python - cryptography - generate new RSA private key

Asked Jan 24 '19 at 10:01

Active Jan 24 '19 at 13:43

Viewed 3,635 times

5

I need a function that generates me a new RSA private key that can then be stored as a string in a Django model field. I'm using cryptography==2.1.4.

I though I had accomplished that through:

from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.backends import default_backend

KEY_SIZE = 2048
PUBLIC_EXP = 65537
private_key = rsa.generate_private_key(
    public_exponent=PUBLIC_EXP,
    key_size=KEY_SIZE,
    backend=default_backend()
)
private_key_str = private_key.private_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PrivateFormat.TraditionalOpenSSL,
    encryption_algorithm=serialization.NoEncryption()
).decode()

but clearly i'm missing something here or some steps (though I'm supposed to know why...) since private_key_str has always the same value.

any suggestion here?

asked Jan 24 '19 at 10:01

Luke

1,794
10
43
70

1 Answers1

4

I try your code with cryptography==2.1.4 and I find that the private_key_str is not the same. I think maybe you didn't carefully compare the two string.

They both use a PEM encoded PKCS#1 structure to encode the key, so they just have a similar structure.

private_key1

-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAspdHsnVqiY0RFYVAHcqa9AQvZC4u7gGv36wWCEUIlemJx2L7
1UvAbD5b/n/RPp4nw2xTIpSFguC+d4t5IaomQR7WR0aCcWda9SveNk4KyJmnHUox
Z6BBz4vBhdLWLLwZwxGsmuml60Wv5JMVEbf0lDgZqjIBMH0W5hFxa6f3AvI2L2Xf
LzwhfcyDMBIENx47aDFyWwfJvkIotFcLS9gYvo5KQXCdoHMbkoygF2cF+JAfSPEb
HaRw0qCOIDb0pC/L8HUxyiSeGH9eu93KyweRTqoXdkWdmKLYlJHUsdv24xrUxeA3
rARho2flkL/kz6AKO4NJJy+pvDCCtk8PW+HnTwIDAQABAoIBAD8587Yof5lHCf9W
d4aUjhtJyAVtnEvC6SME55/x4MJCNfcTAhlXgj5QLX2Cfu/uSiGTnjMl5caaDpSA
GlhixrxTUIVXXyMK9lbKOxd6tbKjQ1jJRYhsYiA6WD8qj4yy42P+Q99sTMNonocL
02+8cqhu3Bc3MNib0JmPH1p/0qGFy1BsKVUAajiOfFAA8phKyBa1gRON8CtDihLc
oTFfr5b3oaYCBsfA/YYnvf0fEsBrX/xPKVqG5NRVg0dT9op6Z+PBWOZeqSEIk0OV
KNuFTB/xP7oLJgjO6A9upnSHauFZu0sT9UXa9PdTfb8H6zaRwwwqsbCljG0jHUdo
/FcJF8ECgYEA3TbmmkVVX5no6jC1b0bAoWfgqvCLEoBAXEKIbLEYrQ9snfB0bHR8
vS/XydhUvD2Ysf/J+hEHQg8ScQgrOUkkpl2Az88pN17eYIA/i1/yJ6rL2Ju/qOcN
Omo+Zk8sZR3xLt5zXqeNuC7UkuQVg0aQ1JDxszZEkFCf/Wwq64AsoBECgYEAzqyM
UEPwFAj/gL2LM/DFDDnZT2z4NMS6y0rqzHAPcn7hJGjG6dp4o3cEJPM3GObKUT3z
wrzy/Iw6rq7h8DOOHFklt6uAVrrYiFlQ1OSgl/H4a7Ohpi33UjqU3Hy0TFxcBSLy
xNQAcIqSQHxGs42je4JjLiUX4jNor12fm6j7cV8CgYBUGuyAGP5Fk8nHSG+i+B6C
/3Ce7Uei6BoQOceOs6JzIdslDWfmWD+Y2ljLyDEnRLAKdPsA1XqR9hMH4Jg2doW1
rvUrjVLZV3tq6ze9sOPrivdnyoeLGxWfcQd6dH2nkEPDkxYAFeo+7acqlgdL2wdz
mgwbG/XjfJPnkTmcQiY1UQKBgQCAMEPjcRASzTX02xvhPoBpwePIwNT+ndsiRrh1
zze1k37/v0FJQSm8chCO/o/5EQUB+QQdkGbCQBQRzwTyoHePm7eqQWSb5s5xW7yo
H5qARCQKYWNtGGujhBRa4bpO9qZYxUGA1eHj6/8kojCUI9D3xXrQ307+DVbsFozt
1pUGzwKBgEKDzYhr1AQjOysqxthRATj+UTPIODFuhUHH9/RowCa9wCWEEKnpv7Wa
pfmBJd3FkFC4+UQ6b5LyRc4dlMtDh8+GuomUFFPTBrU8oDLzPBZiotIBt1bmd/cq
JsJbimkNvUXY1XY03VajNbAXdsNDUAgbNx00zuOFvD/66Os0hclD
-----END RSA PRIVATE KEY-----

