diff options
author | Nicola Tuveri <nic.tuv@gmail.com> | 2020-11-09 23:34:00 +0200 |
---|---|---|
committer | Nicola Tuveri <nic.tuv@gmail.com> | 2021-01-08 23:59:02 +0200 |
commit | 4554988e582e676a51c451de031939b45e60d00c (patch) | |
tree | 52f7472c375dc3c8909c6f4666fa7a4993aaf00f /test/recipes/91-test_pkey_check.t | |
parent | ed37336b6383cacbcbb8f6b1334eba0ad43530d5 (diff) |
[test][pkey_check] Add invalid SM2 key test
SM2 private keys have different validation requirements than EC keys:
this test checks one corner case highlighted in
https://github.com/openssl/openssl/issues/8435
As @bbbrumley mentioned in
https://github.com/openssl/openssl/issues/8435#issuecomment-720504282
this only fixes the absence of a regression test for validation of this
kind of boundary issues for decoded SM2 keys.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
Diffstat (limited to 'test/recipes/91-test_pkey_check.t')
-rw-r--r-- | test/recipes/91-test_pkey_check.t | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/test/recipes/91-test_pkey_check.t b/test/recipes/91-test_pkey_check.t index f06f3bd22a..c85ab5c377 100644 --- a/test/recipes/91-test_pkey_check.t +++ b/test/recipes/91-test_pkey_check.t @@ -44,6 +44,11 @@ push(@tests, ( "ec_p256_bad_1.pem", # `k` set to `n+1` (equivalent to `1 mod n`, invalid) )) unless disabled("ec"); +push(@tests, ( + # For SM2 keys the range for the secret scalar `k` is `1 <= k < n-1` + "sm2_bad_max.pem", # `k` set to `n-1` (invalid, because SM2 range) + )) unless disabled("sm2"); + plan skip_all => "No tests within the current enabled feature set" unless @tests; |