cryptography is a package which provides cryptographic recipes and
primitives to Python developers. Their goal is for it to be your "cryptographic
standard library".
This library uses PyKCS11 to implement comunication to the PKCS11 device (smartcard,...).
As PKCS11 devices need an open session to work with them, this library provides
context managers to execute tasks provided by pyca/cryptography. PKCS11KeySession is the
context manager that will facilitate the use of implemented keys.
Context managers take information to connect to the PKCS11 device (library, token label and
key label, if there are more that one private keys on a token). Within the with statement
the cryptographic operations with the key are made.
The PKCS11KeySession context meneager will return private key object of the type referenced by
library, token label and in some cases key label written on the PKCS11 device. From private key
public key can be retrieved like in pyca/cryptography and also certificates (and even CA chain)
(this is the extension PKCS11 device tokens can provide).
This library provides keys for EC and RSA keys which are most comonly used keys on PKCS11 devices.