libssh/SOURCES/libssh-0.9.0-skip-1k-rsa-key-generation-test.patch

From bf2ed2ca929e5e12279f85c930f8fbb452ada888 Mon Sep 17 00:00:00 2001
From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Tue, 30 Jul 2019 18:22:30 +0200
Subject: [PATCH] tests: Skip testing 1024 bits key generation in FIPS mode

In torture_threads_pki_rsa, skip the test which generates 1024 bits RSA
key pair when in FIPS mode.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
---
 tests/unittests/torture_threads_pki_rsa.c | 28 ++++++++++++-----------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/tests/unittests/torture_threads_pki_rsa.c b/tests/unittests/torture_threads_pki_rsa.c
index 5a841ee9..03d526cd 100644
--- a/tests/unittests/torture_threads_pki_rsa.c
+++ b/tests/unittests/torture_threads_pki_rsa.c
@@ -571,23 +571,25 @@ static void *thread_pki_rsa_generate_key(void *threadid)
     session = ssh_new();
     assert_non_null(session);
 
-    rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 1024, &key);
-    assert_ssh_return_code(session, rc);
-    assert_non_null(key);
+    if (!ssh_fips_mode()) {
+        rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 1024, &key);
+        assert_ssh_return_code(session, rc);
+        assert_non_null(key);
 
-    rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
-    assert_int_equal(rc, SSH_OK);
-    assert_non_null(pubkey);
+        rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
+        assert_int_equal(rc, SSH_OK);
+        assert_non_null(pubkey);
 
-    sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);
-    assert_non_null(sign);
+        sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);
+        assert_non_null(sign);
 
-    rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
-    assert_ssh_return_code(session, rc);
+        rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
+        assert_ssh_return_code(session, rc);
 
-    ssh_signature_free(sign);
-    SSH_KEY_FREE(key);
-    SSH_KEY_FREE(pubkey);
+        ssh_signature_free(sign);
+        SSH_KEY_FREE(key);
+        SSH_KEY_FREE(pubkey);
+    }
 
     rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 2048, &key);
     assert_ssh_return_code(session, rc);
-- 
2.21.0
import libssh-0.9.0-4.el8 2019-11-05 21:29:41 +00:00			`From bf2ed2ca929e5e12279f85c930f8fbb452ada888 Mon Sep 17 00:00:00 2001`
			`From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>`
			`Date: Tue, 30 Jul 2019 18:22:30 +0200`
			`Subject: [PATCH] tests: Skip testing 1024 bits key generation in FIPS mode`

			`In torture_threads_pki_rsa, skip the test which generates 1024 bits RSA`
			`key pair when in FIPS mode.`

			`Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>`
			`---`
			`tests/unittests/torture_threads_pki_rsa.c \| 28 ++++++++++++-----------`
			`1 file changed, 15 insertions(+), 13 deletions(-)`

			`diff --git a/tests/unittests/torture_threads_pki_rsa.c b/tests/unittests/torture_threads_pki_rsa.c`
			`index 5a841ee9..03d526cd 100644`
			`--- a/tests/unittests/torture_threads_pki_rsa.c`
			`+++ b/tests/unittests/torture_threads_pki_rsa.c`
			`@@ -571,23 +571,25 @@ static void thread_pki_rsa_generate_key(void threadid)`
			`session = ssh_new();`
			`assert_non_null(session);`

			`- rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 1024, &key);`
			`- assert_ssh_return_code(session, rc);`
			`- assert_non_null(key);`
			`+ if (!ssh_fips_mode()) {`
			`+ rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 1024, &key);`
			`+ assert_ssh_return_code(session, rc);`
			`+ assert_non_null(key);`

			`- rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);`
			`- assert_int_equal(rc, SSH_OK);`
			`- assert_non_null(pubkey);`
			`+ rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);`
			`+ assert_int_equal(rc, SSH_OK);`
			`+ assert_non_null(pubkey);`

			`- sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);`
			`- assert_non_null(sign);`
			`+ sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);`
			`+ assert_non_null(sign);`

			`- rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);`
			`- assert_ssh_return_code(session, rc);`
			`+ rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);`
			`+ assert_ssh_return_code(session, rc);`

			`- ssh_signature_free(sign);`
			`- SSH_KEY_FREE(key);`
			`- SSH_KEY_FREE(pubkey);`
			`+ ssh_signature_free(sign);`
			`+ SSH_KEY_FREE(key);`
			`+ SSH_KEY_FREE(pubkey);`
			`+ }`

			`rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 2048, &key);`
			`assert_ssh_return_code(session, rc);`
			`--`
			`2.21.0`