[Cryptography-dev] serialize private ley

Ramani rramani at gmail.com
Fri Oct 12 16:45:29 EDT 2018


Hello,

I am trying to serialize a private key using private_bytes method. I want
to serialize a RSA private key with no password in one python module and
bring it back in another so that I can use the private key for signing
certificates.

I tried doing this :

privkey_pem = privkey.private_bytes(encoding=serialization.Encoding.PEM,\
                    format=serialization.PrivateFormat.PKCS8,\
                    encryption_algorithm=KeySerializationEncryption())

However in the private_bytes method there are a couple checks one for
KeySerializationEncryption type and another for

if not isinstance(encryption_algorithm,
                          serialization.KeySerializationEncryption):
            raise TypeError(
                "Encryption algorithm must be a KeySerializationEncryption "
                "instance"
            )

        if isinstance(encryption_algorithm, serialization.NoEncryption):
            password = b""
            passlen = 0
            evp_cipher = self._ffi.NULL
        elif isinstance(encryption_algorithm,
                        serialization.BestAvailableEncryption):
            # This is a curated value that we will update over time.
            evp_cipher = self._lib.EVP_get_cipherbyname(
                b"aes-256-cbc"
            )
            password = encryption_algorithm.password
            passlen = len(password)
            if passlen > 1023:
                raise ValueError(
                    "Passwords longer than 1023 bytes are not supported by "
                    "this backend"
                )
        else:
            raise ValueError("Unsupported encryption type")

So I am getting the unsupported encryption type value error.

Thanks,

Ram
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20181012/0f14bb58/attachment.html>


More information about the Cryptography-dev mailing list