Pfx class¶
- class cryptosyspki.Pfx¶
PKCS-12 (PFX) file utilties.
- class Opts¶
Bitwise options for creating a PFX file.
- AES256_SHA256 = 4163¶
encrypt both the private key and certificate using "AES256-SHA256"
- ALT_FORMAT = 1048576¶
Create a PFX file with the exact peculiarities used by Microsoft (default is OpenSSL)
- CLONE_KEY = 67108864¶
Store the private key in the exact form of the pkcs-8 input file (default is to re-encrypt with Triple DES)
- DOUBLE_ENCRYPT = 134217728¶
Double-encrypt the private key (specialist option)
- FORMAT_PEM = 65536¶
Create the output file in PEM format (default is DER-encoded binary)
- PLAIN_CERT = 33554432¶
Store the certificate in unencrypted form (default is encrypted with 40-bit RC2)
- STRONG_CERT = 16777216¶
Encrypt the certificate with "stronger" Triple DES (default is "weak" 40-bit RC2).
- static make_file(outputfile, certlist, prikeyfile='', password='', friendlyname='', opts=0)¶
Create a PFX (PKCS-12) file from an X.509 certificate and (optional) encrypted private key file.
- Parameters:
outputfile (str) -- name of output file to be created
certlist (str) -- filename of the subject's X.509 certificate (required)
prikeyfile (str) -- filename of the subject's encrypted private key in pkcs-8 format (optional)
password (str) -- password for private key file and new PFX file
friendlyname (str) -- friendly name identification for the subject (optional)
opts (Pfx.Opts) -- Specialist options
- Returns:
Zero if successful.
- Return type:
int
- static sig_is_valid(pfxfile, password)¶
Determine if the MacData signature is valid in a pkcs-12 file.
- Parameters:
pfxfile (str) -- Name of PKCS-12 file to be checked
password (str) -- password for file
- Returns:
True if signature is OK.
- Return type:
bool