In [1]:
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization, hashes
from cryptography.x509.oid import NameOID
from cryptography import x509
import datetime

In [2]:
# Generate a new RSA key pair
private_key = rsa.generate_private_key(
    public_exponent=65537,
    key_size=2048
)

# Extract the public key
public_key = private_key.public_key()

In [3]:
# Serialize the public and private keys to PEM format
pem_public_key = public_key.public_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PublicFormat.SubjectPublicKeyInfo
)

pem_private_key = private_key.private_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PrivateFormat.PKCS8,
    encryption_algorithm=serialization.NoEncryption()
)

# Print the public and private keys
print("Public key:\n", pem_public_key.decode())
print("Private key:\n", pem_private_key.decode())

Public key:
 -----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn3R0GOrsfTXnYHCIi5p
/HrnSkQ9GcWgCMRNvMzlKzrJD3bvH67yNlHccOsQx+yed9CYnQ2hU4Gj1ki66hHv
/TQ36Ekc5NJ67hVgeOfP3iLV13kPRZjwxIfNtSQRlQdeLW2jU1Z634adCpJAR01K
Nb14RTLDI6jD2HR/RsA/ttrOhI2PUKCOhJj1PrrLMhcFQLLIgy2f5AjoKx5+D7Fz
ry10fzkOIElYlZzifh/QiaHzcwUpx6uOgxeYVZBdT2IWASEL10mqyT/izU3ewTKp
KpzUreocKATkVtbd6Ztam3TuFNFJ8iQv2bTIHeIl3pSqsB4uud8waMeWdpwxwSaY
8wIDAQAB
-----END PUBLIC KEY-----

Private key:
 -----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCufdHQY6ux9Ned
gcIiLmn8eudKRD0ZxaAIxE28zOUrOskPdu8frvI2Udxw6xDH7J530JidDaFTgaPW
SLrqEe/9NDfoSRzk0nruFWB458/eItXXeQ9FmPDEh821JBGVB14tbaNTVnrfhp0K
kkBHTUo1vXhFMsMjqMPYdH9GwD+22s6EjY9QoI6EmPU+ussyFwVAssiDLZ/kCOgr
Hn4PsXOvLXR/OQ4gSViVnOJ+H9CJofNzBSnHq46DF5hVkF1PYhYBIQvXSarJP+LN
Td7BMqkqnNSt6hwoBORW1t3pm1qbdO4U0UnyJC/ZtMgd4iXelKqwHi653zBox5Z2
nDHBJpjzAgMBAAECggEAF/bTtVOwUD/DdQWjId/5/QuWxE5cOIk5vLp+aqrr4Q9b
xFyd5Ai6NIJITNcby46lsj2FwtwNB1OgqrH7vw

In [4]:
print(private_key.private_numbers().p)
print(private_key.private_numbers().q)
print(private_key.private_numbers().d)

164404400662073624132549319873363743643699100913118920311276644788543761778552766015154531561998445120846330797818493490166096615304951334012076366811221323003992608425812615642580009053290581884254873528935379188417751643857725677377087115440724933462834308472534896037809092383122532758163769775182524610057
133983694631425763436962882665439635239921841340188166734998024987392499436952805653274310591514105262206731024808299145594393059859846599661085238683375351632537361663552494637725144775576811756680969743002076145367196705935188018430054650443205923126634311948770884596486525943502639657686166287900016145947
30251959371856840632203966784527615289862796169421438461021048137636903321186564840953676537265626799159281771933815038702240347825032302627622956894979280797993396380176001608863137551523612880546602124398610475064475210679472775757230055085075518480006598150580574773326413831232129357706219506184067263301407707773172220763719627157094315410192341719913390785376621346460462954

In [5]:
print(public_key.public_numbers().e)
print(public_key.public_numbers().n)

65537
22027509014369844061692667630074657320773328707748012877786124344081657650847387971056748750715991965815515696843490513940768006170755596074067021620912418994794013983048603260203652829948185512395926191690005200032966208602702843916764529887903795140628758125264044836524996480899119269491065563033685092604376126162811325832187242796507659193687437318425041313043174527375144030757950347745333881055919711169016422567320204230619058711863633208286069869825775613198763831773548556696060883939720716916547706634165364104905560770603637782189649860847148012462091032942554843742518818159738763126316996367980175988979


In [6]:
# Generate a certificate signing request (CSR) for the public key
csr = x509.CertificateSigningRequestBuilder().subject_name(x509.Name([
    x509.NameAttribute(NameOID.COUNTRY_NAME, "US"),
    x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "California"),
    x509.NameAttribute(NameOID.LOCALITY_NAME, "San Francisco"),
    x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Example Corp"),
    x509.NameAttribute(NameOID.COMMON_NAME, "example.com"),
])).add_extension(
    x509.BasicConstraints(ca=False, path_length=None), critical=True,
).sign(private_key, hashes.SHA256())

