tests/ktls: skip CHACHA20-POLY1305 in FIPS mode

Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

diff --git a/tests/gnutls_ktls.c b/tests/gnutls_ktls.c
index ccbe566386f64c18b7a95f60305916434360d798..90d3e9af91a0d131a9caa711c4ce7ca0bdf47884 100644 (file)
--- a/tests/gnutls_ktls.c
+++ b/tests/gnutls_ktls.c
@@ -347,10 +347,14 @@ void doit(void)
 {
        run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+AES-128-GCM");
        run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+AES-256-GCM");
-       run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+CHACHA20-POLY1305");
+       if (!gnutls_fips140_mode_enabled()) {
+               run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+CHACHA20-POLY1305");
+       }
        run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM");
        run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM");
-       run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+CHACHA20-POLY1305");
+       if (!gnutls_fips140_mode_enabled()) {
+               run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+CHACHA20-POLY1305");
+       }
 #if defined(__linux__)
        run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+AES-128-CCM");
        run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-CCM");