fix ec_cdata_to_evp_pkey bug

We weren't actually returning the object and the tests weren't catching it because we didn't try to use the evp_pkey property in the tests. The added test confirms it actually works.
2026-05-14 20:37:55 +00:00 · 2015-06-22 23:27:15 -05:00 · 2015-06-22 23:27:15 -05:00 · 370c4da9fe
commit 370c4da9fe
parent c952fb1805
2 changed files with 19 additions and 0 deletions
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@ -1073,6 +1073,7 @@ class Backend(object):
        evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
        res = self._lib.EVP_PKEY_set1_EC_KEY(evp_pkey, ec_cdata)
        assert res == 1
+        return evp_pkey

    def _elliptic_curve_to_nid(self, curve):
        """
--- a/tests/hazmat/primitives/test_ec.py
+++ b/tests/hazmat/primitives/test_ec.py
@ -642,6 +642,24 @@ class TestECSerialization(object):
                DummyKeyEncryption()
            )

+    def test_public_bytes_from_derived_public_key(self, backend):
+        _skip_curve_unsupported(backend, ec.SECP256R1())
+        key = load_vectors_from_file(
+            os.path.join(
+                "asymmetric", "PKCS8", "ec_private_key.pem"),
+            lambda pemfile: serialization.load_pem_private_key(
+                pemfile.read().encode(), None, backend
+            )
+        )
+        _skip_if_no_serialization(key, backend)
+        public = key.public_key()
+        pem = public.public_bytes(
+            serialization.Encoding.PEM,
+            serialization.PublicFormat.SubjectPublicKeyInfo
+        )
+        parsed_public = serialization.load_pem_public_key(pem, backend)
+        assert parsed_public
+

@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend)
@pytest.mark.requires_backend_interface(interface=PEMSerializationBackend)