Skip to content

Cannot load key after upgrading to 45.0.1 or higher #13126

@kmccabe2

Description

@kmccabe2

Sample key (obviously not used anywhere):

-----BEGIN EC PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgvs3UWxmNaim0WDCe
AvqP+e9Bh+Sq0gN/0vUnhuXQg5ChRANCAATwPeA2IGUR77rEKJYBx7LK+cOTioWM
KF5qYx80ZZ2JpUXRk1ZE4Jh4H8PYz9yrvZjQcgBUwnqs1SFEO/iuugqz
-----END EC PRIVATE KEY-----

Reproduce:

>>> serialization.load_pem_private_key("""-----BEGIN EC PRIVATE KEY-----
... MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgvs3UWxmNaim0WDCe
... AvqP+e9Bh+Sq0gN/0vUnhuXQg5ChRANCAATwPeA2IGUR77rEKJYBx7LK+cOTioWM
... KF5qYx80ZZ2JpUXRk1ZE4Jh4H8PYz9yrvZjQcgBUwnqs1SFEO/iuugqz
... -----END EC PRIVATE KEY-----""".encode(), None)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ValueError: Could not deserialize key data. The data may be in an incorrect format, it may be encrypted with an unsupported algorithm, or it may be an unsupported key type (e.g. EC curves with explicit parameters). Details: ASN.1 parsing error: unexpected tag (got Tag { value: 16, constructed: true, class: Universal })

The above works fine with 44.0.3 and below. The changelog says:

We significantly refactored how private key loading ( load_pem_private_key() and load_der_private_key()) works. This is intended to be backwards compatible for all well-formed keys, therefore if you discover a key that now raises an exception, please file a bug with instructions for reproducing.

So therefore opening an issue

Metadata

Metadata

Assignees

No one assigned

    Labels

    waiting-on-reporterIssue is waiting on a reply from the reporter. It will be automatically cloesd if there is no reply.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions