A list of all the classes and functions in Python for CryptoSys PKI with a cross reference to the corresponding PKI core function in the main manual. Check the link to the PKI core function for more detailed information on the underlying behaviour. All methods are static methods. See also the full cryptosyspki Python documentation.
| Class | Method | PKI Function | Description |
|---|---|---|---|
| Asn1 -- Utilities to analyze ASN.1 files. | |||
| type | ASN1_Type | Describe the type of ASN.1 data. | |
| text_dump | ASN1_TextDump | Dump details of an ASN.1 formatted data file to a text file. | |
| text_dump_tostring | ASN1_TextDumpToString | Dump details of an ASN.1 formatted data file to a string. | |
| Cipher -- Generic block cipher functions. | |||
| blockbytes | n/a | Return the block size in bytes for a given cipher algorithm. | |
| keybytes | n/a | Return the key size in bytes for a given cipher algorithm. | |
| encrypt | CIPHER_EncryptBytes | Encrypt data. | |
| decrypt | CIPHER_DecryptBytes | Decrypt data. | |
| encrypt_hex | CIPHER_EncryptHex | Encrypt data hex-encoded data using hex-encoded parameters. | |
| decrypt_hex | CIPHER_DecryptHex | Decrypt hex-encoded data using hex-encoded parameters. | |
| encrypt_block | CIPHER_EncryptBytes | Encrypt a block of data. Must be an exact multiple of block length. | |
| decrypt_block | CIPHER_DecryptBytes | Decrypt a block of data. Must be an exact multiple of block length. | |
| file_encrypt | CIPHER_FileEncrypt | Encrypt a file. | |
| file_decrypt | CIPHER_FileDecrypt | Decrypt a file. | |
| key_wrap | CIPHER_KeyWrap | Wrap (encrypt) key material with a key-encryption key. | |
| key_unwrap | CIPHER_KeyUnwrap | Unwrap (decrypt) key material with a key-encryption key. | |
| pad | PAD_BytesBlock | Pad byte array to correct length for ECB and CBC encryption. | |
| pad_hex | PAD_HexBlock | Pad hex-encoded string to correct length for ECB and CBC encryption. | |
| unpad | PAD_UnpadBytes | Remove padding from an encryption block. | |
| unpad_hex | PAD_UnpadHex | Remove the padding from a hex-encoded encryption block. | |
| encrypt_aead | CIPHER_EncryptAEAD | Encrypt data using the AES-GCM authenticated encryption algorithm. | |
| decrypt_aead | CIPHER_DecryptAEAD | Decrypt data using the AES-GCM authenticated encryption algorithm. | |
| Cms -- Create, read and analyze Cryptographic Message Syntax (CMS) objects. | |||
| make_envdata | CMS_MakeEnvData | Create a CMS enveloped-data object [file --> file]. | |
| make_envdata_from_string | CMS_MakeEnvDataFromString | Create a CMS enveloped-data object [string --> file]. | |
| make_envdata_from_bytes | CMS_MakeEnvDataFromBytes | Create a CMS enveloped-data object [bytes --> file]. | |
| read_envdata_to_file | CMS_ReadEnvData | Read and decrypt CMS enveloped-data object using the recipient's private key. | |
| read_envdata_to_string | CMS_ReadEnvDataToString | Read and decrypt CMS enveloped-data object using the recipient's private key [file --> string] (expects output to be UTF-8-encoded text). | |
| read_envdata_to_bytes | CMS_ReadEnvDataToBytes | Read and decrypt CMS enveloped-data object using the recipient's private key [file --> bytes]. | |
| make_sigdata | CMS_MakeSigData | Create a CMS signed-data object from a data file using user's private key [file --> file]. | |
| make_sigdata_from_string | CMS_MakeSigDataFromBytes | Create a CMS signed-data object from a string using user's private key [string --> file]. | |
| make_sigdata_from_bytes | CMS_MakeSigDataFromBytes | Create a CMS signed-data object from data using user's private key [bytes --> file]. | |
| make_sigdata_from_sigvalue | CMS_MakeSigDataFromSigValue | Create a CMS object of type SignedData using a pre-computed signature value [bytes --> file]. | |
| make_sigdata_from_pseudo | CMS_MakeSigDataFromSigValue | Create a SignedData object from a "pseudo" object. | |
