2

I'm trying to load a public key using the "cryptography" module, and it looks like I am copying the code they have exactly (posted here) with only a few minor changes:

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes, serialization

def encrypt(message, publicKeyPath):
  with open(publicKeyPath, 'rb') as keyFile:
    privateKey = serialization.load_pem_private_key(
      keyFile.read(),
      password=None,
      backend=default_backend()
    )

  print(privateKey)

message = 'This message will be encrypted'

publicKeyPath = '/(path to key)/My First Key_public.pem'

encryptedMessage = encrypt(message, publicKeyPath)

However, I keep getting the error "Could not deserialize key data." Here is the full traceback:

Traceback (most recent call last):
  File "/Users/max.s.haberman/Documents/Code/Experiments/Encryption/encryption2.py", line 23, in <module>
    encryptedMessage = encrypt(message, publicKeyPath)
  File "/Users/max.s.haberman/Documents/Code/Experiments/Encryption/encryption2.py", line 9, in encrypt
    backend=default_backend()
  File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 16, in load_pem_private_key
    return backend.load_pem_private_key(data, password)
  File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1186, in load_pem_private_key
    password,
  File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1411, in _load_key
    self._handle_key_loading_error()
  File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1465, in _handle_key_loading_error
    raise ValueError("Could not deserialize key data.")
ValueError: Could not deserialize key data.

Here is the public key I am using, which has worked well in other places:

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaqpgfRRZa0H8A7v3ebJ
z+lM+j0Jdw2xftUoIDmGWkrQ0vJXnkCwP/zcALI/mgAlMtr4KDSrE0n7/+1u1uB+
DuhdjuGhu5EAAdA+N1yMOCRNfYRJFpAtQLO2qu6h6wU1HmVLIK87kyTAoVcn+HIX
4uMiQbNG7PH2Cv+VaQvA91I/tTcSkY/ZrGTYcFHa0k+sSGxqQDW7C7mu5RKssxAa
QCSnAUOjV+j1lUMvWYr8qs5yI4wRsFH6sP6m2/Ksrj1i3+DSOWJOy/WQs1e1CBcA
cVfyM+dflllneNkF6rnB0n2wIE4TeRatzy6AlSjQ7FohSkAfOMW6GwszVhEFSAu2
4QIDAQAB
-----END PUBLIC KEY-----

Am I missing something? Is there something else I need to do? It looks like other StackOverflow users have had this issue, but I don't think their situations applied to me, since my key does not include spaces, a working public key has already been created, etc. Any help is appreciated. Thanks in advance!

Max
  • 147
  • 1
  • 14

1 Answers1

2

The linked code refers to the private key. But for the encryption you need the public key (the private key is required for decryption):

publicKey = serialization.load_pem_public_key(
    keyFile.read(),
    backend=default_backend()
)

The posted key seems to be OK. It is a PEM encoded public key in PKCS8 format.

An example for the (still missing) encryption can be found here.

Topaco
  • 40,594
  • 4
  • 35
  • 62