Replace direct use of FIPS_mode with an internal util function

The function returns `false` if OpenSSL is used. PiperOrigin-RevId: 525726396
author: ambrosin <ambrosin@google.com> 2023-04-20 06:13:22 -0700
committer: Copybara-Service <copybara-worker@google.com> 2023-04-20 06:14:39 -0700
commit: 113db291f03cc90700f8278ff24f9cfb1f0db05b (patch)
tree: 4a0f7a1a706682a1da46a132f06863bd7ad9c1bf /cc/experimental
parent: 4239f1069b4bff49e175235ff1e12f13d145e4e5 (diff)
download: tink-113db291f03cc90700f8278ff24f9cfb1f0db05b.tar.gz
2 files changed, 10 insertions, 10 deletions
diff --git a/cc/experimental/pqcrypto/signature/signature_config_test.cc b/cc/experimental/pqcrypto/signature/signature_config_test.cc
index 2526126c8..11605e1b5 100644
--- a/cc/experimental/pqcrypto/signature/signature_config_test.cc
+++ b/cc/experimental/pqcrypto/signature/signature_config_test.cc
@@ -19,13 +19,13 @@
 #include "gmock/gmock.h"
 #include "gtest/gtest.h"
 #include "absl/status/status.h"
-#include "tink/config/tink_fips.h"
 #include "tink/experimental/pqcrypto/signature/dilithium_sign_key_manager.h"
 #include "tink/experimental/pqcrypto/signature/dilithium_verify_key_manager.h"
-#include "tink/experimental/pqcrypto/signature/sphincs_sign_key_manager.h"
-#include "tink/experimental/pqcrypto/signature/sphincs_verify_key_manager.h"
 #include "tink/experimental/pqcrypto/signature/falcon_sign_key_manager.h"
 #include "tink/experimental/pqcrypto/signature/falcon_verify_key_manager.h"
+#include "tink/experimental/pqcrypto/signature/sphincs_sign_key_manager.h"
+#include "tink/experimental/pqcrypto/signature/sphincs_verify_key_manager.h"
+#include "tink/internal/fips_utils.h"
 #include "tink/public_key_sign.h"
 #include "tink/public_key_verify.h"
 #include "tink/registry.h"
@@ -45,7 +45,7 @@ class PcqSignatureConfigTest : public ::testing::Test {
 };
 
 TEST_F(PcqSignatureConfigTest, CheckDilithium) {
-  if (IsFipsModeEnabled() && !FIPS_mode()) {
+  if (internal::IsFipsModeEnabled() && !internal::IsFipsEnabledInSsl()) {
     GTEST_SKIP() << "Not supported if FIPS-mode is used";
   }
 
@@ -69,7 +69,7 @@ TEST_F(PcqSignatureConfigTest, CheckDilithium) {
 }
 
 TEST_F(PcqSignatureConfigTest, CheckSphincs) {
-  if (IsFipsModeEnabled() && !FIPS_mode()) {
+  if (internal::IsFipsModeEnabled() && !internal::IsFipsEnabledInSsl()) {
     GTEST_SKIP() << "Not supported if FIPS-mode is used";
   }
 
@@ -93,7 +93,7 @@ TEST_F(PcqSignatureConfigTest, CheckSphincs) {
 }
 
 TEST_F(PcqSignatureConfigTest, CheckFalcon) {
-  if (IsFipsModeEnabled() && !FIPS_mode()) {
+  if (internal::IsFipsModeEnabled() && !internal::IsFipsEnabledInSsl()) {
     GTEST_SKIP() << "Not supported if FIPS-mode is used";
   }
 
diff --git a/cc/experimental/pqcrypto/signature/signature_config_util_test.cc b/cc/experimental/pqcrypto/signature/signature_config_util_test.cc
index 6cd75f726..f72e470b1 100644
--- a/cc/experimental/pqcrypto/signature/signature_config_util_test.cc
+++ b/cc/experimental/pqcrypto/signature/signature_config_util_test.cc
@@ -20,10 +20,10 @@
 
 #include "gmock/gmock.h"
 #include "gtest/gtest.h"
-#include "tink/config/tink_fips.h"
 #include "tink/experimental/pqcrypto/signature/dilithium_sign_key_manager.h"
 #include "tink/experimental/pqcrypto/signature/dilithium_verify_key_manager.h"
 #include "tink/experimental/pqcrypto/signature/signature_config.h"
+#include "tink/internal/fips_utils.h"
 #include "tink/public_key_sign.h"
 #include "tink/public_key_verify.h"
 #include "tink/registry.h"
@@ -45,7 +45,7 @@ class PcqSignatureConfigTest : public ::testing::Test {
 };
 
 TEST_F(PcqSignatureConfigTest, CheckStatus) {
-  if (IsFipsModeEnabled() && !FIPS_mode()) {
+  if (internal::IsFipsModeEnabled() && !internal::IsFipsEnabledInSsl()) {
     GTEST_SKIP() << "Not supported if FIPS-mode is used";
   }
 
@@ -55,7 +55,7 @@ TEST_F(PcqSignatureConfigTest, CheckStatus) {
 // Tests that the PublicKeySignWrapper has been properly registered and we
 // can wrap primitives.
 TEST_F(PcqSignatureConfigTest, PublicKeySignWrapperRegistered) {
-  if (IsFipsModeEnabled() && !FIPS_mode()) {
+  if (internal::IsFipsModeEnabled() && !internal::IsFipsEnabledInSsl()) {
     GTEST_SKIP() << "Not supported if FIPS-mode is used";
   }
 
@@ -91,7 +91,7 @@ TEST_F(PcqSignatureConfigTest, PublicKeySignWrapperRegistered) {
 // Tests that the PublicKeyVerifyWrapper has been properly registered and we
 // can wrap primitives.
 TEST_F(PcqSignatureConfigTest, PublicKeyVerifyWrapperRegistered) {
-  if (IsFipsModeEnabled() && !FIPS_mode()) {
+  if (internal::IsFipsModeEnabled() && !internal::IsFipsEnabledInSsl()) {
     GTEST_SKIP() << "Not supported if FIPS-mode is used";
   }
author	ambrosin <ambrosin@google.com>	2023-04-20 06:13:22 -0700
committer	Copybara-Service <copybara-worker@google.com>	2023-04-20 06:14:39 -0700
commit	113db291f03cc90700f8278ff24f9cfb1f0db05b (patch)
tree	4a0f7a1a706682a1da46a132f06863bd7ad9c1bf /cc/experimental
parent	4239f1069b4bff49e175235ff1e12f13d145e4e5 (diff)
download	tink-113db291f03cc90700f8278ff24f9cfb1f0db05b.tar.gz