[LTP] [PATCH 2/2] keyctl05: TCONF on FIPS mode
Cyril Hrubis
chrubis@suse.cz
Fri Feb 12 17:02:23 CET 2021
Hi!
> + int is_asymmetric = !strcmp(type, "asymmetric");
> +
> TEST(add_key(type, "desc", payload, plen, KEY_SPEC_SESSION_KEYRING));
> if (TST_RET < 0) {
> + if (TST_ERR == EINVAL && is_asymmetric && tst_fips_enabled()) {
^
I guess that
we can save
the value in
test setup
instead of
re-reading it
on every
iteration.
Other than that it looks good to me.
Reviewed-by: Cyril Hrubis <chrubis@suse.cz>
> + tst_res(TCONF, "key size not allowed in FIPS mode");
> + return;
> + }
> if (TST_ERR == ENODEV) {
> tst_res(TCONF, "kernel doesn't support key type '%s'",
> type);
> return;
> }
> - if (TST_ERR == EBADMSG && !strcmp(type, "asymmetric")) {
> + if (TST_ERR == EBADMSG && is_asymmetric) {
> tst_res(TCONF, "kernel is missing x509 cert parser "
> "(CONFIG_X509_CERTIFICATE_PARSER)");
> return;
> }
> - if (TST_ERR == ENOENT && !strcmp(type, "asymmetric")) {
> + if (TST_ERR == ENOENT && is_asymmetric) {
> tst_res(TCONF, "kernel is missing crypto algorithms "
> "needed to parse x509 cert (CONFIG_CRYPTO_RSA "
> "and/or CONFIG_CRYPTO_SHA256)");
> --
> 2.30.0
>
>
> --
> Mailing list info: https://lists.linux.it/listinfo/ltp
--
Cyril Hrubis
chrubis@suse.cz
More information about the ltp
mailing list