New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AttributeError: '_RSAPrivateKey' object has no attribute 'sign' #376
Comments
i also have this issue |
Facing similar issue too. I am using python 2.7 & pyjwt 1.6.4. Will update this comment with environment info later. Description Public Key example format Steps Expected output Error message |
@pcchannz With RSA you sign with the private key. JWT's do not encrypt data, they only sign it. |
Thanks @logankaser. I have updated the original comment description. It should be sign jwt with public key. Additional notes, it seem like while is mathematical possible to sign jwt with public key, it is not compliant as public key is meant to be known. If I am correct, pyjwt is compliance with the standard and therefore throwing this message? Reference: https://stackoverflow.com/questions/44214400/can-json-web-token-sign-with-public-key |
I'm getting the same thing following the directions on google cloud docs here
My code is the same as in the above gcloud docs. |
Same issue. |
I had the same issue using a Google Cloud API with JWT tokens. I solved by upgrading the version of cryptography I was using.
|
@talilama what exact version of pyjwt and cryptography are you using? Can anyone use something like https://repl.it/languages/python3 to replicate this issue? |
"AttributeError: 'AsymmetricKey' object has no attribute 'sign'" testing code: private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048, backend=default_backend()) chosen_hash = hashes.SHA256() |
I'm also hitting this issue with the latest versions of cryptography and pyjwt:
if anyone has it working (maybe @talilama?) could you post the versions of pyjwt and crytography that you are using? |
|
I think it is due to difference between _RSAPrivateKey and _RSAPublicKey in cryptography. |
You are right, one I got the public key to verify it worked as expected
Shane Guignard
Sent from my iPhone
… On Oct 25, 2019, at 9:25 AM, janparadowski ***@***.***> wrote:
I think it is due to difference between _RSAPrivateKey and _RSAPublicKey in cryptography.
The latter has a verify method but the former does not. (So if you encrypt with the public key you cannot call verify on the private key in the decode call but the other way around works.)
Pass in verify=False as an option on the decode call to work around this.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
Resolvi comentando a linha 143 do arquivo algorithms.py, meu pyjwt tá na versão 1.7.1 |
Make sure you don't mix up your private key with your public. |
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days |
When using a pair of RSA keys to try the example given in the docs:
Expected Result
I'm expecting to get both variables assigned without problem.
Actual Result
But what happens instead is that I'm getting:
AttributeError: '_RSAPrivateKey' object has no attribute 'sign'
Reproduction Steps
System Information
This command is only available on PyJWT v1.6.3 and greater. Otherwise,
please provide some basic information about your system.
The text was updated successfully, but these errors were encountered: