encoded with a simple `PKCS#1`_ structure (``RSAPrivateKey``). The key cannot be securely encrypted. With ``pkcs=8``, the private key is encoded with a `PKCS#8`_ structure (``PrivateKeyInfo``). PKCS#8 offers the best ways to securely encrypt the key. .. note:: This parameter is ignored for a public key. For DER and PEM, the output is always an ASN.1 DER ``SubjectPublicKeyInfo`` structure. protection (string): (*For private keys only*) The encryption scheme to use for protecting the private key using the passphrase. You can only specify a value if ``pkcs=8``. For all possible protection schemes, refer to :ref:`the encryption parameters of PKCS#8`. The recommended value is ``'PBKDF2WithHMAC-SHA512AndAES256-CBC'``. If ``None`` (default), the behavior depends on :attr:`format`: - if ``format='PEM'``, the obsolete PEM encryption scheme is used. It is based on MD5 for key derivation, and 3DES for encryption. - if ``format='DER'``, the ``'PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC'`` scheme is used. prot_params (dict): (*For private keys only*) The parameters to use to derive the encryption key from the passphrase. ``'protection'`` must be also specified. For all possible values, refer to :ref:`the encryption parameters of PKCS#8`. The recommendation is to use ``{'iteration_count':21000}`` for PBKDF2, and ``{'iteration_count':131072}`` for scrypt. randfunc (callable): A function that provides random bytes. Only used for PEM encoding. The default is :func:`Cryptodome.Random.get_random_bytes`. Returns: bytes: the encoded key Raises: ValueError:when the format is unknown or when you try to encrypt a private key with *DER* format and PKCS#1. .. warning:: If you don't provide a pass phrase, the private key will be exported in the clear! .. _RFC1421: http://www.ietf.org/rfc/rfc1421.txt .. _RFC1423: http://www.ietf.org/rfc/rfc1423.txt .. _`PKCS#1`: http://www.ietf.org/rfc/rfc3447.txt .. _`PKCS#8`: http://www.ietf.org/rfc/rfc5208.txt NÚ