test_pkey.rb: Refactor the test_ed25519 in FIPS.

junaruga · junaruga · commit ecc4d7f8295e · 2023-09-20T15:48:09.000+02:00
* Split the test in the FIPS case as another test.
* test/openssl/utils.rb: Add omit_on_fips method.
diff --git a/test/openssl/test_pkey.rb b/test/openssl/test_pkey.rb
@@ -82,6 +82,17 @@ def test_hmac_sign_verify
   end
 
   def test_ed25519
+    # Ed25519 is not FIPS-approved in OpenSSL 3.0 security policy documents.
+    # However, it's technically allowed in the OpenSSL 3.0 code.
+    #
+    # See OpenSSL providers/fips/fipsprov.c PROV_NAMES_ED25519 entries with
+    # FIPS_DEFAULT_PROPERTIES in OpenSSL 3.0 (openssl-3.0 branch) and
+    # FIPS_UNAPPROVED_PROPERTIES in OpenSSL 3.1 (openssl-3.1 branch).
+    #
+    # See https://github.com/openssl/openssl/issues/20758#issuecomment-1639658102
+    # for details.
+    omit_on_fips { openssl?(3, 1, 0, 0) }
+
     # Test vector from RFC 8032 Section 7.1 TEST 2
     priv_pem = <<~EOF
     -----BEGIN PRIVATE KEY-----
@@ -96,15 +107,11 @@ def test_ed25519
     begin
       priv = OpenSSL::PKey.read(priv_pem)
       pub = OpenSSL::PKey.read(pub_pem)
-    rescue OpenSSL::PKey::PKeyError
+    rescue OpenSSL::PKey::PKeyError => e
       # OpenSSL < 1.1.1
-      if !openssl?(1, 1, 1)
-        pend "Ed25519 is not implemented"
-      elsif OpenSSL.fips_mode && openssl?(3, 1, 0, 0)
-        # See OpenSSL providers/fips/fipsprov.c PROV_NAMES_ED25519 entries
-        # with FIPS_UNAPPROVED_PROPERTIES in OpenSSL 3.1+.
-        pend "Ed25519 is not approved in OpenSSL 3.1+ FIPS code"
-      end
+      pend "Ed25519 is not implemented" unless openssl?(1, 1, 1)
+
+      raise e
     end
     assert_instance_of OpenSSL::PKey::PKey, priv
     assert_instance_of OpenSSL::PKey::PKey, pub
@@ -145,6 +152,21 @@ def test_ed25519
     assert_raise(OpenSSL::PKey::PKeyError) { priv.derive(pub) }
   end
 
+  def test_ed25519_not_approved_on_fips
+    unless OpenSSL.fips_mode && openssl?(3, 1, 0, 0)
+      omit "Only for OpenSSL 3.1+ FIPS"
+    end
+
+    priv_pem = <<~EOF
+    -----BEGIN PRIVATE KEY-----
+    MC4CAQAwBQYDK2VwBCIEIEzNCJso/5banbbDRuwRTg9bijGfNaumJNqM9u1PuKb7
+    -----END PRIVATE KEY-----
+    EOF
+    assert_raise(OpenSSL::PKey::PKeyError) do
+      OpenSSL::PKey.read(priv_pem)
+    end
+  end
+
   def test_x25519
     # Test vector from RFC 7748 Section 6.1
     alice_pem = <<~EOF
diff --git a/test/openssl/utils.rb b/test/openssl/utils.rb
@@ -139,6 +139,22 @@ def teardown
     # OpenSSL error stack must be empty
     assert_equal([], OpenSSL.errors)
   end
+
+  # Omit the tests in FIPS.
+  #
+  # For example, the password based encryption used in the PEM format uses MD5
+  # for deriving the encryption key from the password, and MD5 is not
+  # FIPS-approved.
+  #
+  # See https://github.com/openssl/openssl/discussions/21830#discussioncomment-6865636
+  # for details.
+  def omit_on_fips(&filter_block)
+    filter_block ||= proc { true }
+
+    return unless OpenSSL.fips_mode && filter_block.call
+
+    omit 'An encryption used in the test is not FIPS-approved'
+  end
 end
 
 class OpenSSL::SSLTestCase < OpenSSL::TestCase
