Skip to main content

Python interface to CryptoSys PKI

Project description

This is a Python interface to the CryptoSys PKI Pro library.

Requires: Python 2 (2.6 or above) on Windows platforms only. CryptoSys PKI Pro v12.1 or above must be installed. This is available from

To use in Python’s REPL

>>> from cryptosyspki import *
>>> Gen.version() # "hello world!" for CryptoSys PKI
>>> Hash.hex_from_data('abc') # compute SHA-1 hash in hex of the string 'abc'
>>> Hash.hex_from_data('abc', Hash.Alg.SHA256)   # same but using SHA-256
>>> h ='abc')   # h is a byte array
>>> print Cnv.tohex(h)     # display the byte array in hex

If you don’t like import * and find cryptosyspki a bit long to type each time, try

>>> import cryptosyspki as pki
>>> pki.Gen.version()
>>> pki.__version__


Look in the file test\ and you should find an example of use for almost every available method (perhaps contrived somewhat so they’ll work in the test environment, but you should get the idea). See also the main Python web page


There is a series of tests in test\

The tests require certain files to exist in the current working directory and create extra files when they run. To manage this, creates a temporary subdirectory. It requires a subdirectory work to exist in the same folder as the file which should contain all the required test files, available separately in the file The test function then creates a temporary subdirectory which is deleted automatically.

test/  # this module  # spare copies
  work/        # this _must_ exist
    <all required test files>
    pki.tmp.XXXXXXXX/    # created by `setup_temp_dir()`
      <copy of all required test files>
      <files created by tests>


For more information or to make suggestions, please contact us at

David Ireland
DI Management Services Pty Ltd
16 December 2018

Revision History

12.1.0 (2018-12-16)

  • Changes to match main core module versions 12.0 and 12.1.
  • Added support for RSA-PSS in RSA signatures, CMS signed-data objects and X.509 certificates.
  • Added support for RSA-OAEP in RSA encryption and CMS enveloped-data objects.
  • Added support for ECDSA in X.509 certificates.
  • Added support for ZLIB compression.
  • Added support for AES-GCM authenticated encryption.
  • Added functions to read certificate strings from P7 chain files and PFX files.
  • Added option for quicker single pass in Wipe.file().
  • Changed parameter in Cms.make_sigdata_*() functions from Cms.HashAlg type to Cms.SigAlg.

11.3.0 (2017-10-31)

  • Changes to match main core module (11.3).

11.2.0 (2017-08-11)

  • Synchronized version number with main core module (11.2).
  • Substantial changes to inline documentation.
  • Renamed Rng.bytes to Rng.bytestring to avoid clashes with Python built-in function.
  • Changed optional parameters in X509.cert_path_is_valid() and X509.get_cert_count_from_p7().

0.1.1 (2016-08-27)

  • Minor changes.

0.1.0 (2016-05-25)

  • First release of v0.1.0.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date (173.7 kB) Copy SHA256 hash SHA256 Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page