| make_detached_sig | CMS_MakeDetachedSig | Create a "detached signature" CMS signed-data object from a message digest of the content [hexdigest --> file]. | |
| read_sigdata_to_file | CMS_ReadSigData | Read the content from a CMS signed-data object file [file --> file]. | |
| read_sigdata_to_string | CMS_ReadSigDataToString | Read the content from a CMS signed-data object file directly into a string [file --> string] (expects output to be UTF-8-encoded text). | |
| read_sigdata_to_bytes | CMS_ReadSigDataToBytes | Read the content from a CMS signed-data object file into bytes. | |
| verify_sigdata | CMS_VerifySigData | Verify the signature and content of a signed-data CMS object file. | |
| query_sigdata | CMS_QuerySigData | Query a CMS signed-data object file for selected information. May return an integer or a string. | |
| query_envdata | CMS_QueryEnvData | Query a CMS enveloped-data object file for selected information. May return an integer or a string. | |
| make_comprdata | CMS_MakeComprData | Create a new CMS compressed-data file (.p7z) from an existing input file. | |
| read_comprdata | CMS_ReadComprData | Read and extract the decompressed contents of a CMS compressed-data file [binary file --> binary file]. | |
| Cnv -- Character conversion routines. | |||
| tohex | CNV_HexStrFromBytes | Encode binary data as a hexadecimal string. | |
| fromhex | CNV_BytesFromHexStr | Decode a hexadecimal-encoded string into a byte array. | |
| tobase64 | CNV_B64StrFromBytes | Encode binary data as a base64 string. | |
| frombase64 | CNV_BytesFromB64Str | Decode a base64-encoded string into a byte array. | |
| tobase58 | CNV_Base58FromBytes | Encode binary data as a base58 string. | |
| frombase58 | CNV_Base58ToBytes | Decode a base58-encoded string into a byte array. | |
| reverse_bytes | CNV_ReverseBytes | Reverse the order of a byte array. | |
| num_from_bytes | CNV_NumFromBytes | Convert the leftmost four bytes of an array to a 32-bit integer. | |
| num_to_bytes | CNV_NumToBytes | Convert a 32-bit integer to an array of 4 bytes. | |
| utf8_check | CNV_CheckUTF8Bytes | Check if a byte array or string contains valid UTF-8 characters. Returns integer code. | |
| utf8_check_file | CNV_CheckUTF8File | Check if a file contains valid UTF-8 characters. Returns integer code. | |
| utf8_check_to_string | n/a | Return a string describing an integer code returned by Cnv.utf8_check and Cnv.utf8_check_file. | |
| shortpathname | CNV_ShortPathName | Retrieve the Windows short path form of the specified path. | |
| Compr -- Compression utilities. | |||
| compress | COMPR_Compress | Compress data using zlib compression. | |
| uncompress | COMPR_Uncompress | Uncompress data using zlib compression. | |
| Ecc -- Manage keys for elliptic curve cryptography. | |||
| make_keys | ECC_MakeKeys | Generate a new EC public/private key pair and save as two key files. | |
| read_private_key | ECC_ReadPrivateKey | Read from a file or string containing an EC private key into an "internal" private key string. | |
| read_public_key | ECC_ReadPublicKey | Read from a file or string containing an EC public key into an "internal" public key string. | |
| read_key_by_curve | ECC_ReadKeyByCurve | Return an internal key string of an EC key from its hexadecimal representation. | |
| query_key | ECC_QueryKey | Query an EC key string for selected information. May return an integer or a string. | |
| save_key | ECC_SaveKey | Save an internal EC key string (public or private) to an unencrypted key file. | |
| save_enc_key | ECC_SaveEncKey | Save an internal EC private key string to an encrypted private key file. | |
| publickey_from_private | ECC_PublicKeyFromPrivate | Return an internal EC public key string from an internal EC private key string. | |
| key_hashcode | ECC_KeyHashCode | Compute the hash code of an "internal" ECC public or private key string. | |
| dh_shared_secret | ECC_DHSharedSecret | Compute EC Diffie-Hellman shared secret. | |
| Gen -- General info about the core DLL and errors returned by it. | |||
| version | PKI_Version | Return the release version of the core CryptoSys PKI DLL as an integer value. | |
| compile_time | PKI_CompileTime | Return date and time the core CryptoSys PKI DLL was last compiled. | |
| module_name | PKI_ModuleName | Return full path name of the current process's DLL module. | |
| module_info | PKI_ModuleInfo | Get additional information about the core DLL module. | |
| core_platform | PKI_Platform | Return the platform the core DLL was compiled for ('Win32' or 'X64'). | |
| licence_type | PKI_LicenceType | Return licence type: "D"=Developer "T"=Trial. | |
| last_error | PKI_LastError | Return the last error message set by the toolkit, if any. | |
| error_lookup | PKI_ErrorLookup | Return a description of an error code. | |
| error_code | PKI_ErrorCode | Return the error code of the *first* error that occurred when calling the last function. | |
| Hash -- Compute message digest hash values. | |||
| length | HASH_Length | Return length of message digest output in bytes. | |
| data | HASH_Bytes | Compute message digest as a byte array from bytes data. | |
| file | HASH_File | Compute message digest as a byte array from data in a file. | |
| hex_from_data | HASH_HexFromBytes | Compute message digest in hexadecimal format from bytes data. | |
| hex_from_string | n/a | Compute message digest in hexadecimal format from a string. | |
| hex_from_file | HASH_HexFromFile | Compute message digest in hexadecimal format from data in a file. | |
| hex_from_hex | HASH_HexFromHex | Compute message digest in hexadecimal format from data in a hexadecimal-encoded string. | |
| double | HASH_Bytes | Create a double hash - hash of hash - as a byte array from bytes data. | |
| Hmac -- Compute keyed-hash based message authentication code (HMAC) values. | |||
| data | HMAC_Bytes | Compute a keyed-hash based message authentication code (HMAC) as a byte array from bytes data. | |
| hex_from_data | HMAC_HexFromBytes | Compute a keyed-hash based message authentication code (HMAC) in hexadecimal format from bytes data. | |
| hex_from_string | n/a | Compute a keyed-hash based message authentication code (HMAC) in hexadecimal format from string data. | |
| hex_from_hex | HMAC_HexFromHex | Compute a keyed-hash based message authentication code (HMAC) in hex format from data in hex-encoded strings. | |
| Hpke -- Hybrid Public Key Encryption (HPKE) functions. | |||
| labeled_expand | HPKE_LabeledExpand | Compute the output of the LabeledExpand function as defined in RFC9180. | |
| labeled_extract | HPKE_LabeledExtract | Compute the output of the LabeledExtract function as defined in RFC9180. | |
| derive_private_key | HPKE_DerivePrivateKey | Derive an EC private key in a deterministic manner from input keying material using the DeriveKeyPair algorithm in RFC9180. | |
| Kdf -- Key Derivation Functions. | |||
| bytes | KDF_Bytes | Generate a key-encryption key (KEK) from input keying material using a key derivation function (KDF). | |
| for_cms | KDF_ForCms | Generate a key-encryption key (KEK) for ECDH key exchange in a CMS EnvelopedData object. | |
| Ocsp -- Online Certificate Status Protocol (OCSP) routines. | |||
| make_request | OCSP_MakeRequest | Create an Online Certification Status Protocol (OCSP) request as a base64 string. | |
| read_response | OCSP_ReadResponse | Read a response to an Online Certification Status Protocol (OCSP) request and outputs the main results in text form. | |
| Pbe -- Password-based encryption. | |||
| kdf2 | PBE_Kdf2 | Derive a key of any length from a password using the PBKDF2 algorithm. | |
| scrypt | PBE_Scrypt | Derive a key of any length from a password using the SCRYPT algorithm from RFC7914. | |
| Pem -- PEM file conversion routines. | |||
| from_binfile | PEM_FileFromBinFileEx | Create a PEM file from a binary file. | |
| to_binfile | PEM_FileToBinFile | Convert the contents of a PEM file into a binary file. | |
| Pfx -- PKCS-12 (PFX) file utilties. | |||
| make_file | PFX_MakeFile | Create a PFX (PKCS-12) file from an X.509 certificate and (optional) encrypted private key file. | |
| sig_is_valid | PFX_VerifySig | Determine if the MacData signature is valid in a pkcs-12 file. | |
| Prf -- Pseudorandom function (PRF) Functions. | |||
| bytes | PRF_Bytes | Generate output bytes using a pseudorandom function (PRF). | |
| Pwd -- Password dialog utility. | |||
| prompt | PWD_PromptEx | Return a password entered into a dialog box. | |
| Rng -- Random Number Generator to NIST SP800-90. | |||
| bytestring | RNG_Bytes | Generate an array of n random bytes. | |
| number | RNG_Number | Generate a random integer in a given range. | |
| octet | RNG_Number | Generate a single random octet (byte). | |
| initialize | RNG_Initialize | Initialize the RNG generator using a seed file. | |
| update_seedfile | RNG_UpdateSeedFile | Update the RNG seed file with more entropy. | |
| guid | RNG_Guid | Generate a random 36-character Global Unique IDentifier (GUID) string according to [RFC4122]. | |
| Rsa -- RSA encryption and key management. | |||
| make_keys | RSA_MakeKeysXtd | Generate a new RSA public/private key pair. | |
| key_bits | RSA_KeyBits | Return number of significant bits in RSA key modulus. | |
| key_bytes | RSA_KeyBytes | Return number of bytes (octets) in RSA key modulus. | |
| key_hashcode | RSA_KeyHashCode | Compute the hash code of an "internal" RSA public or private key string. | |
| key_isprivate | RSA_CheckKey | Determine if keystring is a private key. | |
| key_value | RSA_KeyValue | Extract a base64-encoded RSA key value from internal key string. | |
| key_match | RSA_KeyMatch | Determine if a pair of "internal" RSA private and public key strings are matched. | |
| publickey_from_private | RSA_PublicKeyFromPrivate | Return an internal RSA public key string from an internal RSA private key string. | |
| to_xmlstring | RSA_ToXMLStringEx | Return an XML string representation of an RSA internal key string. | |
| from_xmlstring | RSA_FromXMLString | Return an RSA key string in internal format from an XML string. | |
| read_private_key | RSA_ReadAnyPrivateKey | Return an internal private key string from a file or string containing an RSA private key. | |
| read_public_key | RSA_ReadAnyPublicKey | Return an internal public key string from a file or string containing an RSA public key. | |
| save_key | RSA_SavePrivateKeyInfo | Save an internal RSA key string (public or private) to an unencrypted key file. | |
| save_enc_key | RSA_SaveEncKey | Save an internal RSA private key string to an encrypted private key file. | |
| get_privatekey_from_pfx | RSA_GetPrivateKeyFromPFX | Extract an encrypted private key from a PKCS-12 PKCS8ShroudedKeyBag, saving the output directly as a new file. | |
| raw_private | RSA_RawPrivate | Return RSA transformation of block using private key. | |
| raw_public | RSA_RawPublic | Return RSA transformation of block using public key. | |
| encode_msg_for_signature | RSA_EncodeMsg | Create an encoded message for signature (EMSA-PKCS1-v1_5 only). | |
| decode_digest_for_signature | RSA_DecodeMsg | Extract digest (or digestinfo) from an EMSA-PKCS1-v1_5-encoded block. | |
| encode_msg_for_encryption | RSA_EncodeMsg | Create an encoded message for encryption (EME). | |
| decode_msg_for_encryption | RSA_DecodeMsg | Extract message from a PKCS#1 EME-encoded block. | |
| encrypt | RSA_Encrypt | Encrypt a short message using RSA encryption. | |
| decrypt | RSA_Decrypt | Decrypt a message encrypted using RSA encryption. | |
| Sig -- Create and verify digital signatures. | |||
