service_identity aspires to give you all the tools you need for verifying whether a certificate is valid for the intended purposes. In the simplest case, this means host name verification. However, service_identity implements RFC 6125 fully and plans to add other relevant RFCs too.

M2Crypto is a complete Python wrapper for OpenSSL featuring RSA, DSA, DH, EC, HMACs, message digests, symmetric ciphers (including AES); TLS functionality to implement clients and servers; HTTPS extensions to Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing AuthCookies for web session management; FTP/TLS client and server; S/MIME; M2Crypto can also be used to provide TLS for Twisted. Smartcards supported through the Engine interface.

This package provides Ed25519 public-key signatures in Python.

This package provides Cython bindings for MurmurHash2.

This package provides a Python implementation of the SPAKE2 Password-Authenticated Key Exchange algorithm.

This package provides a Python wrapper of the C library implementation of the CRC32C hashing algorithm.

trustme is a tiny Python package that does one thing: it gives you a fake certificate authority (CA) that you can use to generate fake TLS certs to use in your tests.

The Python keyring lib provides a easy way to access the system keyring service from python. It can be used in any application that needs safe password storage.

asn1crypto is an ASN.1 parser and serializer with definitions for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7, PKCS#8, PKCS#12, PKCS#5, X.509 and TSP.

This package provides a pure Python implementation of the DES and TRIPLE DES encryption algorithms.

This is a Python implementation of the zxcvbn library created at Dropbox. The original library, written for JavaScript, can be found here. This port includes features such as:

1. Accepts user data to be added to the dictionaries that are tested against (name, birthdate, etc.)

2. Gives a score to the password, from 0 (terrible) to 4 (great).

3. Provides feedback on the password and ways to improve it.

4. Returns time estimates on how long it would take to guess the password in different situations.

This package contains test vectors for the cryptography package.

python-secretstorage provides a way for securely storing passwords and other secrets. It uses D-Bus Secret Service API that is supported by GNOME Keyring (since version 2.30) and KSecretsService. SecretStorage supports most of the functions provided by Secret Service, including creating and deleting items and collections, editing items, locking and unlocking collections (asynchronous unlocking is also supported).

Python-oscrypto is a compilation-free encryption library which integrates with the encryption library that is part of the operating system. It supports TLS (SSL) sockets, key generation, encryption, decryption, signing, verification and KDFs using the OS crypto libraries.

This is a set of python bindings for keyutils, a key management suite that leverages the infrastructure provided by the Linux kernel for safely storing and retrieving sensitive information in your programs.

This library allows you to write entries to a KeePass database. It supports KDBX3 and KDBX4.

Passlib is a password hashing library for Python 2 & 3, which provides cross-platform implementations of over 30 password hashing algorithms, as well as a framework for managing existing password hashes. It's designed to be useful for a wide range of tasks, from verifying a hash found in /etc/shadow, to providing full-strength password hashing for multi-user application.

Bcrypt is a Python module which provides a password hashing method based on the Blowfish password hashing algorithm, as described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres.

libnacl is used to gain direct access to the functions exposed by NaCl library via libsodium. It has been constructed to maintain extensive documentation on how to use NaCl as well as being completely portable.

cryptography is a package which provides cryptographic recipes and primitives to Python developers. It aims to be the “cryptographic standard library” for Python. The package includes both high level recipes, and low level interfaces to common cryptographic algorithms such as symmetric ciphers, message digests and key derivation functions.

This package provides a small library, built on top of pyOpenSSL, which allows for creating a custom certificate authority (CA) certificate, and generating on-demand dynamic host certs using that CA certificate. It is most useful for use with a man-in-the-middle HTTPS proxy, for example, for recording or replaying web content.

Python-RSA is a pure-Python RSA implementation. It supports encryption and decryption, signing and verifying signatures, and key generation according to PKCS#1 version 1.5. It can be used as a Python library as well as on the command line.

PyOpenSSL is a high-level wrapper around a subset of the OpenSSL library.

This library handles the low-level details of NTLM authentication for use in authenticating with a service that uses NTLM. It will create and parse the 3 different message types in the order required and produce a base64 encoded value that can be attached to the HTTP header.

The goal of this library is to offer full NTLM support including signing and sealing of messages as well as supporting MIC for message integrity and the ability to customise and set limits on the messages sent. Please see Features and Backlog for a list of what is and is not currently supported.