diff --git a/tests/unittests/torture_crypto.c b/tests/unittests/torture_crypto.c index 102b2594..3f84e19c 100644 --- a/tests/unittests/torture_crypto.c +++ b/tests/unittests/torture_crypto.c @@ -156,6 +156,11 @@ static void torture_crypto_chacha20poly1305(void **state) int rc; (void)state; + /* Chacha20-poly1305 is not FIPS-allowed cipher */ + if (ssh_fips_mode()) { + skip(); + } + assert_int_equal(sizeof(output), sizeof(chacha20poly1305_encrypted)); in_length = htonl(sizeof(chacha20poly1305_cleartext)); @@ -214,6 +219,11 @@ static void torture_crypto_chacha20poly1305_bad_packet_length(void **state) int rc; (void)state; + /* Chacha20-poly1305 is not FIPS-allowed cipher */ + if (ssh_fips_mode()) { + skip(); + } + /* Test corrupted packet length */ memcpy(encrypted_bad, chacha20poly1305_encrypted, sizeof(encrypted_bad)); encrypted_bad[1] ^= 1; @@ -245,6 +255,11 @@ static void torture_crypto_chacha20poly1305_bad_data(void **state) int rc; (void)state; + /* Chacha20-poly1305 is not FIPS-allowed cipher */ + if (ssh_fips_mode()) { + skip(); + } + /* Test corrupted data */ memcpy(encrypted_bad, chacha20poly1305_encrypted, sizeof(encrypted_bad)); encrypted_bad[100] ^= 1; @@ -276,6 +291,11 @@ static void torture_crypto_chacha20poly1305_bad_tag(void **state) int rc; (void)state; + /* Chacha20-poly1305 is not FIPS-allowed cipher */ + if (ssh_fips_mode()) { + skip(); + } + /* Test corrupted tag */ assert_int_equal(sizeof(encrypted_bad), sizeof(chacha20poly1305_encrypted)); memcpy(encrypted_bad, chacha20poly1305_encrypted, sizeof(encrypted_bad)); diff --git a/tests/unittests/torture_packet.c b/tests/unittests/torture_packet.c index 922c8325..130ddad0 100644 --- a/tests/unittests/torture_packet.c +++ b/tests/unittests/torture_packet.c @@ -260,6 +260,12 @@ static void torture_packet_chacha20(void **state) { int i; (void)state; /* unused */ + + /* Chacha20-poly1305 is not FIPS-allowed cipher */ + if (ssh_fips_mode()) { + skip(); + } + for (i=1;i<256;++i){ torture_packet("chacha20-poly1305@openssh.com", "none", "none", i); }