Added code and tests of EC public keys

2 files changed, 18 insertions, 0 deletions

diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index dd50fd3b..0b129d1a 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@@ -501,6 +501,12 @@ class Backend(object):
             assert dsa_cdata != self._ffi.NULL
             dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
             return _DSAPublicKey(self, dsa_cdata)
+        elif self._lib.Cryptography_HAS_EC == 1 \
+                and type == self._lib.EVP_PKEY_EC:
+            ec_cdata = self._lib.EVP_PKEY_get1_EC_KEY(evp_pkey)
+            assert ec_cdata != self._ffi.NULL
+            ec_cdata = self._ffi.gc(ec_cdata, self._lib.EC_KEY_free)
+            return _EllipticCurvePublicKey(self, ec_cdata, None)
         else:
             raise UnsupportedAlgorithm("Unsupported key type.")
 
diff --git a/tests/hazmat/primitives/test_serialization.py b/tests/hazmat/primitives/test_serialization.py
index 7cbd3f71..a97e38f5 100644
--- a/tests/hazmat/primitives/test_serialization.py
+++ b/tests/hazmat/primitives/test_serialization.py
@@ -122,6 +122,18 @@ class TestPEMSerialization(object):
         assert key
         assert isinstance(key, interfaces.DSAPublicKey)
 
+    @pytest.mark.elliptic
+    def test_load_ec_public_key(self, backend):
+        _skip_curve_unsupported(backend, ec.SECP256R1())
+        key = load_vectors_from_file(
+            os.path.join("asymmetric", "PEM_Serialization", "ec_public_key.pem"),
+            lambda pemfile: load_pem_public_key(
+                pemfile.read().encode(), backend
+            )
+        )
+        assert key
+        assert isinstance(key, interfaces.EllipticCurvePublicKey)
+
 
 @pytest.mark.traditional_openssl_serialization
 class TestTraditionalOpenSSLSerialization(object):