[gnutls-devel] GnuTLS | Disable some tests in fips mode (!1536)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Thu Feb 17 12:25:25 CET 2022

Daiki Ueno started a new discussion on tests/pkcs11/pkcs11-eddsa-privkey-test.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1536#note_846250261

>  #include "../utils.h"
>  #include "softhsm.h"
> +#ifdef ENABLE_FIPS140

`ENABLE_FIPS140` is a build time check so the library has support for FIPS140 mode, which can be toggled in many ways (e.g., kernel FIPS setting, GNUTLS_FORCE_FIPS_MODE envvar, etc). It would be better to use `gnutls_fips140_mode_enabled` and defer the check to the run time.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1536#note_846250261
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220217/8fe92d27/attachment.html>

More information about the Gnutls-devel mailing list