Commit 5707fd0753 for openssl.org

commit 5707fd07531a4bf923a5a20b136691291e08bd57
Author: Anatolii Ohorodnyk <anatolii.ohorodnyk@gmail.com>
Date:   Wed Dec 31 20:40:11 2025 +0000

    test: use runtime FIPS detection instead of compile-time check

    Replace #ifdef FIPS_MODULE with OSSL_PROVIDER_available() runtime check
    in ecdsatest.c. The compile-time check is not meaningful for test cases
    as the test binary may be compiled without FIPS_MODULE but run with the
    FIPS provider loaded.

    Fixes #28255

    CLA: trivial

    Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
    Reviewed-by: Neil Horman <nhorman@openssl.org>
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/29527)

diff --git a/test/ecdsatest.c b/test/ecdsatest.c
index aa81e39f0f..2641603fc6 100644
--- a/test/ecdsatest.c
+++ b/test/ecdsatest.c
@@ -96,10 +96,8 @@ static int x9_62_tests(int n)

     TEST_info("ECDSA KATs for curve %s", OBJ_nid2sn(nid));

-#ifdef FIPS_MODULE
-    if (EC_curve_nid2nist(nid) == NULL)
-        return TEST_skip("skip non approved curves");
-#endif /* FIPS_MODULE */
+    if (OSSL_PROVIDER_available(NULL, "fips") && EC_curve_nid2nist(nid) == NULL)
+        return TEST_skip("skip non approved curves in FIPS mode");

     if (!TEST_ptr(mctx = EVP_MD_CTX_new())
         /* get the message digest */