Re: [Cryptography-dev] serialize private ley

Fri, 12 Oct 2018 13:50:01 -0700 

You should pass an instance of
https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization/#cryptography.hazmat.primitives.serialization.NoEncryption
if you want an unencrypted key.

Here's an example:
https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#key-serialization

Alex

On Fri, Oct 12, 2018 at 4:47 PM Ramani <rram...@gmail.com> wrote:

> Hello,
>
> I am trying to serialize a private key using private_bytes method. I want
> to serialize a RSA private key with no password in one python module and
> bring it back in another so that I can use the private key for signing
> certificates.
>
> I tried doing this :
>
> privkey_pem = privkey.private_bytes(encoding=serialization.Encoding.PEM,\
>                     format=serialization.PrivateFormat.PKCS8,\
>                     encryption_algorithm=KeySerializationEncryption())
>
> However in the private_bytes method there are a couple checks one for
> KeySerializationEncryption type and another for
>
> if not isinstance(encryption_algorithm,
>                           serialization.KeySerializationEncryption):
>             raise TypeError(
>                 "Encryption algorithm must be a KeySerializationEncryption
> "
>                 "instance"
>             )
>
>         if isinstance(encryption_algorithm, serialization.NoEncryption):
>             password = b""
>             passlen = 0
>             evp_cipher = self._ffi.NULL
>         elif isinstance(encryption_algorithm,
>                         serialization.BestAvailableEncryption):
>             # This is a curated value that we will update over time.
>             evp_cipher = self._lib.EVP_get_cipherbyname(
>                 b"aes-256-cbc"
>             )
>             password = encryption_algorithm.password
>             passlen = len(password)
>             if passlen > 1023:
>                 raise ValueError(
>                     "Passwords longer than 1023 bytes are not supported by
> "
>                     "this backend"
>                 )
>         else:
>             raise ValueError("Unsupported encryption type")
>
> So I am getting the unsupported encryption type value error.
>
> Thanks,
>
> Ram
>
>
> _______________________________________________
> Cryptography-dev mailing list
> Cryptography-dev@python.org
> https://mail.python.org/mailman/listinfo/cryptography-dev
>


-- 
All that is necessary for evil to succeed is for good people to do nothing.

_______________________________________________
Cryptography-dev mailing list
Cryptography-dev@python.org
https://mail.python.org/mailman/listinfo/cryptography-dev

Reply via email to