9 files changed, 86 insertions, 1 deletions

diff --git a/AUTHORS.rst b/AUTHORS.rst
index 412c4e25..a7821be0 100644
--- a/AUTHORS.rst
+++ b/AUTHORS.rst
@@ -17,3 +17,4 @@ PGP key fingerprints are enclosed in parentheses.
 * Terry Chia <terrycwk1994@gmail.com>
 * Matthew Iversen <matt@notevencode.com> (2F04 3DCC D6E6 D5AC D262  2E0B C046 E8A8 7452 2973)
 * Mohammed Attia <skeuomorf@gmail.com>
+* Michael Hart <michael.hart1994@gmail.com>
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index d1d18a10..7e619a10 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@@ -473,6 +473,12 @@ class Backend(object):
             assert dsa_cdata != self._ffi.NULL
             dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
             return _DSAPrivateKey(self, dsa_cdata)
+        elif self._lib.Cryptography_HAS_EC == 1 \
+                and type == self._lib.EVP_PKEY_EC:
+            ec_cdata = self._lib.EVP_PKEY_get1_EC_KEY(evp_pkey)
+            assert ec_cdata != self._ffi.NULL
+            ec_cdata = self._ffi.gc(ec_cdata, self._lib.EC_KEY_free)
+            return _EllipticCurvePrivateKey(self, ec_cdata, None)
         else:
             raise UnsupportedAlgorithm("Unsupported key type.")
 
diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst
index 84b69fdc..7a953d9b 100644
--- a/docs/hazmat/primitives/asymmetric/serialization.rst
+++ b/docs/hazmat/primitives/asymmetric/serialization.rst
@@ -76,7 +76,7 @@ all begin with ``-----BEGIN {format}-----`` and end with ``-----END
         be ``None`` if the private key is not encrypted.
 
     :param backend: A
-        :class:`~cryptography.hazmat.backends.interfaces.PKCS8SerializationBackend`
+        :class:`~cryptography.hazmat.backends.interfaces.PEMSerializationBackend`
         provider.
 
     :returns: A new instance of a private key.
diff --git a/tests/hazmat/primitives/test_serialization.py b/tests/hazmat/primitives/test_serialization.py
index 9333a6bd..7c912a92 100644
--- a/tests/hazmat/primitives/test_serialization.py
+++ b/tests/hazmat/primitives/test_serialization.py
@@ -21,11 +21,14 @@ import pytest
 
 from cryptography.exceptions import _Reasons
 from cryptography.hazmat.primitives import interfaces
+from cryptography.hazmat.primitives.asymmetric import ec
 from cryptography.hazmat.primitives.serialization import (
     load_pem_pkcs8_private_key, load_pem_private_key,
     load_pem_traditional_openssl_private_key
 )
 
+
+from .test_ec import _skip_curve_unsupported
 from .utils import _check_rsa_private_numbers, load_vectors_from_file
 from ...utils import raises_unsupported_algorithm
 
@@ -46,6 +49,27 @@ class TestPEMSerialization(object):
         if isinstance(key, interfaces.RSAPrivateKeyWithNumbers):
             _check_rsa_private_numbers(key.private_numbers())
 
+    @pytest.mark.parametrize(
+        ("key_file", "password"),
+        [
+            ("ec_private_key.pem", None),
+            ("ec_private_key_encrypted.pem", b"123456"),
+        ]
+    )
+    @pytest.mark.elliptic
+    def test_load_pem_ec_private_key(self, key_file, password, backend):
+        _skip_curve_unsupported(backend, ec.SECP256R1())
+        key = load_vectors_from_file(
+            os.path.join(
+                "asymmetric", "PEM_Serialization", key_file),
+            lambda pemfile: load_pem_private_key(
+                pemfile.read().encode(), password, backend
+            )
+        )
+
+        assert key
+        assert isinstance(key, interfaces.EllipticCurvePrivateKey)
+
 
 @pytest.mark.traditional_openssl_serialization
 class TestTraditionalOpenSSLSerialization(object):
@@ -303,6 +327,26 @@ class TestPKCS8Serialization(object):
         if isinstance(key, interfaces.RSAPrivateKeyWithNumbers):
             _check_rsa_private_numbers(key.private_numbers())
 
