pkiutils package

Module contents

pkiutils.create_csr(key, dn, csrfilename=None, attributes=None)[source]

Generates a Certificate Signing Request for a given key.

Parameters:
  • key (Crypto.PublicKey.RSA._RSAobj) – a key
  • dn – a distinguished name as dictionary or string with key=value pairs separated by slashes like /CN=test.example.org/C=DE/O=Test organisation/
  • csrfilename (str) – name of a file to write the CSR to
  • attributes (tuple) – a tuple describing attributes to be included in the CSR
Returns:

a certificate signing request
pkiutils.create_rsa_key(bits=2048, keyfile=None, format='PEM', passphrase=None)[source]

Generate a new RSA key with the specified key size.

Parameters:
  • bits (int) – bit size of the key modulus
  • keyfile (str) – file the key should be written to
  • format (str) – format for the key file, either PEM or DER
  • passphrase (str) – pass phrase for encrypting the key file. If pass phrase is a callable its return value will be used.
Returns:

RSA private key instance