mark named curve inside EC key classes

2 files changed, 14 insertions, 19 deletions

diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index cef526cdb..daccf5ca5 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -896,8 +896,6 @@ class Backend(object):
             res = self._lib.EC_KEY_check_key(ec_cdata)
             assert res == 1
 
-            self._mark_asn1_named_ec_curve(ec_cdata)
-
             return _EllipticCurvePrivateKey(self, ec_cdata)
         else:
             raise UnsupportedAlgorithm(
@@ -930,8 +928,6 @@ class Backend(object):
             ec_cdata, self._int_to_bn(numbers.private_value))
         assert res == 1
 
-        self._mark_asn1_named_ec_curve(ec_cdata)
-
         return _EllipticCurvePrivateKey(self, ec_cdata)
 
     def elliptic_curve_public_key_from_numbers(self, numbers):
@@ -953,8 +949,6 @@ class Backend(object):
         ec_cdata = self._ec_key_set_public_key_affine_coordinates(
             ec_cdata, numbers.x, numbers.y)
 
-        self._mark_asn1_named_ec_curve(ec_cdata)
-
         return _EllipticCurvePublicKey(self, ec_cdata)
 
     def _elliptic_curve_to_nid(self, curve):
@@ -977,17 +971,6 @@ class Backend(object):
             )
         return curve_nid
 
-    def _mark_asn1_named_ec_curve(self, ec_cdata):
-        """
-        Set the named curve flag on the EC_KEY. This causes OpenSSL to
-        serialise EC keys along with their curve OID which makes
-        deserialisation easier.
-        """
-
-        self._lib.EC_KEY_set_asn1_flag(
-            ec_cdata, self._lib.OPENSSL_EC_NAMED_CURVE
-        )
-
     @contextmanager
     def _tmp_bn_ctx(self):
         bn_ctx = self._lib.BN_CTX_new()
diff --git a/src/cryptography/hazmat/backends/openssl/ec.py b/src/cryptography/hazmat/backends/openssl/ec.py
index 9c616a305..a2a90d17a 100644
--- a/src/cryptography/hazmat/backends/openssl/ec.py
+++ b/src/cryptography/hazmat/backends/openssl/ec.py
@@ -52,6 +52,18 @@ def _ec_key_curve_sn(backend, ec_key):
     return sn
 
 
+def _mark_asn1_named_ec_curve(backend, ec_cdata):
+    """
+    Set the named curve flag on the EC_KEY. This causes OpenSSL to
+    serialise EC keys along with their curve OID which makes
+    deserialisation easier.
+    """
+
+    backend._lib.EC_KEY_set_asn1_flag(
+        ec_cdata, backend._lib.OPENSSL_EC_NAMED_CURVE
+    )
+
+
 def _sn_to_elliptic_curve(backend, sn):
     try:
         return ec._CURVE_TYPES[sn]()
@@ -132,6 +144,7 @@ class _ECDSAVerificationContext(object):
 class _EllipticCurvePrivateKey(object):
     def __init__(self, backend, ec_key_cdata):
         self._backend = backend
+        _mark_asn1_named_ec_curve(backend, ec_key_cdata)
         self._ec_key = ec_key_cdata
 
         sn = _ec_key_curve_sn(backend, ec_key_cdata)
@@ -167,8 +180,6 @@ class _EllipticCurvePrivateKey(object):
         res = self._backend._lib.EC_KEY_set_public_key(public_ec_key, point)
         assert res == 1
 
-        self._backend._mark_asn1_named_ec_curve(public_ec_key)
-
         return _EllipticCurvePublicKey(
             self._backend, public_ec_key
         )
@@ -186,6 +197,7 @@ class _EllipticCurvePrivateKey(object):
 class _EllipticCurvePublicKey(object):
     def __init__(self, backend, ec_key_cdata):
         self._backend = backend
+        _mark_asn1_named_ec_curve(backend, ec_key_cdata)
         self._ec_key = ec_key_cdata
 
         sn = _ec_key_curve_sn(backend, ec_key_cdata)