+    @pytest.mark.parametrize(
+        ("key_file", "password"),
+        [
+            ("ec_private_key.pem", None),
+            ("ec_private_key_encrypted.pem", b"123456"),
+        ]
+    )
+    @pytest.mark.elliptic
+    def test_load_pem_ec_private_key(self, key_file, password, backend):
+        _skip_curve_unsupported(backend, ec.SECP256R1())
+        key = load_vectors_from_file(
+            os.path.join(
+                "asymmetric", "PKCS8", key_file),
+            lambda pemfile: load_pem_pkcs8_private_key(
+                pemfile.read().encode(), password, backend
+            )
+        )
+        assert key
+        assert isinstance(key, interfaces.EllipticCurvePrivateKey)
+
     def test_unused_password(self, backend):
         key_file = os.path.join(
             "asymmetric", "PKCS8", "unencpkcs8.pem")
diff --git a/vectors/cryptography_vectors/asymmetric/PEM_Serialization/README.txt b/vectors/cryptography_vectors/asymmetric/PEM_Serialization/README.txt
new file mode 100644
index 00000000..97879f5c
--- /dev/null
+++ b/vectors/cryptography_vectors/asymmetric/PEM_Serialization/README.txt
@@ -0,0 +1,7 @@
+Example test files for PEM Serialization Backend tests
+
+Contains
+
+1. ec_private_key.pem - Contains an Elliptic Curve key generated using OpenSSL, from the curve secp256r1.
+2. ec_private_key_encrypted.pem - Contains the same Elliptic Curve key as ec_private_key.pem, except that 
+   it is encrypted with AES-256 with the password "123456".
\ No newline at end of file
diff --git a/vectors/cryptography_vectors/asymmetric/PEM_Serialization/ec_private_key.pem b/vectors/cryptography_vectors/asymmetric/PEM_Serialization/ec_private_key.pem
new file mode 100644
index 00000000..4ea43082
--- /dev/null
+++ b/vectors/cryptography_vectors/asymmetric/PEM_Serialization/ec_private_key.pem
@@ -0,0 +1,8 @@
+-----BEGIN EC PARAMETERS-----
+BggqhkjOPQMBBw==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIGIq02UsfuTvGOrZRnJGulum7SYqHHa3aJX3LpEqExJPoAoGCCqGSM49
+AwEHoUQDQgAEJLzzbuz2tRnLFlOL+6bTX6giVavAsc6NDFFT0IMCd2ibTTNUDDkF
+Gsgq0cH5JYPg/6xUlMBFKrWYe3yQ4has9w==
+-----END EC PRIVATE KEY-----
diff --git a/vectors/cryptography_vectors/asymmetric/PEM_Serialization/ec_private_key_encrypted.pem b/vectors/cryptography_vectors/asymmetric/PEM_Serialization/ec_private_key_encrypted.pem
new file mode 100644
index 00000000..d04cd665
--- /dev/null
+++ b/vectors/cryptography_vectors/asymmetric/PEM_Serialization/ec_private_key_encrypted.pem
@@ -0,0 +1,8 @@
+-----BEGIN EC PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: AES-256-CBC,DF9D9E8C48BDB6A878E63D99E12D4996
+
+wwTwrkAsOWBrk7LeiR3m3yWeqaBQIEmywfgLZjuOte/HKxH8QHs/Enw896zE03aw
+xb6sFXpCM8Q1L0rIlT7xoaNxXxA8WmIyiXIyX+JkY+3zm1iEzoP5xbU2q/Y3c4wb
+wNSmiY094Jf0+EO/i/G/9zLYUlJDRVQ5fkIGazDwPMc=
+-----END EC PRIVATE KEY-----
diff --git a/vectors/cryptography_vectors/asymmetric/PKCS8/ec_private_key.pem b/vectors/cryptography_vectors/asymmetric/PKCS8/ec_private_key.pem
new file mode 100644
index 00000000..3a625b6b
--- /dev/null
+++ b/vectors/cryptography_vectors/asymmetric/PKCS8/ec_private_key.pem
@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgYirTZSx+5O8Y6tlG
+cka6W6btJiocdrdolfcukSoTEk+hRANCAAQkvPNu7Pa1GcsWU4v7ptNfqCJVq8Cx
+zo0MUVPQgwJ3aJtNM1QMOQUayCrRwfklg+D/rFSUwEUqtZh7fJDiFqz3
+-----END PRIVATE KEY-----
diff --git a/vectors/cryptography_vectors/asymmetric/PKCS8/ec_private_key_encrypted.pem b/vectors/cryptography_vectors/asymmetric/PKCS8/ec_private_key_encrypted.pem
new file mode 100644
index 00000000..7c35200f
--- /dev/null
+++ b/vectors/cryptography_vectors/asymmetric/PKCS8/ec_private_key_encrypted.pem
@@ -0,0 +1,6 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIGwMBsGCSqGSIb3DQEFAzAOBAh618AJwpxyvQICCAAEgZBhr8rmqfqMHmPh/Gjo
+S1VgD8sZUG3oILVzmuSb/k4uvynfctSG/ajwkacMF9UR6PvbTHjJUqX9RXHF6hug
+r08T/tXDaHhdNkj0TzW+ZZD1Ky6+saBkMZr9C0XDdsHDEEtRkYAb9xtWj+Z1iars
+C/xyREp46ZyeinO4Vy8BJXxCwMaSa/6HtogSb9eWWXKk0uA=
+-----END ENCRYPTED PRIVATE KEY-----