Added code and tests of EC public keys
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index dd50fd3..0b129d1 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@@ -501,6 +501,12 @@
assert dsa_cdata != self._ffi.NULL
dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
return _DSAPublicKey(self, dsa_cdata)
+ elif self._lib.Cryptography_HAS_EC == 1 \
+ and type == self._lib.EVP_PKEY_EC:
+ ec_cdata = self._lib.EVP_PKEY_get1_EC_KEY(evp_pkey)
+ assert ec_cdata != self._ffi.NULL
+ ec_cdata = self._ffi.gc(ec_cdata, self._lib.EC_KEY_free)
+ return _EllipticCurvePublicKey(self, ec_cdata, None)
else:
raise UnsupportedAlgorithm("Unsupported key type.")
diff --git a/tests/hazmat/primitives/test_serialization.py b/tests/hazmat/primitives/test_serialization.py
index 7cbd3f7..a97e38f 100644
--- a/tests/hazmat/primitives/test_serialization.py
+++ b/tests/hazmat/primitives/test_serialization.py
@@ -122,6 +122,18 @@
assert key
assert isinstance(key, interfaces.DSAPublicKey)
+ @pytest.mark.elliptic
+ def test_load_ec_public_key(self, backend):
+ _skip_curve_unsupported(backend, ec.SECP256R1())
+ key = load_vectors_from_file(
+ os.path.join("asymmetric", "PEM_Serialization", "ec_public_key.pem"),
+ lambda pemfile: load_pem_public_key(
+ pemfile.read().encode(), backend
+ )
+ )
+ assert key
+ assert isinstance(key, interfaces.EllipticCurvePublicKey)
+
@pytest.mark.traditional_openssl_serialization
class TestTraditionalOpenSSLSerialization(object):