private_key2

-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAxJuI29hhZTLyVx/ePLG30I/DrVMUykeV6QeydwDkxRbI/ZKZ
JhCGyV8NtCyGKHa+vsRjwzzTGgBhpsxMzOwB37liGVlZ/LN0QC5rZ0hR9nVkTted
H8jkMlwV5/R8nMq35yDAdTtWxF2ngM9OLNDRPmyTa7AA0sZLfYYn8UwKTFikfPZ6
XLhb0YoApj6hUDAwKPj4rje3VcxVpLpv/Tfr+Z1qw9YSWCcFdLA89ppQqB0/TfZw
chpCdC5tpmzeucAz2QvuWBe4/LBAJ2vc/Hv4vCztQi2JtN/LJLjfSxdXM1IC4Acu
BqhdQ3sjkHYscp3TTTeVjuhnL+wF4OqtXejK3wIDAQABAoIBAH960gyqisxRcm0n
jrQQD7292gUCf9KBBCTrBr6+55cbpQs2CPNzd9IOPhZ7YCnQhPGw6Xboc4DCio7a
nVmqFbT4wTDqjLybp18OOjnn3K1PhNDSYWEAo2Y760BReJM5pnDI/cGFzkbY6wlM
YcYRR/uP7y6+GmqQhNZJLJD62xqQovMGxFlmqEEjBnru+5Zabbok7DMgzBXE/T/K
dNQC7tfm7KRn3eFxYzAlhUsime0/k4eQGJp+XMsI+SqUYQCkKicI/AgNW6nXsGT/
YMT/B0XDYvT+KCxnhW9pOAof6FbQ8XWrx4VfW73H0TSGtCo4OWi55OoIZDRz/5ff
b7lsAOECgYEA+HVz6heFNAt4v4cTrXHFZFkBlLoAtm/6NRnDBKHbdg6wmnVV3aJ7
Z3YdDSNlvmov5whLKwOLZlI0jONeZnKCaJAz8uOYOF8hoMFehurhsJUfHhQLzZVj
6BD2e62a8R377KFlMIY0JsHWkEwZEQO/KakqdY90xIE7LMTncz9SaHcCgYEAypMx
aCiyzVAXHMVY9rRLa7Iqdot+OnzF86T7RW/F8T5md3y6lJX2Y1HdHxLDYPm1xXBo
gg7Du/Eq/+L24YGJzg+CQs00Z3l5mJxt9OSsjuXqFJQqf9PeJUeNkhdY77xuzBfH
tS2dChmRfwLRqaatYq4RZ4s4tByib/8vjo1RMtkCgYAA5Qth0GveYBwzNF1RxpMb
ZWaoDnNqNMUF4+3b2mlb53mjVMDWZ3tiR/6ayYHYSbGad2Et6nlaCPm/eCIi5E6r
6bkGKuOlcFJCre+VNMtTQ3Y1OYVBXERb1ZPNpjZkn+MEWyBuKE2PxirrohqFASpz
D/TjL30QKBb6dksPEy9MyQKBgQCN7r+pOQq+K6Vl9Se2AvDtDjIOSQIyPIX9hdS/
++Z2dsAYa/3WaZPuVsdVJDJcWdlv8qhmp62gmwMDsqRDsB07kUY1Q825yjTWJpQs
B6SXoqN1s7JrSajV+eJJP66CmkYPHYJBgSoMj4mPsgvwj+XfxBJRuAwMthth2Swa
9wyzUQKBgCp9eBK/0mgEjRr1JacjDVZEcsIcj/erGA2FwoGRu1fXPevi1ggyJIKU
DA+aRZehHqUVOafNQsMJafMqFTTJxYtgkzMRqxfDz6HpNC1hWyvE5/STswEl5Izu
l2QSz4TU1Yk2wnrtDlIVkb6gM/JkQiOkSG5PSx9EAACZ1Yoz+NqS
-----END RSA PRIVATE KEY-----

edited Jan 24 '19 at 13:43

Maarten Bodewes

90,524
13
150
263

answered Jan 24 '19 at 10:20

willer he

66
5

What you are looking at is an ASN.1 structure encoded using DER encoding rules. If you want to have an idea what is inside have a look [here](https://lapo.it/asn1js/) and paste the base 64 inside the header and footer lines into the input field. willer he, I've reformatted your answer, please have a look at the edit (by clicking "edited xxx ago" above my name) for future reference. Note that single enters are not shown in markdown, use space, space, enter or a double enter to add newlines / new paragraphs. – Maarten Bodewes Jan 24 '19 at 13:40
@MaartenBodewes does your reference site allow to copy the integer? – kelalaka Jan 24 '19 at 16:00
@kelalaka Copying is tricky at best. I was thinking about grabbing the source code and reworking it. If I'm not mistaken, everthing is performed in browser (although it is obviously also send as GET request to the server, so don't use it for your live keys, of course). For copying stuff you may also use `openssl asn1parse` possibly with the `-d` "dump" option. – Maarten Bodewes Jan 24 '19 at 16:21
I cannot copy whole integer. The key part, well not my key :), from posted questions. – kelalaka Jan 24 '19 at 16:24
@MaartenBodewes I have saw your edit, it helps , thanks a lot – willer he Jan 25 '19 at 01:34