test_pkey.rb: Assert the ed25519 key FIPS case instead of pending.

The behavior of `OpenSSL::PKey.read` raising `OpenSSL::PKey::PKeyError` with the ed25519 key is expected rather than a pending status. We can also assert the error message, being intentional for the content. Raise the original error if the key is implemented and FIPS approved, and the `OpenSSL::PKey.read` raises the `OpenSSL::PKey::PKeyError`.
ruby · Sep 9, 2023 · c88d492 · c88d492
1 parent bdf060f
commit c88d492
Showing 1 changed file with 6 additions and 2 deletions.
diff --git a/test/openssl/test_pkey.rb b/test/openssl/test_pkey.rb
@@ -96,15 +96,19 @@ def test_ed25519
     begin
       priv = OpenSSL::PKey.read(priv_pem)
       pub = OpenSSL::PKey.read(pub_pem)
-    rescue OpenSSL::PKey::PKeyError
+    rescue OpenSSL::PKey::PKeyError => e
       # OpenSSL < 1.1.1
       if !openssl?(1, 1, 1)
         pend "Ed25519 is not implemented"
       elsif OpenSSL.fips_mode && openssl?(3, 1, 0, 0)
+        # Ed25519 is not approved in OpenSSL 3.1+ FIPS code.
         # See OpenSSL providers/fips/fipsprov.c PROV_NAMES_ED25519 entries
         # with FIPS_UNAPPROVED_PROPERTIES in OpenSSL 3.1+.
-        pend "Ed25519 is not approved in OpenSSL 3.1+ FIPS code"
+        assert_equal "OpenSSL::PKey::PKeyError", e.class.name
+        assert_equal "Could not parse PKey", e.message
+        return
       end
+      raise e
     end
     assert_instance_of OpenSSL::PKey::PKey, priv
     assert_instance_of OpenSSL::PKey::PKey, pub