", ocipher);
-
                ctx = EVP_CIPHER_CTX_new();
 
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L