4

I am attempting to generate a public/private elliptic curve key pair in python using hazmat in cryptography. Below is the current code that I have. When I run, it is generating the error 'NoneType' object has no attribute 'generate_elliptic_curve_private_key'

ecurve = asymmetric.ec.EllipticCurve
ecurve.name = 'secp256r1'
ecurve.key_size = 128
ec_backend = cryptography.hazmat.backends.interfaces.EllipticCurveBackend.generate_elliptic_curve_private_key(cryptography.hazmat.backends.interfaces.EllipticCurveBackend, ecurve)
key = asymmetric.ec.generate_private_key(curve=ecurve, backend=ec_backend)

Here is the documentation https://cryptography.io/en/latest/hazmat/primitives/asymmetric/ec/#

Improve this question
1
  • EllipticCurveBackend ... The term "backend" here shouts "do not use" back at me. Even if it runs, it probably crashes on the first rewrite of the EC functionality. Commented Dec 9, 2019 at 13:25

1 Answer 1

Reset to default
16

I don't see where generate_elliptic_curve_private_key method is available.

Here is an example of generating a SECP256R1 and serializing the public key into PEM format:

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import ec

private_key = ec.generate_private_key(ec.SECP256R1(), default_backend())
public_key = private_key.public_key()
# serializing into PEM
rsa_pem = public_key.public_bytes(encoding=serialization.Encoding.PEM, format=serialization.PublicFormat.SubjectPublicKeyInfo)

printing the key

In [14]: print(rsa_pem.decode())
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEilwhueTwySfEbXd9y/inZVsYVG6z
/UJyVbN+cYgtIFd0vLdaP27cME8RGE/enMEcX7/jkb13j2DPnXt2R6teZw==
-----END PUBLIC KEY-----
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

This does answer the question, however, I was trying to set the size of the key in the original code. Is there any way to do this inside the above?
Key sizes are strictly tied to the curve parameters (e.g. a named curve like secp256r1). If you want a larger key size you need to use a different curve. secp256r1 has private keys that are 256-bit because the secret scalar (the private key) is a value less than the curve's order (which is 256-bit). The example provided here is the correct API for key generation (and public point serialization) on a given curve.
That makes sense. Thank you!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.