Utilities¶

This is a utility module containing miscellaneous functions dealing with keys and certificates.

The functions store_private_key and store_cert can be used to store keys and certificates on disk in the PEM format. The dual functions load_private_key and load_cert are used to load such keys/certificates from files.

The function extract_names simplifies obtaining names from X.509 certificates, and create_csr may be used to prepare a Certificate Signing Request when one wants to obtain a certificate.

pv080_crypto.utils.store_private_key(private_key: RSAPrivateKey, filename: str = 'private_key.pem', overwrite: bool = False) → bool[source]¶

Stores an RSA private key in a given file.

Parameters:

private_key – The RSA key to store.
filename – The name of the file to store the key into.
overwrite – A boolean flag to determine whether to overwrite an existing file.

Returns:

True if the private_key is written into filename, False otherwise.

Example:

>>> from cryptography.hazmat.primitives.asymmetric import rsa
>>> from pv080_crypto import store_private_key
>>> private_key = rsa.generate_private_key(65537, 2048)
>>> store_private_key(private_key, "private_key.pem")

pv080_crypto.utils.load_private_key(filename: str = 'private_key.pem') → RSAPrivateKey[source]¶

Loads a private key from a given file.

Parameters:: filename – The filename to look for the key in.
Returns:: The private key.

Example:

>>> from pv080_crypto import load_private_key
>>> private_key = load_private_key("private_key.pem")

pv080_crypto.utils.store_cert(cert: Certificate, filename: str, overwrite: bool = False) → bool[source]¶

Stores an X.509 certificate in a given file.

Parameters:

cert – The certificate to store.
filename – The name of the file to store the certificate into.
overwrite – A boolean flag to determine whether to overwrite an existing file.

Returns:

True if the cert is written into filename, False otherwise.

Example:

>>> from pv080_crypto import fetch_cert, store_cert 
>>> cert = fetch_cert(410390)                       
>>> store_cert(cert, "cert.pem")                    

pv080_crypto.utils.load_cert(filename: str) → Certificate[source]¶

Loads a certificate from a given file.

Parameters:: filename – The filename to look for the certificate in.
Returns:: The certificate itself.

Example:

>>> from pv080_crypto import load_cert 
>>> ca_cert = load_cert("pv080-root.pem") 

pv080_crypto.utils.extract_names(cert: Certificate) → Tuple[int | None, str | None][source]¶

Extracts UČO and xlogin from a certificate.

Parameters:: cert – The certificate to extract names from.
Returns:: A tuple of UČO and xlogin, if present in the certificate.

pv080_crypto.utils.create_csr(key: RSAPrivateKey, xlogin: str, uco: int) → CertificateSigningRequest[source]¶

Creates a Certificate Signing Request with given names.

Parameters:

key – The key to sign the CSR with. The corresponding public key is the certified one.
xlogin – The xlogin to insert as a name into the request.
uco – The UČO to insert as a name into the request.

Returns:

The CSR itself.

Example:

>>> from cryptography.hazmat.primitives.asymmetric import rsa
>>> from pv080_crypto import request_cert, create_csr
>>> private_key = rsa.generate_private_key(65537, 2048)
>>> public_key = private_key.public_key()
>>> csr = create_csr(private_key, "xzacik", 485305)

Utilities¶

Modules and Links

Table of Contents