From 74eeecf91b6d9e4d7738d8f361a1199aad650a2b Mon Sep 17 00:00:00 2001
From: Ioannis Kakavas <ioannis@elastic.co>
Date: Wed, 1 Apr 2020 12:04:20 +0300
Subject: [PATCH] Fix testGenerateAndSignMetadata in FIPS mode (#54115)
 (#54387)

BC provider throws different error message on signature
validation failure
---
 .../xpack/idp/saml/idp/SamlMetadataGeneratorTests.java      | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/x-pack/plugin/identity-provider/src/test/java/org/elasticsearch/xpack/idp/saml/idp/SamlMetadataGeneratorTests.java b/x-pack/plugin/identity-provider/src/test/java/org/elasticsearch/xpack/idp/saml/idp/SamlMetadataGeneratorTests.java
index 9ad762dd6c1..c27ba189aca 100644
--- a/x-pack/plugin/identity-provider/src/test/java/org/elasticsearch/xpack/idp/saml/idp/SamlMetadataGeneratorTests.java
+++ b/x-pack/plugin/identity-provider/src/test/java/org/elasticsearch/xpack/idp/saml/idp/SamlMetadataGeneratorTests.java
@@ -128,7 +128,11 @@ public class SamlMetadataGeneratorTests extends IdpSamlTestCase {
         //no exception thrown
         SignatureException e = expectThrows(SignatureException.class,
             () -> SignatureValidator.validate(signature, readCredentials("RSA", 2048)));
-        assertThat(e.getMessage(), containsString("Unable to evaluate key against signature"));
+        if (inFipsJvm()) {
+            assertThat(e.getMessage(), containsString("Signature cryptographic validation not successful"));
+        } else {
+            assertThat(e.getMessage(), containsString("Unable to evaluate key against signature"));
+        }
     }
 
 }