| sign_data | SIG_SignData | Compute a signature value over data in a byte array. | |
| sign_digest | SIG_SignData | Compute a signature value over a message digest value. | |
| sign_file | SIG_SignFile | Compute a signature value over binary data in a file. | |
| data_is_verified | SIG_VerifyData | Verify a signature value over data in a byte array. | |
| digest_is_verified | SIG_VerifyData | Verify a signature value over a message digest value of data . | |
| file_is_verified | SIG_VerifyFile | Verify a signature value over data in a file. | |
| Smime -- S/MIME entity utilities. | |||
| wrap | SMIME_Wrap | Wrap a CMS object in an S/MIME entity. | |
| extract | SMIME_Extract | Extract the body from an S/MIME entity. | |
| query | SMIME_Query | Query an S/MIME entity for selected information. | |
| Wipe -- Wipe data securely. | |||
| file | WIPE_File | Securely wipe and delete a file. | |
| data | WIPE_Data | Zeroize data in memory. | |
| X509 -- Create and manage X.509 certificates. | |||
| make_cert | X509_MakeCert | Create an X.509 certificate using subject's public key and issuer's private key. | |
| make_cert_self | X509_MakeCertSelf | Create a self-signed X.509 certificate. | |
| cert_request | X509_CertRequest | Create a PKCS #10 certificate signing request (CSR). | |
| make_crl | X509_MakeCRL | Create an X.509 Certificate Revocation List (CRL). Version 1 only. | |
| text_dump | X509_TextDump | Dump details of X.509 certificate (or CRL or CSR) to a text file. | |
| text_dump_tostring | X509_TextDumpToString | Dump details of X.509 certificate (or CRL or CSR) to a string. | |
| query_cert | X509_QueryCert | Query an X.509 certificate file for selected information. May return an integer or a string. | |
| read_string_from_file | X509_ReadStringFromFile | Create a base64 string representation of an X.509 certificate. | |
| save_file_from_string | X509_SaveFileFromString | Create an X.509 certificate file from its base64 string representation. | |
| key_usage_flags | X509_KeyUsageFlags | Return a bitfield containing the keyUsage flags for an X.509 certificate. | |
| cert_thumb | X509_CertThumb | Return the thumbprint (message digest hash) of an X.509 certificate. | |
| cert_hashissuersn | X509_HashIssuerAndSN | Return the hash of the issuer and serial number. | |
| cert_is_valid_now | X509_CertIsValidNow | Verify that an X.509 certificate is currently valid as per system clock. | |
| cert_is_revoked | X509_CheckCertInCRL | Check whether an X.509 certificate has been revoked in a given Certificate Revocation List (CRL). | |
| cert_is_verified | X509_VerifyCert | Verify that an X.509 certificate has been signed by its issuer. | |
| cert_path_is_valid | X509_ValidatePath | Validate a certificate path. | |
| get_cert_count_from_p7 | X509_GetCertCountInP7Chain | Return number of certificates in a PKCS-7 "certs-only" certificate chain file. | |
| get_cert_from_p7 | X509_GetCertFromP7Chain | Extract an X.509 certificate from a PKCS-7 "certs-only" certificate chain file, saving the output directly as a new file. | |
| get_cert_from_pfx | X509_GetCertFromPFX | Extract an X.509 certificate from a PKCS-12 PFX/.p12 file, saving the output directly as a new file. | |
| get_p7chain_from_pfx | X509_GetCertFromPFX | Extract all X.509 certificates from a PKCS-12 PFX/.p12 file, saving the output directly as a new PKCS-7 "certs-only" certificate chain file. | |
| read_cert_string_from_p7chain | X509_ReadCertStringFromP7Chain | Reads an X.509 certificate into a base64 string from PKCS-7 "certs-only" data. | |
| read_cert_string_from_pfx | X509_ReadCertStringFromPFX | Read an X.509 certificate into a base64 string from PKCS-12 PFX/.p12 data. | |
| Xof -- Extendable-output function (XOF). | |||
| bytes | XOF_Bytes | Generate bytes using an extendable-output function (XOF). | |
For more information, please send us a message.
This page last updated 22 October 2023
