Skip to content

RSAKey.as_dict returns a private key instead of a public one #74

New issue
New issue
Open
Open
RSAKey.as_dict returns a private key instead of a public one#74
@Fatal1ty

Description

@Fatal1ty
Fatal1ty
opened on Nov 13, 2025

I'm not sure I'm doing it right but if I generate RSA key and print its private and public parts thay will be the same. So, public part will have the RSA private key's private exponent "d" among other parameters which I think might a critical bug if someone rely on it.

import json
from joserfc.jwk import RSAKey

jwk = RSAKey.generate_key(2048, auto_kid=True)
print(json.dumps(jwk.as_dict(is_private=False), indent=2))
print(json.dumps(jwk.as_dict(is_private=True), indent=2))

The resulting JSON objects will have difference only in the "is_private" key:

{
  "n": "lsXCya0bi5fATV6-bV2ZQa2RFtM0S4ldX94aj-ZzmpritU-06Qx5XahjhZkRDgdZC9BTzZiaKJMh_thaRE2NX716_t4kkA96MmuS_zVupcvTh2TzXAsTmZlCUbqtagWj6rNJrbGPmxPYizwOKIutQMc0fitT9490DS61mCfC5xbCCdG7noGYPuJsjDQQRySwazZxuVNy1gQbbn_8FFINuzeWS7h_7BB28Z7uIrBsTION4yJZ90QzvXmR3MDeG7qHh5hT3ejYkIpHsyYJGtnybeQew4bDvFPtylXab3bN7YDH9lPmAoe2UJAf4MpAm-dEdLQpr9cmTb47Vob2a4LCsw",
  "e": "AQAB",
  "d": "BzP9gVsW1M10L34WRO1S1BNxuhBvECjI4DqhNDzDSyCZMiZTs0qYRcQ0tP5CFVR-iZTzXAAtZUDaP-2gKmE2HtvTk3eTcZp7sQr4o96uoZciTPaitcQFtLHgvDzZ6hXI5f6Yx4aTIMqK7uP4nTFHHrAlrt1tDoe4-KRBorpLknSuDqGcBit-MFy5_2r5Qge7VDsXsNncDR1CvvLouOJk-b1WJLNlNqtGgJlQzFlW2UNvQ4kUCIc2lbdGqLJw80WSCbr9qklgpddkU-r1NBpX1mCjI6peDSrhlfMmNT6cyN2OlDPXn2_7eAq8YVGiBiJnXP5nABriOBz-6uy__LzTcQ",
  "p": "1Cfjha3DkE9KTOxrHRuLbpQQ7f9KMZpFj-kdep1IVaxqCx_ZZxIRqFfFVCwY_Kg5AfeCmxkjd8K_WBR_vNmho-mmTx84FNNg4xXKFVReE8HJwtiaR1hqs123huPdx-UTzQlm049TFqBDkaHckRqCZJRi9_EDo1xFopE1VVVKSkk",
  "q": "te5iwE0si5YSFaMju7wTIu_i4lTEvtLRHdwU8IQcSmcU2b4Z-TQ4w1P1H4J6ESf8_ft1Q5nq193LcnI7RZWdz3qKJaw1Y7syNahKxafxCoUlHAk3Z2pLSEGND7tHv616MH_7uNCceHDAn-bzTJdacy5BqOoWnMfWDKKts5tthRs",
  "dp": "BSQCS1buiiyhrEN-RPJJ6qAD2QB6l8EZNmd7o2D0Q78twp8-8VRqwR1_Vo7K_DRHTVjl_UQaq-g4IrY8ciMD26jpsrka7sZAbsA0aVfl_6yOav48nsXxr-7xZ39V_GX8mNdFepLafI3dlUXKxmlSB4Xg8AkTAX5W4Z2LIUozxqE",
