Merge pull request #1732 from reaperhulk/serialize-ec-public-key

serialize EC public keys

1 files changed, 73 insertions, 1 deletions

diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py
index 77ee38b4..40b1741c 100644
--- a/tests/hazmat/primitives/test_ec.py
+++ b/tests/hazmat/primitives/test_ec.py
@@ -34,7 +34,12 @@ _HASH_TYPES = {
 
 
 def _skip_if_no_serialization(key, backend):
-    if not isinstance(key, ec.EllipticCurvePrivateKeyWithSerialization):
+    if not isinstance(
+        key, (
+            ec.EllipticCurvePrivateKeyWithSerialization,
+            ec.EllipticCurvePublicKeyWithSerialization
+        )
+    ):
         pytest.skip(
             "{0} does not support EC key serialization".format(backend)
         )
@@ -548,3 +553,70 @@ class TestECSerialization(object):
                 serialization.PrivateFormat.TraditionalOpenSSL,
                 DummyKeyEncryption()
             )
+
+
+@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend)
+@pytest.mark.requires_backend_interface(interface=PEMSerializationBackend)
+class TestEllipticCurvePEMPublicKeySerialization(object):
+    def test_public_bytes_unencrypted_pem(self, backend):
+        _skip_curve_unsupported(backend, ec.SECP256R1())
+        key_bytes = load_vectors_from_file(
+            os.path.join(
+                "asymmetric", "PEM_Serialization", "ec_public_key.pem"
+            ),
+            lambda pemfile: pemfile.read().encode()
+        )
+        key = serialization.load_pem_public_key(key_bytes, backend)
+        _skip_if_no_serialization(key, backend)
+        serialized = key.public_bytes(
+            serialization.Encoding.PEM,
+            serialization.PublicFormat.SubjectPublicKeyInfo,
+        )
+        assert serialized == key_bytes
+
+    def test_public_bytes_invalid_encoding(self, backend):
+        _skip_curve_unsupported(backend, ec.SECP256R1())
+        key = load_vectors_from_file(
+            os.path.join(
+                "asymmetric", "PEM_Serialization", "ec_public_key.pem"
+            ),
+            lambda pemfile: serialization.load_pem_public_key(
+                pemfile.read().encode(), backend
+            )
+        )
+        _skip_if_no_serialization(key, backend)
+        with pytest.raises(TypeError):
+            key.public_bytes(
+                "notencoding",
+                serialization.PublicFormat.SubjectPublicKeyInfo
+            )
+
+    def test_public_bytes_invalid_format(self, backend):
+        _skip_curve_unsupported(backend, ec.SECP256R1())
+        key = load_vectors_from_file(
+            os.path.join(
+                "asymmetric", "PEM_Serialization", "ec_public_key.pem"
+            ),
+            lambda pemfile: serialization.load_pem_public_key(
+                pemfile.read().encode(), backend
+            )
+        )
+        _skip_if_no_serialization(key, backend)
+        with pytest.raises(TypeError):
+            key.public_bytes(serialization.Encoding.PEM, "invalidformat")
+
+    def test_public_bytes_pkcs1_unsupported(self, backend):
+        _skip_curve_unsupported(backend, ec.SECP256R1())
+        key = load_vectors_from_file(
+            os.path.join(
+                "asymmetric", "PEM_Serialization", "ec_public_key.pem"
+            ),
+            lambda pemfile: serialization.load_pem_public_key(
+                pemfile.read().encode(), backend
+            )
+        )
+        _skip_if_no_serialization(key, backend)
+        with pytest.raises(ValueError):
+            key.public_bytes(
+                serialization.Encoding.PEM, serialization.PublicFormat.PKCS1
+            )