3

In my Python code, I'm using cryptography module. I have a private key on disk. So, from documentation, I used this example to load that key. Then use that key to sign a message. But running the program throws AttributeError: '_RSAPrivateKey' object has no attribute 'sign'

I looked in to source code of serialization module and check return type of load_pem_private_key(). The code requires some understanding of Abstract Base Classes.

Seeking help here to debug this issue.

Here's my code

  1 from cryptography.hazmat.backends import default_backend
  2 from cryptography.hazmat.primitives import hashes
  3 from cryptography.hazmat.primitives import serialization
  4 from cryptography.hazmat.primitives.asymmetric import padding
  5 from cryptography.hazmat.primitives.asymmetric import utils
  6 
  7 from base64 import b64encode
  8 
  9 def test_new_crypto():
 10     privkey = '/path/to/privkey'
 11     with open(privkey, "rb") as kf:
 12         private_key = serialization.load_pem_private_key(
 13                 kf.read(),
 14                 password=None,
 15                 backend=default_backend()
 16                 )
 17 
 18     message = b"A message I want to sign"
 19     signature = private_key.sign(  #### Error is here
 20             message,
 21             padding.PSS(
 22                 mgf=padding.MGF1(hashes.SHA256()),
 23                 salt_length=padding.PSS.MAX_LENGTH
 24                 ),
 25             hashes.SHA256()
 26             )
 27 
 28     return b64encode(signature)
 29 
 30 if __name__ == "__main__":
 31     print(test_new_crypto())
Bhaskar
  • 2,549
  • 1
  • 21
  • 23
  • 1
    Have you tried upgrading the version of `cryptography`? This error message suggests that your version of `cryptography` is very out of date. – Paul Kehrer Mar 22 '19 at 05:12
  • 2
    Looks like you have a very old version of the lib. [This issue](https://github.com/pyca/cryptography/issues/1529) has a discussion about adding this function. And here is [the commit](https://github.com/pyca/cryptography/commit/34d5c39a9c1efa6c2f2c9f473890ebe44816e85a#diff-3c301e5fe253682cfaef304bbbfeddc7) – alberand Mar 22 '19 at 08:52
  • @PaulKehrer @"A. Albershteyn" you are right. I was running 1.7.1 and upgrading to 2.6.1 resolved this issue. – Bhaskar Mar 22 '19 at 16:27

2 Answers2

4

You mention you are running an outdated version.

Upgrading from version 1.7.1 to 2.6.1 resolves the issue.

dusk
  • 1,799
  • 18
  • 25
  • ... and if you get a similar error like "object has no attribute '_backend'" then you have to downgrade (from e.g. 35.0.0) to 3.4.8 (`pip install cryptography==3.4.8`) – MacMartin Dec 09 '21 at 08:48
1

If you are here in 2022 and you use PyJWT, in cryptography version 37 the signer methods were deprecated, so you have to downgrade to version 36.0.2 of cryptography.

montty
  • 11
  • 1
  • 3
  • PyJWT stopped using the deprecated functions you’re referencing 5 years ago (https://github.com/jpadilla/pyjwt/commit/3def8d80eb3936dbcead07e86b6aee96ba07bfe9). Rather than downgrading cryptography you should upgrade pyjwt. – Paul Kehrer May 17 '22 at 10:39