From 597605cf6ae5062e38bc8b89f26f89aff4ed677a Mon Sep 17 00:00:00 2001
From: Nicola Tuveri <nic.tuv@gmail.com>
Date: Sun, 27 Nov 2022 16:10:48 +0200
Subject: [PATCH] Update invalid EC key test for compatibility with upcoming
 OpenSSL changes (#7833)

One of the tests checking behavior with invalid EC keys hardcoded the
error reason.

This commit replaces the string matching with a regex to match both the
current string and a new reason, introduced by upcoming OpenSSL
changes [0], which would otherwise trigger a false positive failure.

[0]: https://github.com/openssl/openssl/pull/19681
---
 tests/hazmat/primitives/test_ec.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py
index 707d23360743..e4844869c9c5 100644
--- a/tests/hazmat/primitives/test_ec.py
+++ b/tests/hazmat/primitives/test_ec.py
@@ -479,7 +479,9 @@ def test_load_invalid_ec_key_from_pem(self, backend):
         # BoringSSL rejects infinity points before it ever gets to us, so it
         # uses a more generic error message.
         match = (
-            "infinity" if not backend._lib.CRYPTOGRAPHY_IS_BORINGSSL else None
+            r"infinity|invalid form"
+            if not backend._lib.CRYPTOGRAPHY_IS_BORINGSSL
+            else None
         )
         with pytest.raises(ValueError, match=match):
             serialization.load_pem_public_key(