Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Box Status

JWT with Python SDK giving "Could not unserialize key data."

Follow
New post
Patricia65
I am using Python 3.5.  Here is my code,which is straight out of the docs, followed by the error.   
 
from boxsdk import JWTAuth
 
auth = JWTAuth(
    client_id='k29xaarbpae4znkghpay6rsixiitg1xc',
    client_secret='AajZ60HOdKhsuX0PRe0mkv5agV1J61sf',
    enterprise_id='XXXXXXX',
    jwt_key_id='XXXXX',
    rsa_private_key_file_sys_path='C:\\Users\\H470722\\Documents\\Keys\\private_key.pem',
    rsa_private_key_passphrase='XXXXXXX',
    store_tokens=lambda x, y: None, 
)
 
access_token = auth.authenticate_instance()
 
 
 
Error:
 
>>> 
 RESTART: C:/Users/H470722/Documents/EIV Reporting ETL/Python Scripts/BoxTest.py 
From cffi callback :
Traceback (most recent call last):
  File "C:\Users\H470722\AppData\Roaming\Python\Python35\site-packages\cryptography\hazmat\backends\openssl\backend.py", line 101, in _pem_password_cb
    pw_buf[:len(ud.password)] = ud.password
TypeError: a bytes-like object is required, not 'str'
Traceback (most recent call last):
  File "C:/Users/H470722/Documents/EIV Reporting ETL/Python Scripts/BoxTest.py", line 10, in
    store_tokens=lambda x, y: None,
  File "C:\Users\H470722\AppData\Roaming\Python\Python35\site-packages\boxsdk\auth\jwt_auth.py", line 102, in __init__
    backend=default_backend(),
  File "C:\Users\H470722\AppData\Roaming\Python\Python35\site-packages\cryptography\hazmat\primitives\serialization.py", line 20, in load_pem_private_key
    return backend.load_pem_private_key(data, password)
  File "C:\Users\H470722\AppData\Roaming\Python\Python35\site-packages\cryptography\hazmat\backends\multibackend.py", line 305, in load_pem_private_key
    return b.load_pem_private_key(data, password)
  File "C:\Users\H470722\AppData\Roaming\Python\Python35\site-packages\cryptography\hazmat\backends\openssl\backend.py", line 1084, in load_pem_private_key
    password,
  File "C:\Users\H470722\AppData\Roaming\Python\Python35\site-packages\cryptography\hazmat\backends\openssl\backend.py", line 1253, in _load_key
    self._handle_key_loading_error()
  File "C:\Users\H470722\AppData\Roaming\Python\Python35\site-packages\cryptography\hazmat\backends\openssl\backend.py", line 1325, in _handle_key_loading_error
    raise ValueError("Could not unserialize key data.")
ValueError: Could not unserialize key data.
 
 
What am I doing wrong?
0

Comments

10 comments

Date Votes
  • uberscout

    I'm also running into this same issue.

    0
    Comment actions Permalink
  • Murtza

      I am not sure why you are seeing this error, but according to this thread it might be an issue with the format of the private key you are using.

    0
    Comment actions Permalink
  • uberscout

    I was looking at the Box SDK and it looks like it's in the JWTAuth object (jwt_auth.py) specifically:

     

    ```

    with open(rsa_private_key_file_sys_path) as key_file:
    self._rsa_private_key = serialization.load_pem_private_key(
            key_file.read(),
            password=rsa_private_key_passphrase,
            backend=default_backend(),
        )

    ```

    key_file.read() is passing it a string and it expects a bytes array (https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization/#cryptography.hazmat.primitives.serialization.load_pem_private_key)

     

    I am just manually writing my JWT Auth but I believe the key_file.read() should be wrapped with bytes.

     

    ```

    with open(rsa_private_key_file_sys_path) as key_file:
    self._rsa_private_key = serialization.load_pem_private_key(
            bytes(key_file.read()),
            password=rsa_private_key_passphrase,
            backend=default_backend(),
        )

    ```

    0
    Comment actions Permalink
  • uberscout

    Looks like this was fixed in an update. You should be able to do this now.

    0
    Comment actions Permalink
  • DanEhrlich

    How do I fix this in Python 2.7?

    0
    Comment actions Permalink
  • boobalganesan

    Which version was it fixed in? I am using 3.6 and still facing the issue.

    0
    Comment actions Permalink
  • DimitrisT

    Same here...

    Anyone have had success?

    0
    Comment actions Permalink
  • DimitrisT

    I was not decrypting my private key -- duh!

    0
    Comment actions Permalink
  • SS90

    I don't know if this will help now or not but, you need to ensure that rsa_private_key_passphrase is in bytes and not string.

    So instead of -

    rsa_private_key_passphrase='XXXXXXX',

    use -

    rsa_private_key_passphrase=b'XXXXXXX', (for bytes)

    0
    Comment actions Permalink
  • z07diac

    Did you solve this problem?

    0
    Comment actions Permalink

Please sign in to leave a comment.