From 385c0afebe833754dc663e68aab310be7cb1fcb3 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Wed, 18 Oct 2023 15:02:06 +0200
Subject: Fix tests in FIPS mode.

In FIPS mode, if test passphrase is shorter
than 8 bytes, keyslot passphrase check routine
returns different error code (-EINVAL) than
expected (-EPERM).
---
 tests/compat-test2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/compat-test2 b/tests/compat-test2
index 223d8c32..2c026f47 100755
--- a/tests/compat-test2
+++ b/tests/compat-test2
@@ -1043,7 +1043,7 @@ if [ $HAVE_KEYRING -gt 0 -a -d /proc/sys/kernel/keys ]; then
 	# token 3 assigned to keyslot 1 (wrong passphrase)
 	echo "$PWD3" | $CRYPTSETUP luksAddKey -q -S1 $FAST_PBKDF_OPT --token-id 0 $LOOPDEV || fail
 	$CRYPTSETUP token add $LOOPDEV --key-description $TEST_TOKEN2 -S1 --token-id 3 || fail
-	load_key user $TEST_TOKEN2 "blabla" "$TEST_KEYRING" || fail "Cannot load 32 byte user key type"
+	load_key user $TEST_TOKEN2 "$PWDW" "$TEST_KEYRING" || fail "Cannot load 32 byte user key type"
 
 	# specific token, specific keyslot
 	$CRYPTSETUP open --test-passphrase --token-id 0 -S0 $LOOPDEV --token-only <&- || fail
-- 
cgit 1.2.3-korg