def rsa_key_to_str(private_key: rsa.RSAPrivateKey) -> str: """ return RSA private key as string - PEM format, no encryption """ return private_key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption() ).decode()
def save_private_key(key: rsa.RSAPrivateKey, file_name: Path, passphrase: bytes = None, encoding: str = 'PEM', format: str = 'PKCS8'): """ Save private key to file. Default is PEM key in PKCS8 format. Parameters ---------- key Private key object. file_name Output file name. passphrase Passphrase to encrypt file. encoding Encoding format. format Output format. Values: PKCS8 or TraditionalOpenSSL """ with open(str(file_name), "wb") as outf: outf.write( key.private_bytes( encoding=Encoding[encoding], format=PrivateFormat[format], encryption_algorithm=serialization.BestAvailableEncryption( password=passphrase), ))
def serialize_privkey(private_key: rsa.RSAPrivateKey) -> bytes: """ Serialize an RSA private into the DER format. """ return private_key.private_bytes(serialization.Encoding.DER, serialization.PrivateFormat.PKCS8, serialization.NoEncryption())
def dump_private_key(key: rsa.RSAPrivateKey) -> bytes: """Dump a private key to PEM format (text) :param key: The Private Key objec to dump :return: The bytes of the private key, as PEM """ return key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=serialization.NoEncryption(), )
def get_private_key_pem(private_key: RSAPrivateKey) -> bytes: """ Returns private key PEM file bytes. :param private_key: RSPrivateKey :return: bytes """ return private_key.private_bytes( # type: ignore encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=serialization.NoEncryption(), )
def write_key(rsa_key: RSAPrivateKey, path: PathLike, password: Optional[str] = None) -> None: try: encryption_algorithm = BestAvailableEncryption(password.encode()) except AttributeError: encryption_algorithm = NoEncryption() pem = rsa_key.private_bytes(Encoding.PEM, PrivateFormat.PKCS8, encryption_algorithm) with open(path, 'wb') as file: file.write(pem)
def key_to_bytes( key: RSAPrivateKey, passphrase: Optional[str] = None, ): kwargs = {"encryption_algorithm": serialization.NoEncryption()} if passphrase is not None: kwargs["encryption_algorithm"] = serialization.BestAvailableEncryption( passphrase.encode()) return key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, **kwargs, )
def _key_to_str(key_object: rsa.RSAPrivateKey) -> str: """ Converts a private key object to a string """ pem = key_object.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption()) key_str = pem.decode() # type: str key_str = key_str[len(_PRIVATE_BEGIN_TAG):] # remove being tag key_str = key_str[:-(len(_PRIVATE_END_TAG) + 1)] # remove end tag key_str = key_str.replace("\n", "") # remove new lines return key_str
def private_key(self, private_key: rsa.RSAPrivateKey): if self._password is not None: enc = serialization.BestAvailableEncryption(self._password) else: enc = serialization.NoEncryption() key_bytes = private_key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=enc) with open(os.path.join(self._key_path), 'wb') as fd: fd.write(key_bytes)
async def write_certs(key: rsa.RSAPrivateKey, cert: x509.Certificate, name: str): assert len(name) > 0 with open(f"{name:s}.key", "wb") as f: f.write( key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption(), # ? )) with open(f"{name:s}.crt", "wb") as f: f.write(cert.public_bytes(encoding=serialization.Encoding.PEM, ))
def encode(self, private_key: RSAPrivateKey) -> bytes: private_bytes = private_key.private_bytes( encoding=Encoding.PEM, format=PrivateFormat.TraditionalOpenSSL, encryption_algorithm=NoEncryption()) public_key = private_key.public_key() numbers = public_key.public_numbers() n = numbers.n.to_bytes(int(public_key.key_size / 8), 'big').lstrip(b'\x00') kid = sha1(n).hexdigest() payload = self.payload() return jwt_encode(payload, private_bytes, algorithm='RS256', headers={'kid': kid})
def _save_key(namespace: str, identifier: str, key_pair: rsa.RSAPrivateKey): key_dir = pathlib.Path(KEY_STORE_PATH) / namespace / identifier os.makedirs(key_dir) with open(key_dir / 'id_rsa', 'wb') as f: key_binary = key_pair.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption() ) f.write(key_binary) with open(key_dir / 'id_rsa.pub', 'wb') as f: key_binary = key_pair.public_key().public_bytes( encoding=serialization.Encoding.PEM, format=serialization.PublicFormat.SubjectPublicKeyInfo ) f.write(key_binary)
def serialize_key(key: rsa.RSAPrivateKey) -> bytes: return key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption(), )
def convert_private_key_to_pem(private_key: rsa.RSAPrivateKey) -> str: return private_key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption()).decode()
def _private_key_to_bytes(private_key: rsa.RSAPrivateKey) -> bytes: return private_key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=serialization.NoEncryption(), )