Skip to content

Commit

Permalink
UPSTREAM: <carry>: disable AES24, not supported by FIPS
Browse files Browse the repository at this point in the history
OpenShift-Rebase-Source: b9a8eb6
  • Loading branch information
rphillips authored and bertinatto committed Dec 11, 2024
1 parent 3352f04 commit 9b765fc
Showing 1 changed file with 5 additions and 3 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -730,10 +730,12 @@ func TestRoundTrip(t *testing.T) {
if err != nil {
t.Fatal(err)
}
aes24block, err := aes.NewCipher(bytes.Repeat([]byte("b"), 24))
/* FIPS disabled
aes24block, err := aes.NewCipher([]byte(bytes.Repeat([]byte("b"), 24)))
if err != nil {
t.Fatal(err)
}
*/
key32 := bytes.Repeat([]byte("c"), 32)
aes32block, err := aes.NewCipher(key32)
if err != nil {
Expand All @@ -746,10 +748,10 @@ func TestRoundTrip(t *testing.T) {
t value.Transformer
}{
{name: "GCM 16 byte key", t: newGCMTransformer(t, aes16block, nil)},
{name: "GCM 24 byte key", t: newGCMTransformer(t, aes24block, nil)},
// FIPS disabled {name: "GCM 24 byte key", t: newGCMTransformer(t, aes24block, nil)},
{name: "GCM 32 byte key", t: newGCMTransformer(t, aes32block, nil)},
{name: "GCM 16 byte unsafe key", t: newGCMTransformerWithUniqueKeyUnsafeTest(t, aes16block, nil)},
{name: "GCM 24 byte unsafe key", t: newGCMTransformerWithUniqueKeyUnsafeTest(t, aes24block, nil)},
// FIPS disabled {name: "GCM 24 byte unsafe key", t: newGCMTransformerWithUniqueKeyUnsafeTest(t, aes24block, nil)},
{name: "GCM 32 byte unsafe key", t: newGCMTransformerWithUniqueKeyUnsafeTest(t, aes32block, nil)},
{name: "GCM 32 byte seed", t: newHKDFExtendedNonceGCMTransformerTest(t, nil, key32)},
{name: "CBC 32 byte key", t: NewCBCTransformer(aes32block)},
Expand Down

0 comments on commit 9b765fc

Please sign in to comment.