PyOpenSSL is a high-level wrapper around a subset of the OpenSSL library.

This is a low-level, pure Python DBus protocol client. It has an I/O-free core, and integration modules for different event loops.

This is a python port of libaxolotl-android. This is a ratcheting forward secrecy protocol that works in synchronous and asynchronous messaging environments.

This package provides a Python implementation of the SPAKE2 Password-Authenticated Key Exchange algorithm.

This package provides Python bindings for the Rust crate of blake3, a cryptographic hash function.

MCUboot is a secure bootloader for 32-bit MCUs. This package provides a tool to securely sign firmware images for booting by MCUboot.

Argon2 is a secure password hashing algorithm. It is designed to have both a configurable runtime as well as memory consumption. This means that you can decide how long it takes to hash a password and how much memory is required.

This package provides another Scrypt module for Python.

This package provides a Python implementation of the HMAC Key Derivation function (HKDF) defined in RFC 5869.

This library handles the low-level details of NTLM authentication for use in authenticating with a service that uses NTLM. It will create and parse the 3 different message types in the order required and produce a base64 encoded value that can be attached to the HTTP header.

The goal of this library is to offer full NTLM support including signing and sealing of messages as well as supporting MIC for message integrity and the ability to customise and set limits on the messages sent. Please see Features and Backlog for a list of what is and is not currently supported.

cryptography is a package which provides cryptographic recipes and primitives to Python developers. It aims to be the “cryptographic standard library” for Python. The package includes both high level recipes, and low level interfaces to common cryptographic algorithms such as symmetric ciphers, message digests and key derivation functions.

This is a Python implementation of the zxcvbn library created at Dropbox. The original library, written for JavaScript, can be found here. This port includes features such as:

1. Accepts user data to be added to the dictionaries that are tested against (name, birthdate, etc.)

2. Gives a score to the password, from 0 (terrible) to 4 (great).

3. Provides feedback on the password and ways to improve it.

4. Returns time estimates on how long it would take to guess the password in different situations.

Pure-Python implementation of the blurhash algorithm.

This package provides a Python wrapper of the C library implementation of the CRC32C hashing algorithm.

Python module for generating objects that compute the Cyclic Redundancy Check.

Certifi is a Python library that contains a CA certificate bundle, which is used by the Requests library to verify HTTPS requests.

This package provides a Elliptic Curve Library in pure Python.

Privy is a small and fast utility for password-protecting secret data such as API keys, cryptocurrency wallets, or seeds for digital signatures.

Paramiko is a python implementation of the SSHv2 protocol, providing both client and server functionality. While it leverages a Python C extension for low level cryptography (PyCrypto), Paramiko itself is a pure Python interface around SSH networking concepts.

This package provides a Python ECDSA library, optimized for speed but without C extensions.

This is an easy-to-use implementation of ECDSA cryptography (Elliptic Curve Digital Signature Algorithm), implemented purely in Python. With this library, you can quickly create key pairs (signing key and verifying key), sign messages, and verify the signatures. The keys and signatures are very short, making them easy to handle and incorporate into other protocols.

PyNaCl is a Python binding to libsodium, which is a fork of the Networking and Cryptography library. These libraries have a stated goal of improving usability, security and speed.

PyCryptodome is a self-contained Python package of low-level cryptographic primitives. It's not a wrapper to a separate C library like OpenSSL. To the largest possible extent, algorithms are implemented in pure Python. Only the pieces that are extremely critical to performance (e.g., block ciphers) are implemented as C extensions.

You are expected to have a solid understanding of cryptography and security engineering to successfully use these primitives. You must also be able to recognize that some are obsolete (e.g., TDES) or even insecure (RC4).

It provides many enhancements over the last release of PyCrypto (2.6.1):

• Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)

• Accelerated AES on Intel platforms via AES-NI

• First-class support for PyPy

• Elliptic curves cryptography (NIST P-256 curve only)

• Better and more compact API (nonce and iv attributes for ciphers, automatic generation of random nonces and IVs, simplified CTR cipher mode, and more)

• SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms

• Salsa20 and ChaCha20 stream ciphers

• scrypt and HKDF

• Deterministic (EC)DSA

• Password-protected PKCS#8 key containers

• Shamir’s Secret Sharing scheme

• Random numbers get sourced directly from the OS (and not from a CSPRNG in userspace)

• Cleaner RSA and DSA key generation (largely based on FIPS 186-4)

• Major clean-ups and simplification of the code base

This package provides drop-in compatibility with PyCrypto. It is one of two PyCryptodome variants, the other being python-pycryptodomex.

Certipy was made to simplify the certificate creation process. To that end, certipy exposes methods for creating and managing certificate authorities, certificates, signing and building trust bundles.