From bd172dd0e1b76116402534aa4bb5c89d039e7762 Mon Sep 17 00:00:00 2001
From: Alen Yan <yzpgryx@163.com>
Date: Wed, 9 Jul 2025 09:23:00 +0800
Subject: [PATCH] fix SM2 privatekey decode(PEM format, ECPrivateKey).

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27963)
---
 include/openssl/pem.h                                    | 1 +
 providers/implementations/encode_decode/decode_pem2der.c | 1 +
 test/recipes/15-test_ec.t                                | 6 +++++-
 test/testec-sm2.pem                                      | 5 +++++
 4 files changed, 12 insertions(+), 1 deletion(-)
 create mode 100644 test/testec-sm2.pem

diff --git a/include/openssl/pem.h b/include/openssl/pem.h
index 94424e6c209..de1b6581f28 100644
--- a/include/openssl/pem.h
+++ b/include/openssl/pem.h
@@ -57,6 +57,7 @@ extern "C" {
 # define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
 # define PEM_STRING_PARAMETERS   "PARAMETERS"
 # define PEM_STRING_CMS          "CMS"
+# define PEM_STRING_SM2PRIVATEKEY "SM2 PRIVATE KEY"
 # define PEM_STRING_SM2PARAMETERS "SM2 PARAMETERS"
 # define PEM_STRING_ACERT        "ATTRIBUTE CERTIFICATE"
 
diff --git a/providers/implementations/encode_decode/decode_pem2der.c b/providers/implementations/encode_decode/decode_pem2der.c
index abea679fe19..a38c71883dd 100644
--- a/providers/implementations/encode_decode/decode_pem2der.c
+++ b/providers/implementations/encode_decode/decode_pem2der.c
@@ -151,6 +151,7 @@ static int pem2der_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
         { PEM_STRING_DSAPARAMS, OSSL_OBJECT_PKEY, "DSA", "type-specific" },
         { PEM_STRING_ECPRIVATEKEY, OSSL_OBJECT_PKEY, "EC", "type-specific" },
         { PEM_STRING_ECPARAMETERS, OSSL_OBJECT_PKEY, "EC", "type-specific" },
+        { PEM_STRING_SM2PRIVATEKEY, OSSL_OBJECT_PKEY, "SM2", "type-specific" },
         { PEM_STRING_SM2PARAMETERS, OSSL_OBJECT_PKEY, "SM2", "type-specific" },
         { PEM_STRING_RSA, OSSL_OBJECT_PKEY, "RSA", "type-specific" },
         { PEM_STRING_RSA_PUBLIC, OSSL_OBJECT_PKEY, "RSA", "type-specific" },
diff --git a/test/recipes/15-test_ec.t b/test/recipes/15-test_ec.t
index c953fad9f1e..2b6c9781dd0 100644
--- a/test/recipes/15-test_ec.t
+++ b/test/recipes/15-test_ec.t
@@ -18,7 +18,7 @@ setup("test_ec");
 
 plan skip_all => 'EC is not supported in this build' if disabled('ec');
 
-plan tests => 15;
+plan tests => 16;
 
 my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
 
@@ -33,6 +33,10 @@ subtest 'EC conversions -- private key' => sub {
     tconversion( -type => 'ec', -prefix => 'ec-priv',
                  -in => srctop_file("test","testec-p256.pem") );
 };
+subtest 'EC conversions -- private key' => sub {
+    tconversion( -type => 'ec', -prefix => 'sm2-priv',
+                 -in => srctop_file("test","testec-sm2.pem") );
+};
 subtest 'EC conversions -- private key PKCS#8' => sub {
     tconversion( -type => 'ec', -prefix => 'ec-pkcs8',
                  -in => srctop_file("test","testec-p256.pem"),
diff --git a/test/testec-sm2.pem b/test/testec-sm2.pem
new file mode 100644
index 00000000000..30e25613b38
--- /dev/null
+++ b/test/testec-sm2.pem
@@ -0,0 +1,5 @@
+-----BEGIN SM2 PRIVATE KEY-----
+MHcCAQEEIKPB7gEYKGAwAkz0MfGwQm0BXclgzvSTxQG9bm4RCAxXoAoGCCqBHM9V
+AYItoUQDQgAE+FuibOpfjVfj716O3LglhK4HzjUR82mgn8kTZinQsEafw3FFZzZJ
+vwHIGHUsSKxVTRIEs+BICQDBg99OA3VU/Q==
+-----END SM2 PRIVATE KEY-----
-- 
2.47.2