generate_keypair¶
-
classmethod
KeyManager.
generate_keypair
(alg='rsa', **kwargs) → Tuple[bytes, bytes][source]¶ Generate a key pair, returning private + public key as serialized bytes based on
default_formats
and the kwargformat
if it’s present.By default, private keys are generally returned in PKCS8 format with PEM encoding, while public keys are OpenSSH format and OpenSSH encoding.
Example:
>>> priv, pub = KeyManager.generate_keypair(alg='rsa', key_size=2048) >>> priv b'-----BEGIN PRIVATE KEY-----\nMIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAMjkl ...Pw6eZGFwBEYY\n-----END PRIVATE KEY-----\n' >>> priv, pub = KeyManager.generate_keypair(alg='ecdsa', curve=ec.SECP521R1) >>> pub b'ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1...dJCxguBQnb1hL6aDH4fHCjpy6A=='
To override the formatting/encoding:
>>> priv, pub = KeyManager.generate_keypair( ... alg='ecdsa', format=dict(private_format='openssl', private_encoding='der') ... ) >>> priv b'0\x81\xa4\x02\x01\x01\x040u\x1e\x8cI\xcd\xfa\xc8\x97\x83\xf8\xed\x1f\xe5\xbd...'
- Parameters
alg (str) – The algorithm to generate a key for, e.g.
'rsa'
kwargs – All kwargs are forwarded to the matching generator in
generators
key_size (int) – (for rsa and similar algorithms) Number of bits for the RSA key. Minimum of 512 bits.
format (dict) – Override some or all of the default format/encoding for the keys. Dict Keys: private_format,public_format,private_encoding,public_encoding
- Returns