From 2614a584dece8833779ce117af81f37dc4f5d8b7 Mon Sep 17 00:00:00 2001
From: Apoorv Kothari <apoorv@toidiu.com>
Date: Fri, 15 Nov 2024 10:56:32 -0800
Subject: [PATCH] pr feedback

---
 .../features/S2N_LIBCRYPTO_SUPPORTS_ENGINE.c  |  4 ----
 tests/unit/s2n_random_test.c                  | 22 +++++++++++++++++--
 utils/s2n_random.c                            |  2 ++
 3 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/tests/features/S2N_LIBCRYPTO_SUPPORTS_ENGINE.c b/tests/features/S2N_LIBCRYPTO_SUPPORTS_ENGINE.c
index 82b4d5d43ae..15ea902d3ec 100644
--- a/tests/features/S2N_LIBCRYPTO_SUPPORTS_ENGINE.c
+++ b/tests/features/S2N_LIBCRYPTO_SUPPORTS_ENGINE.c
@@ -30,10 +30,6 @@
  */
 #include <openssl/engine.h>
 
-#if defined(OPENSSL_NO_ENGINE)
-    #error "engine is not supported"
-#endif
-
 int s2n_noop_rand(unsigned char *buf, int num)
 {
     return 1;
diff --git a/tests/unit/s2n_random_test.c b/tests/unit/s2n_random_test.c
index c0970d1ebb0..d032e24e66f 100644
--- a/tests/unit/s2n_random_test.c
+++ b/tests/unit/s2n_random_test.c
@@ -899,8 +899,22 @@ int main(int argc, char **argv)
 
     /* Feature probe */
     {
-#if defined(S2N_LIBCRYPTO_SUPPORTS_ENGINE) && defined(OPENSSL_NO_ENGINE)
-        FAIL_MSG("Logic error with the Engine feature probe.")
+#if defined(OPENSSL_IS_AWSLC)
+        /* Negative test */
+    #if defined(S2N_LIBCRYPTO_SUPPORTS_ENGINE)
+        FAIL_MSG("Expected ENGINE feature probe to be disabled with AWS-LC");
+    #endif
+
+#else
+
+        /* Positive test
+         *
+         * We expect ENGINE APIs to be available if `OPENSSL_NO_ENGINE` is not
+         * defined.
+         */
+    #if !defined(OPENSSL_NO_ENGINE) && !defined(S2N_LIBCRYPTO_SUPPORTS_ENGINE)
+        FAIL_MSG("Expected ENGINE feature probe to be enabled");
+    #endif
 #endif
     };
 
@@ -916,6 +930,10 @@ int main(int argc, char **argv)
 #if !defined(S2N_LIBCRYPTO_SUPPORTS_ENGINE)
         EXPECT_FALSE(s2n_supports_custom_rand());
 #endif
+
+#if defined(OPENSSL_NO_ENGINE)
+        EXPECT_FALSE(s2n_supports_custom_rand());
+#endif
     };
 
     /* For each test case, creates a child process that runs the test case.
diff --git a/utils/s2n_random.c b/utils/s2n_random.c
index 7ed6e2080fb..2da6662e29e 100644
--- a/utils/s2n_random.c
+++ b/utils/s2n_random.c
@@ -553,6 +553,8 @@ bool s2n_supports_custom_rand()
 {
 #if !defined(S2N_LIBCRYPTO_SUPPORTS_ENGINE)
     return false;
+#elif defined(OPENSSL_NO_ENGINE)
+    return false;
 #else
     return !s2n_libcrypto_is_boringssl() && !s2n_libcrypto_is_libressl() && !s2n_libcrypto_is_awslc() && !s2n_is_in_fips_mode();
 #endif