From 370c4da9fe2662d07152a4b78bc09ae45f34decb Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 22 Jun 2015 23:27:15 -0500 Subject: fix ec_cdata_to_evp_pkey bug We weren't actually returning the object and the tests weren't catching it because we didn't try to use the evp_pkey property in the tests. The added test confirms it actually works. --- src/cryptography/hazmat/backends/openssl/backend.py | 1 + tests/hazmat/primitives/test_ec.py | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 2fe88327..4d469c40 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -1073,6 +1073,7 @@ class Backend(object): evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free) res = self._lib.EVP_PKEY_set1_EC_KEY(evp_pkey, ec_cdata) assert res == 1 + return evp_pkey def _elliptic_curve_to_nid(self, curve): """ diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index 82b5b3a1..cc185145 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -642,6 +642,24 @@ class TestECSerialization(object): DummyKeyEncryption() ) + def test_public_bytes_from_derived_public_key(self, backend): + _skip_curve_unsupported(backend, ec.SECP256R1()) + key = load_vectors_from_file( + os.path.join( + "asymmetric", "PKCS8", "ec_private_key.pem"), + lambda pemfile: serialization.load_pem_private_key( + pemfile.read().encode(), None, backend + ) + ) + _skip_if_no_serialization(key, backend) + public = key.public_key() + pem = public.public_bytes( + serialization.Encoding.PEM, + serialization.PublicFormat.SubjectPublicKeyInfo + ) + parsed_public = serialization.load_pem_public_key(pem, backend) + assert parsed_public + @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) @pytest.mark.requires_backend_interface(interface=PEMSerializationBackend) -- cgit v1.2.3