File tree Expand file tree Collapse file tree 2 files changed +8
-4
lines changed Expand file tree Collapse file tree 2 files changed +8
-4
lines changed Original file line number Diff line number Diff line change 2626
2727#include < gtest/gtest.h>
2828#include " test/test_util.h"
29+ #include " ube/snapsafe_detect.h"
2930
3031static int AWS_LC_ERROR_return (void ) {
3132 GUARD_PTR (NULL );
@@ -74,7 +75,7 @@ TEST(CryptoTest, Strndup) {
7475}
7576
7677TEST (CryptoTest, aws_lc_assert_entropy_cpu_jitter) {
77- if (FIPS_mode () == 1 ) {
78+ if (FIPS_mode () == 1 && CRYPTO_get_snapsafe_supported () != 1 ) {
7879 ASSERT_EQ (1 , FIPS_is_entropy_cpu_jitter ());
7980 }
8081}
Original file line number Diff line number Diff line change @@ -79,19 +79,22 @@ TEST(EntropySources, Configuration) {
7979#if defined(AWSLC_SNAPSAFE_TESTING) && defined(OPENSSL_LINUX)
8080 EXPECT_EQ (OPT_OUT_CPU_JITTER_ENTROPY_SOURCE, get_entropy_source_method_id_FOR_TESTING ());
8181
82- // If entropy build configuration choose to opt-out of CPU Jitter Entropy
82+ // If entropy build configuration choose to explicitly opt-out of CPU Jitter
83+ // Entropy
8384#elif defined(DO_NOT_USE_CPU_JITTER_ENTROPY)
8485 EXPECT_EQ (OPT_OUT_CPU_JITTER_ENTROPY_SOURCE, get_entropy_source_method_id_FOR_TESTING ());
86+
8587#else
8688 int expected_entropy_source_id = TREE_DRBG_JITTER_ENTROPY_SOURCE;
8789 if (CRYPTO_get_snapsafe_supported ()) {
8890 expected_entropy_source_id = OPT_OUT_CPU_JITTER_ENTROPY_SOURCE;
8991 }
9092
9193 EXPECT_EQ (expected_entropy_source_id, get_entropy_source_method_id_FOR_TESTING ());
92- #endif
9394
94- if (FIPS_mode () == 1 ) {
95+ // For FIPS build we can strongly assert.
96+ if (FIPS_mode () == 1 && CRYPTO_get_snapsafe_supported () != 1 ) {
9597 EXPECT_NE (OPT_OUT_CPU_JITTER_ENTROPY_SOURCE, get_entropy_source_method_id_FOR_TESTING ());
9698 }
99+ #endif
97100}
You can’t perform that action at this time.
0 commit comments