Skip unencrypted PKCS#8 DER import test on pre-3.x

On pre-3.x, new_private_key() without a passphrase calls
d2i_RSAPrivateKey_bio() which only handles PKCS#1 DER format.
Unencrypted PKCS#8 DER import is not supported until OpenSSL 3.x
(or with the fix in PR cpan-authors#190). Without this skip, the test dies on
Debian bullseye (OpenSSL 1.1.1), killing the remaining 6 tests.

The encrypted PKCS#8 DER tests still run on pre-3.x because the
passphrase code path uses d2i_PKCS8PrivateKey_bio() which handles
PKCS#8 correctly.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: toddr-bot

t/der.t

@@ -3,9 +3,12 @@ use warnings;
 use Test::More;
 use MIME::Base64;
 use Crypt::OpenSSL::RSA;
+use Crypt::OpenSSL::Guess qw(openssl_version);
 
 use File::Temp qw(tempfile);
 
+my ($major, $minor, $patch) = openssl_version();
+
 BEGIN { plan tests => 49 }
 
 # --- Generate a key pair for testing ---
@@ -234,9 +237,13 @@ is( ord(substr($pkcs8_der_export, 0, 1)), 0x30,
 is( $pkcs8_der_export, $pkcs8_der_expected,
     "get_private_key_pkcs8_der_string matches pem_to_der of PEM export" );
 
-my $priv_from_pkcs8_der_export = Crypt::OpenSSL::RSA->new_private_key($pkcs8_der_export);
-ok( $priv_from_pkcs8_der_export->is_private(),
-    "PKCS#8 DER export round-trips as private key" );
+SKIP: {
+    skip "Unencrypted PKCS#8 DER import requires OpenSSL 3.x", 1
+        if $major < 3 || !defined $patch;
+    my $priv_from_pkcs8_der_export = Crypt::OpenSSL::RSA->new_private_key($pkcs8_der_export);
+    ok( $priv_from_pkcs8_der_export->is_private(),
+        "PKCS#8 DER export round-trips as private key" );
+}
 
 # Encrypted PKCS#8 DER export
 my $der_pass = 'test_export_pass';