# Serialize the CSR to PEM format
pem_csr = csr.public_bytes(encoding=serialization.Encoding.PEM)

# Print the CSR
print("Certificate signing request (CSR):\n", pem_csr.decode())

Certificate signing request (CSR):
 -----BEGIN CERTIFICATE REQUEST-----
MIICyzCCAbMCAQAwZzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWEx
FjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xFTATBgNVBAoMDEV4YW1wbGUgQ29ycDEU
MBIGA1UEAwwLZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCufdHQY6ux9NedgcIiLmn8eudKRD0ZxaAIxE28zOUrOskPdu8frvI2Udxw
6xDH7J530JidDaFTgaPWSLrqEe/9NDfoSRzk0nruFWB458/eItXXeQ9FmPDEh821
JBGVB14tbaNTVnrfhp0KkkBHTUo1vXhFMsMjqMPYdH9GwD+22s6EjY9QoI6EmPU+
ussyFwVAssiDLZ/kCOgrHn4PsXOvLXR/OQ4gSViVnOJ+H9CJofNzBSnHq46DF5hV
kF1PYhYBIQvXSarJP+LNTd7BMqkqnNSt6hwoBORW1t3pm1qbdO4U0UnyJC/ZtMgd
4iXelKqwHi653zBox5Z2nDHBJpjzAgMBAAGgHzAdBgkqhkiG9w0BCQ4xEDAOMAwG
A1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAFzFnu9V+xBtuwT2sBBMlisg
IqkHPrZtifigk8SHmo/TqUPQrsI67RW6M4PIWUg+BeOL8dUocfdVnhT0UG8w/ThM
FgBXgNG3yddbG0WoSwOai6la0Gg8GSQRonh805KGrvc3WbcsQ26vflqQQ+1+OISQ
lztm167jt8h4DCcpaB5iV5dNFmzE58aSWfnJ9sjJwk5NA5vgfrvCGgFQZBM1nJCH
IcAcOqOG11Bd7wdR8echTI/tVezFIx+6ozQEDCoovV10adnAlsB03aTt8RYlQPa9
ddeFjMkFNd4F+wg2Ag

In [9]:
# Create a self-signed certificate
subject = issuer = x509.Name([
    x509.NameAttribute(NameOID.COUNTRY_NAME, "US"),
    x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "California"),
    x509.NameAttribute(NameOID.LOCALITY_NAME, "San Francisco"),
    x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Example Corp"),
    x509.NameAttribute(NameOID.COMMON_NAME, "example.com"),
])
cert = (
    x509.CertificateBuilder()
    .subject_name(subject)
    .issuer_name(issuer)
    .public_key(public_key)
    .serial_number(x509.random_serial_number())
    .not_valid_before(datetime.datetime.utcnow())
    .not_valid_after(datetime.datetime.utcnow() + datetime.timedelta(days=365))
    .add_extension(x509.BasicConstraints(ca=False, path_length=None), critical=True,)
    .sign(private_key, hashes.SHA256())
)

# Serialize the certificate and private key to PEM format
pem_cert = cert.public_bytes(encoding=serialization.Encoding.PEM)

# Print the certificate and private key
print("Self-signed certificate:\n", pem_cert.decode())
print("Certificate details:")
print("       Issuer", cert.issuer.rfc4514_string())
print("      Subject", cert.subject.rfc4514_string())
print("        Until", cert.not_valid_after)
print("       Serial", cert.serial_number)

Self-signed certificate:
 -----BEGIN CERTIFICATE-----
MIIDbDCCAlSgAwIBAgIUXC6nBrwt0kKey92hm5/1ETlAMmAwDQYJKoZIhvcNAQEL
BQAwZzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM
DVNhbiBGcmFuY2lzY28xFTATBgNVBAoMDEV4YW1wbGUgQ29ycDEUMBIGA1UEAwwL
ZXhhbXBsZS5jb20wHhcNMjMwNDExMTEyMTM2WhcNMjQwNDEwMTEyMTM2WjBnMQsw
CQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZy
YW5jaXNjbzEVMBMGA1UECgwMRXhhbXBsZSBDb3JwMRQwEgYDVQQDDAtleGFtcGxl
LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK590dBjq7H0152B
wiIuafx650pEPRnFoAjETbzM5Ss6yQ927x+u8jZR3HDrEMfsnnfQmJ0NoVOBo9ZI
uuoR7/00N+hJHOTSeu4VYHjnz94i1dd5D0WY8MSHzbUkEZUHXi1to1NWet+GnQqS
QEdNSjW9eEUywyOow9h0f0bAP7bazoSNj1CgjoSY9T66yzIXBUCyyIMtn+QI6Cse
fg+xc68tdH85DiBJWJWc4n4f0Imh83MFKcerjoMXmFWQXU9iFgEhC9dJqsk/4s1N
3sEyqSqc1K3qHCgE5FbW3embWpt07hTRSfIkL9m0yB3iJd6UqrAeLrnfMGjHlnac
McEmmPMCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEA
f7wR5x3M3IhPFGlJ0yLNFQvW+7HKY20mQFy7IAhVHg8tt+x53//LIJr3AdUE9tvC
jW4YOTw4jgT7vQKpD1hLLXjzHAQYurkPa7+9