From cfb5714ef89823d2add0f14c1dc3c843d4a5f7ee Mon Sep 17 00:00:00 2001
From: Andrew Hopkins <andhop@amazon.com>
Date: Thu, 20 Feb 2025 10:30:40 -0800
Subject: [PATCH] Move where the callback tests are run so the local symbols
 check doesn't fail

---
 tests/ci/run_fips_tests.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/ci/run_fips_tests.sh b/tests/ci/run_fips_tests.sh
index b5517135a0..4d0e4fd181 100755
--- a/tests/ci/run_fips_tests.sh
+++ b/tests/ci/run_fips_tests.sh
@@ -31,6 +31,10 @@ if static_linux_supported || static_openbsd_supported; then
   echo "Testing AWS-LC static library in FIPS Release mode."
   fips_build_and_test -DCMAKE_BUILD_TYPE=Release
 
+  echo "Testing AWS-LC static breakable build with custom callback enabled"
+  run_build -DFIPS=1 -DCMAKE_C_FLAGS="-DBORINGSSL_FIPS_BREAK_TESTS -DAWSLC_FIPS_FAILURE_CALLBACK"
+  ./tests/ci/run_fips_callback_tests.sh
+
   echo "Testing AWS-LC static breakable release build"
   run_build -DFIPS=1 -DCMAKE_C_FLAGS="-DBORINGSSL_FIPS_BREAK_TESTS"
   ./util/fipstools/test-break-kat.sh
@@ -39,10 +43,6 @@ if static_linux_supported || static_openbsd_supported; then
   ${BUILD_ROOT}/crypto/crypto_test --gtest_filter="RSADeathTest.KeygenFailAndDie"
   unset BORINGSSL_FIPS_BREAK_TEST
 
-  echo "Testing AWS-LC static breakable build with custom callback enabled"
-  run_build -DFIPS=1 -DCMAKE_C_FLAGS="-DBORINGSSL_FIPS_BREAK_TESTS -DAWSLC_FIPS_FAILURE_CALLBACK"
-  ./tests/ci/run_fips_callback_tests.sh
-
   MODULE_HASH=$(go run util/fipstools/break-hash.go "${BUILD_ROOT}/util/fipstools/test_fips" ./libcrypto.so | \
     egrep "Hash of module was:.* ([a-f0-9]*)")