[test][pkey_check] Add invalid SM2 key test

SM2 private keys have different validation requirements than EC keys: this test checks one corner case highlighted in https://github.com/openssl/openssl/issues/8435 As @bbbrumley mentioned in https://github.com/openssl/openssl/issues/8435#issuecomment-720504282 this only fixes the absence of a regression test for validation of this kind of boundary issues for decoded SM2 keys. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13359)
author: Nicola Tuveri <nic.tuv@gmail.com> 2020-11-09 23:34:00 +0200
committer: Nicola Tuveri <nic.tuv@gmail.com> 2021-01-08 23:59:02 +0200
commit: 4554988e582e676a51c451de031939b45e60d00c (patch)
tree: 52f7472c375dc3c8909c6f4666fa7a4993aaf00f /test/recipes/91-test_pkey_check.t
parent: ed37336b6383cacbcbb8f6b1334eba0ad43530d5 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/test/recipes/91-test_pkey_check.t b/test/recipes/91-test_pkey_check.t
index f06f3bd22a..c85ab5c377 100644
--- a/test/recipes/91-test_pkey_check.t
+++ b/test/recipes/91-test_pkey_check.t
@@ -44,6 +44,11 @@ push(@tests, (
     "ec_p256_bad_1.pem", # `k` set to `n+1` (equivalent to `1 mod n`, invalid)
     )) unless disabled("ec");
 
+push(@tests, (
+    # For SM2 keys the range for the secret scalar `k` is `1 <= k < n-1`
+    "sm2_bad_max.pem", # `k` set to `n-1` (invalid, because SM2 range)
+    )) unless disabled("sm2");
+
 plan skip_all => "No tests within the current enabled feature set"
     unless @tests;
author	Nicola Tuveri <nic.tuv@gmail.com>	2020-11-09 23:34:00 +0200
committer	Nicola Tuveri <nic.tuv@gmail.com>	2021-01-08 23:59:02 +0200
commit	4554988e582e676a51c451de031939b45e60d00c (patch)
tree	52f7472c375dc3c8909c6f4666fa7a4993aaf00f /test/recipes/91-test_pkey_check.t
parent	ed37336b6383cacbcbb8f6b1334eba0ad43530d5 (diff)