From 5ca6eb4ecabc3cfbc18969b5cd502980e6b523b8 Mon Sep 17 00:00:00 2001
From: Jun Aruga <jaruga@redhat.com>
Date: Thu, 15 Aug 2024 16:20:13 +0200
Subject: [PATCH] test_s_generate_parameters: Consider a DSA error in FIPS.

DSA kengen is not FIPS-approved. The `EVP_PKEY_paramgen` in the
`OpenSSL::PKey.generate_parameters("DSA")` raises a DSA error in FIPS by the
following commit. Split the test for DSA.

https://github.com/openssl/openssl/commit/49a35f0#diff-605396c063194975af8ce31399d42690ab18186b422fb5012101cc9132660fe1R611-R614
---
 test/openssl/test_pkey.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/test/openssl/test_pkey.rb b/test/openssl/test_pkey.rb
index aee0546f6..f1c5f6f5f 100644
--- a/test/openssl/test_pkey.rb
+++ b/test/openssl/test_pkey.rb
@@ -38,6 +38,12 @@ def test_s_generate_parameters
     assert_raise(OpenSSL::PKey::PKeyError) {
       OpenSSL::PKey.generate_parameters("EC", "invalid" => "option")
     }
+  end
+
+  def test_s_generate_parameters_with_block
+    # DSA kengen is not FIPS-approved.
+    # https://github.com/openssl/openssl/commit/49a35f0#diff-605396c063194975af8ce31399d42690ab18186b422fb5012101cc9132660fe1R611-R614
+    omit_on_fips
 
     # Parameter generation callback is called
     if openssl?(3, 0, 0, 0) && !openssl?(3, 0, 0, 6)