  "dq": "AUE3pSPjHsNWNJf_cxgE-cS1x-HVyYsirhYKfu4qU8kKN8Y736AglBhMJH994AhqkkXdtS2mlP6OnKd1CTHS-M9bjI73f0yXOA-FFH_oBa6NZvgZTblJ86GgG2-rOwMzSIpZbhjiO2Jrsa6iFvEkSo8THNsgdMxcCZJFqGt2Aek",
  "qi": "RRo5Yfb5qMhnWqU2A9C0E6AvrxCtML2vDjsGwFqfVh8ZhtazvdVZc82AfVFQlC--iVz1SCUKUlz-PTAzzPAUdjU8yCFt2wREGgRWYAVvaR980cBKX1lM2mqrEJhJICdzK6tyzruHm4XNv97b5-rAmqF0oboloWXpkQS901970TY",
  "kty": "RSA",
  "kid": "tL5L8s0SM4Gs6TKpDFnoT-8unf0MIsnV4Jd0AbWFlKk",
  "is_private": false
}
{
  "n": "lsXCya0bi5fATV6-bV2ZQa2RFtM0S4ldX94aj-ZzmpritU-06Qx5XahjhZkRDgdZC9BTzZiaKJMh_thaRE2NX716_t4kkA96MmuS_zVupcvTh2TzXAsTmZlCUbqtagWj6rNJrbGPmxPYizwOKIutQMc0fitT9490DS61mCfC5xbCCdG7noGYPuJsjDQQRySwazZxuVNy1gQbbn_8FFINuzeWS7h_7BB28Z7uIrBsTION4yJZ90QzvXmR3MDeG7qHh5hT3ejYkIpHsyYJGtnybeQew4bDvFPtylXab3bN7YDH9lPmAoe2UJAf4MpAm-dEdLQpr9cmTb47Vob2a4LCsw",
  "e": "AQAB",
  "d": "BzP9gVsW1M10L34WRO1S1BNxuhBvECjI4DqhNDzDSyCZMiZTs0qYRcQ0tP5CFVR-iZTzXAAtZUDaP-2gKmE2HtvTk3eTcZp7sQr4o96uoZciTPaitcQFtLHgvDzZ6hXI5f6Yx4aTIMqK7uP4nTFHHrAlrt1tDoe4-KRBorpLknSuDqGcBit-MFy5_2r5Qge7VDsXsNncDR1CvvLouOJk-b1WJLNlNqtGgJlQzFlW2UNvQ4kUCIc2lbdGqLJw80WSCbr9qklgpddkU-r1NBpX1mCjI6peDSrhlfMmNT6cyN2OlDPXn2_7eAq8YVGiBiJnXP5nABriOBz-6uy__LzTcQ",
  "p": "1Cfjha3DkE9KTOxrHRuLbpQQ7f9KMZpFj-kdep1IVaxqCx_ZZxIRqFfFVCwY_Kg5AfeCmxkjd8K_WBR_vNmho-mmTx84FNNg4xXKFVReE8HJwtiaR1hqs123huPdx-UTzQlm049TFqBDkaHckRqCZJRi9_EDo1xFopE1VVVKSkk",
  "q": "te5iwE0si5YSFaMju7wTIu_i4lTEvtLRHdwU8IQcSmcU2b4Z-TQ4w1P1H4J6ESf8_ft1Q5nq193LcnI7RZWdz3qKJaw1Y7syNahKxafxCoUlHAk3Z2pLSEGND7tHv616MH_7uNCceHDAn-bzTJdacy5BqOoWnMfWDKKts5tthRs",
  "dp": "BSQCS1buiiyhrEN-RPJJ6qAD2QB6l8EZNmd7o2D0Q78twp8-8VRqwR1_Vo7K_DRHTVjl_UQaq-g4IrY8ciMD26jpsrka7sZAbsA0aVfl_6yOav48nsXxr-7xZ39V_GX8mNdFepLafI3dlUXKxmlSB4Xg8AkTAX5W4Z2LIUozxqE",
  "dq": "AUE3pSPjHsNWNJf_cxgE-cS1x-HVyYsirhYKfu4qU8kKN8Y736AglBhMJH994AhqkkXdtS2mlP6OnKd1CTHS-M9bjI73f0yXOA-FFH_oBa6NZvgZTblJ86GgG2-rOwMzSIpZbhjiO2Jrsa6iFvEkSo8THNsgdMxcCZJFqGt2Aek",
  "qi": "RRo5Yfb5qMhnWqU2A9C0E6AvrxCtML2vDjsGwFqfVh8ZhtazvdVZc82AfVFQlC--iVz1SCUKUlz-PTAzzPAUdjU8yCFt2wREGgRWYAVvaR980cBKX1lM2mqrEJhJICdzK6tyzruHm4XNv97b5-rAmqF0oboloWXpkQS901970TY",
  "kty": "RSA",
  "kid": "tL5L8s0SM4Gs6TKpDFnoT-8unf0MIsnV4Jd0AbWFlKk",
  "is_private": true
}

