Page MenuHome GnuPG
Create Task
Maniphest T6048

Test suite fixes with --enable-pubkey-ciphers=ecc
Closed, ResolvedPublic
Actions

Description

This patch series fixes the issues caused by --enable-pubkey-ciphers=ecc (and hopefully also fixes the use of ECC without a proper #if or runtime check).

Details

External Link
https://lists.gnupg.org/pipermail/gcrypt-devel/2022-June/005332.html

Revisions and Commits

rC libgcrypt
rC9d6203532d90 tests/basic: Skip non-FIPS tests in FIPS mode
rCc5480b4934bb fips: Skip selftests of unsupported PK algos
rC572b0bf9668d tests/keygen.c: Skip unavailable PK algorithms
rC56000fb5c42f build: Skip PK-specific tests if algo is disabled
rC78c0d76f8092 tests/benchmark: Skip unavailable PK algorithms
rCe78cf3df23a2 tests/basic: Skip tests if PK algo is unavailable
rC4f4da6cbf065 tests/pubkey: Skip tests if PK algo is unavailable
rC96fafffeeba5 kdf: Skip tests if hash algo is not available

Related Objects

Event Timeline

gniibe claimed this task.Jun 29 2022, 9:58 AM
gniibe triaged this task as Normal priority.
gniibe created this task.
gniibe added a project: libgcrypt.Jul 1 2022, 8:52 AM
gniibe added a project: FIPS.Jul 1 2022, 9:13 AM

The last patch is related to FIPS, so, I add the FIPS tag.

gniibe added a project: Restricted Project.Jul 1 2022, 9:16 AM

Applied and pushed.

gniibe added a subscriber: neverpanic.Jul 1 2022, 9:16 AM
gniibe added a commit: rC96fafffeeba5: kdf: Skip tests if hash algo is not available.Jul 1 2022, 9:22 AM
gniibe added a commit: rC4f4da6cbf065: tests/pubkey: Skip tests if PK algo is unavailable.
gniibe added a commit: rCe78cf3df23a2: tests/basic: Skip tests if PK algo is unavailable.
gniibe added a commit: rC78c0d76f8092: tests/benchmark: Skip unavailable PK algorithms.
gniibe added a commit: rC572b0bf9668d: tests/keygen.c: Skip unavailable PK algorithms.
gniibe added a commit: rC56000fb5c42f: build: Skip PK-specific tests if algo is disabled.
gniibe added a commit: rCc5480b4934bb: fips: Skip selftests of unsupported PK algos.
neverpanic added a comment.Jul 5 2022, 5:34 PM

Here's another one related to this: https://lists.gnupg.org/pipermail/gcrypt-devel/2022-July/005344.html

Turns out I should also have tested in FIPS mode. This particular one seems to be a regression from e96980022e5ec079c9d4e3492eb6a1131c68e0f2, which moved the continue into the else branch.

gniibe added a commit: rC9d6203532d90: tests/basic: Skip non-FIPS tests in FIPS mode.Jul 6 2022, 2:20 AM
gniibe added a comment.Jul 6 2022, 7:56 AM

Thanks. Applied. Also, fixed about a warning for ChaCha20.

gniibe moved this task from Backlog to Next on the FIPS board.Jul 12 2022, 12:18 PM
gniibe moved this task from Next to Ready for release on the FIPS board.Aug 30 2022, 7:33 AM
werner changed the task status from Open to Testing.Sep 22 2022, 10:54 AM
werner removed a project: Restricted Project.
gniibe closed this task as Resolved.Apr 13 2023, 3:21 AM