Pure-Python implementation of the blurhash algorithm.

Certipy was made to simplify the certificate creation process. To that end, certipy exposes methods for creating and managing certificate authorities, certificates, signing and building trust bundles.

PyCryptodome is a self-contained Python package of low-level cryptographic primitives. It's not a wrapper to a separate C library like OpenSSL. To the largest possible extent, algorithms are implemented in pure Python. Only the pieces that are extremely critical to performance (e.g., block ciphers) are implemented as C extensions.

You are expected to have a solid understanding of cryptography and security engineering to successfully use these primitives. You must also be able to recognize that some are obsolete (e.g., TDES) or even insecure (RC4).

It provides many enhancements over the last release of PyCrypto (2.6.1):

• Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)

• Accelerated AES on Intel platforms via AES-NI

• First-class support for PyPy

• Elliptic curves cryptography (NIST P-256 curve only)

• Better and more compact API (nonce and iv attributes for ciphers, automatic generation of random nonces and IVs, simplified CTR cipher mode, and more)

• SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms

• Salsa20 and ChaCha20 stream ciphers

• scrypt and HKDF

• Deterministic (EC)DSA

• Password-protected PKCS#8 key containers

• Shamir’s Secret Sharing scheme

• Random numbers get sourced directly from the OS (and not from a CSPRNG in userspace)

• Cleaner RSA and DSA key generation (largely based on FIPS 186-4)

• Major clean-ups and simplification of the code base

PyCryptodomex is the stand-alone version of PyCryptodome that no longer provides drop-in compatibility with PyCrypto.

libnacl is used to gain direct access to the functions exposed by NaCl library via libsodium. It has been constructed to maintain extensive documentation on how to use NaCl as well as being completely portable.

PyOTP is a Python library for generating and verifying one-time passwords. It can be used to implement two-factor (2FA) or multi-factor (MFA) authentication methods in web applications and in other systems that require users to log in.

This package provides a small library, built on top of pyOpenSSL, which allows for creating a custom certificate authority (CA) certificate, and generating on-demand dynamic host certs using that CA certificate. It is most useful for use with a man-in-the-middle HTTPS proxy, for example, for recording or replaying web content.

This package provides another Scrypt module for Python.

This package provides Python bindings for the Rust crate of blake3, a cryptographic hash function.

This library allows you to write entries to a KeePass database. It supports KDBX3 and KDBX4.

This package provides a pure Python implementation of the DES and TRIPLE DES encryption algorithms.

This package provides a Python implementation of the SPAKE2 Password-Authenticated Key Exchange algorithm.

Pyu2f is a Python-based U2F host library. It provides functionality for interacting with a U2F device over USB.

MCUboot is a secure bootloader for 32-bit MCUs. This package provides a tool to securely sign firmware images for booting by MCUboot.

Paramiko is a python implementation of the SSHv2 protocol, providing both client and server functionality. While it leverages a Python C extension for low level cryptography (PyCrypto), Paramiko itself is a pure Python interface around SSH networking concepts.

cryptography is a package which provides cryptographic recipes and primitives to Python developers. It aims to be the “cryptographic standard library” for Python. The package includes both high level recipes, and low level interfaces to common cryptographic algorithms such as symmetric ciphers, message digests and key derivation functions.

Bcrypt is a Python module which provides a password hashing method based on the Blowfish password hashing algorithm, as described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres.

This package provides a Elliptic Curve Library in pure Python.

This is a python wrapper for the curve25519 library with ed25519 signatures. The C code was pulled from libaxolotl-android. At the moment this wrapper is meant for use by python-axolotl.

Python module for generating objects that compute the Cyclic Redundancy Check.

This is a set of python bindings for keyutils, a key management suite that leverages the infrastructure provided by the Linux kernel for safely storing and retrieving sensitive information in your programs.

Privy is a small and fast utility for password-protecting secret data such as API keys, cryptocurrency wallets, or seeds for digital signatures.

Python-RSA is a pure-Python RSA implementation. It supports encryption and decryption, signing and verifying signatures, and key generation according to PKCS#1 version 1.5. It can be used as a Python library as well as on the command line.

Argon2 is a secure password hashing algorithm. It is designed to have both a configurable runtime as well as memory consumption. This means that you can decide how long it takes to hash a password and how much memory is required.

This package provides a Python implementation of the HMAC Key Derivation function (HKDF) defined in RFC 5869.