On the other hand, the similar code with authlib works as expected:

import json
from authlib.jose.rfc7518.rsa_key import RSAKey

jwk = RSAKey.generate_key(2048, is_private=True)
print(json.dumps(jwk.as_dict(is_private=False), indent=2))
print(json.dumps(jwk.as_dict(is_private=True), indent=2))
{
  "n": "1I3j7VfBsmV6ZqCQ2HWeT3jNznkF7Tk_WrcqnhyUQ-wTlpOiA9PDdVZtYOaroUhLg2iRXuSaeJ9CNGeQmewfBEdZT9XXBowQLwk7CKBQPH-v9FcFTfEtR_jdeqXC1mnIxbo8Cw5PvaePEz5si6R2f9G6TUMY85SzmnZiR1gemsk6fZSNz4r0uG_QhQBJGFY9MB5PBGPnD8Who7ua3vnA9qzaU7oe-IVFUBzATezk4XeeafPONUQtIfCcxjISmVQNtgUPZk4QZ5VtjLI3xhS8l0YG_9uH7Z8Rf8MhRYHZ2ImjxT8Uh9I0EXfwsGgWL6mJB162L4U051Y9NcO3HiUo5w",
  "e": "AQAB",
  "kty": "RSA",
  "kid": "NTbgNmdFfOIShi2xU2BU9DakEhRfQpiD8eVSY_SM8ZU"
}
{
  "n": "1I3j7VfBsmV6ZqCQ2HWeT3jNznkF7Tk_WrcqnhyUQ-wTlpOiA9PDdVZtYOaroUhLg2iRXuSaeJ9CNGeQmewfBEdZT9XXBowQLwk7CKBQPH-v9FcFTfEtR_jdeqXC1mnIxbo8Cw5PvaePEz5si6R2f9G6TUMY85SzmnZiR1gemsk6fZSNz4r0uG_QhQBJGFY9MB5PBGPnD8Who7ua3vnA9qzaU7oe-IVFUBzATezk4XeeafPONUQtIfCcxjISmVQNtgUPZk4QZ5VtjLI3xhS8l0YG_9uH7Z8Rf8MhRYHZ2ImjxT8Uh9I0EXfwsGgWL6mJB162L4U051Y9NcO3HiUo5w",
  "e": "AQAB",
  "d": "P9HInWNLi8JvYXAVfYC3Q1pcxQFOd79IF_dGKwoetFQmP4BdVXPYTJtiJQWtg7P-xFp5x3mxLcV3rd9oqeadG35GwTNOKC-WzmChooHsBXY7QQx90by34VPGQEST_yfs-f1keNdXtvSf_2GvWrBLSi6RFxCt5bkAwkCIWq6JJeT4fAjNgJ2oB9WTKsF9Bc_Qy_fuAGUxaGOMXQ_1W-rMdLbnerlIhDOEUAQ4iVGbjxapc-ZQcwub2tD10YKdIuviPzr4eIOYf9R1qaIsb00Vzz02LBlBdQYarfTM4rhZphVCeypmssygQfw4FQyTh11S91LN8wAYsKvwbxAUIy3pbQ",
  "p": "7MgoZvoZCEjN-kuVM24GZ1i3Z6r9du0iwLNWN2VLeTtDPhou3xSToGkYbTjW0qKCfP6qRUriSLevLD_rT1pGTZAcOceszKXUJ4BN-JxtYVBff3nLMKnrdM6KhB1y4qhowyTbTuB9Wn3modwB3wHrppuD9989fv5S8NfcO08JiOs",
  "q": "5c5VHGNSNdgIyIBM0fwHRZd9C_ewCXRblpmGidy_i7vqTO2xiMPQ2lH09ZSehqX9_VrsiU7D3sa7R-o0l7VnSB5Lw8U6plvlOewNKIn9rM4XZTF-oxhH2XJ5qIougm69PBRrRHoV8Lt-s_vXxuRa_9JNkG_oA8AxaP0B2GjHYPU",
  "dp": "R5vQ_DOu1l6OTKAHI2Km9SJTdTq1JP5agES8UkyEIsnVcDai7jxe2Shvhril31XeeMbb39Dh1nQWuh8qnvkCQfrPTnogvFN6cefPrNxCCCgyeW7wEGuTFeRQ59uwHvQnmrzOxnAF-RQSZ-kNd9Aw4FYv9wrAomNv2f6uUBF7JLk",
  "dq": "HH2JJbzWi2BeLmVhoMLrL-CJGzu48mMfm7sq59qbULqaYLEzSm5kbTyt7uhfAvh_VbK5EojWVb8zpsXNgWV3CYTgBcRk8g0AjT7LntQExDDEy8HoHlY7SiUcGh4PiBIsmc86QUIViEPmgG_fn4PeGEs9XIPTMuvX9Fkxql_LICU",
  "qi": "PDOTe8PhEU7Op8YdPXf8NJYnU-fXyB1uKg2nnx0Jsnj1mJzQ_IgNk4ija5rW2XA43HcqdqruQwSj3JQqshfg4o6LfSk4pK2qxI1I-tRz8sZNPsTTzSIvJtOUzWY1-qMGZmZOMrUR9DBzcN2yxbL-DC9EcXH7phmsypQ3JQ0y2f8",
  "kty": "RSA",
  "kid": "NTbgNmdFfOIShi2xU2BU9DakEhRfQpiD8eVSY_SM8ZU"
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions