argon2-cffi-bindings provides low-level CFFI bindings to the official implementation of the Argon2 password hashing algorithm.

PyCryptodome is a self-contained Python package of low-level cryptographic primitives. It's not a wrapper to a separate C library like OpenSSL. To the largest possible extent, algorithms are implemented in pure Python. Only the pieces that are extremely critical to performance (e.g., block ciphers) are implemented as C extensions.

You are expected to have a solid understanding of cryptography and security engineering to successfully use these primitives. You must also be able to recognize that some are obsolete (e.g., TDES) or even insecure (RC4).

It provides many enhancements over the last release of PyCrypto (2.6.1):

• Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)

• Accelerated AES on Intel platforms via AES-NI

• First-class support for PyPy

• Elliptic curves cryptography (NIST P-256 curve only)

• Better and more compact API (nonce and iv attributes for ciphers, automatic generation of random nonces and IVs, simplified CTR cipher mode, and more)

• SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms

• Salsa20 and ChaCha20 stream ciphers

• scrypt and HKDF

• Deterministic (EC)DSA

• Password-protected PKCS#8 key containers

• Shamir’s Secret Sharing scheme

• Random numbers get sourced directly from the OS (and not from a CSPRNG in userspace)

• Cleaner RSA and DSA key generation (largely based on FIPS 186-4)

• Major clean-ups and simplification of the code base

This package provides drop-in compatibility with PyCrypto. It is one of two PyCryptodome variants, the other being python-pycryptodomex.

This package provides a Elliptic Curve Library in pure Python.

This package provides a Python implementation of the SPAKE2 Password-Authenticated Key Exchange algorithm.

This package provides a small library, built on top of pyOpenSSL, which allows for creating a custom certificate authority (CA) certificate, and generating on-demand dynamic host certs using that CA certificate. It is most useful for use with a man-in-the-middle HTTPS proxy, for example, for recording or replaying web content.

Certifi is a Python library that contains a CA certificate bundle, which is used by the Requests library to verify HTTPS requests.

Python-RSA is a pure-Python RSA implementation. It supports encryption and decryption, signing and verifying signatures, and key generation according to PKCS#1 version 1.5. It can be used as a Python library as well as on the command line.

cryptography is a package which provides cryptographic recipes and primitives to Python developers. It aims to be the “cryptographic standard library” for Python. The package includes both high level recipes, and low level interfaces to common cryptographic algorithms such as symmetric ciphers, message digests and key derivation functions.

This Python package is a high-level wrapper for Kerberos (GSSAPI) operations. The goal is to avoid having to build a module that wraps the entire Kerberos.framework, and instead offer a limited set of functions that do what is needed for client/server Kerberos authentication based on <http://www.ietf.org/rfc/rfc4559.txt>.

This library handles the low-level details of NTLM authentication for use in authenticating with a service that uses NTLM. It will create and parse the 3 different message types in the order required and produce a base64 encoded value that can be attached to the HTTP header.

The goal of this library is to offer full NTLM support including signing and sealing of messages as well as supporting MIC for message integrity and the ability to customise and set limits on the messages sent. Please see Features and Backlog for a list of what is and is not currently supported.

This library allows you to write entries to a KeePass database. It supports KDBX3 and KDBX4.

Pure-Python implementation of the blurhash algorithm.

service_identity aspires to give you all the tools you need for verifying whether a certificate is valid for the intended purposes. In the simplest case, this means host name verification. However, service_identity implements RFC 6125 fully and plans to add other relevant RFCs too.

This is a python wrapper for the curve25519 library with ed25519 signatures. The C code was pulled from libaxolotl-android. At the moment this wrapper is meant for use by python-axolotl.

Bcrypt is a Python module which provides a password hashing method based on the Blowfish password hashing algorithm, as described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres.

M2Crypto is a complete Python wrapper for OpenSSL featuring RSA, DSA, DH, EC, HMACs, message digests, symmetric ciphers (including AES); TLS functionality to implement clients and servers; HTTPS extensions to Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing AuthCookies for web session management; FTP/TLS client and server; S/MIME; M2Crypto can also be used to provide TLS for Twisted. Smartcards supported through the Engine interface.

The Stateless OpenPGP Command-Line Interface (or sop) is a specification that encourages OpenPGP implementors to provide a common, relatively simple command-line API for purposes of object security.

This Python module helps implementers build such a CLI from any implementation accessible to the Python interpreter.

It does not provide such an implementation itself -- this is just the scaffolding for the command line, which should make it relatively easy to supply a handful of python functions as methods to a class.

Python module for generating objects that compute the Cyclic Redundancy Check.

This package provides a Python wrapper of the C library implementation of the CRC32C hashing algorithm.

Base58 and Base58Check implementation compatible with what is used by the Bitcoin network.

Passlib is a password hashing library for Python 2 & 3, which provides cross-platform implementations of over 30 password hashing algorithms, as well as a framework for managing existing password hashes. It's designed to be useful for a wide range of tasks, from verifying a hash found in /etc/shadow, to providing full-strength password hashing for multi-user application.

Paramiko is a python implementation of the SSHv2 protocol, providing both client and server functionality. While it leverages a Python C extension for low level cryptography (PyCrypto), Paramiko itself is a pure Python interface around SSH networking concepts.

Keyrings in this package may have security risks or other implications. These backends were extracted from the main keyring project to make them available for those who wish to employ them, but are discouraged for general production use. Include this module and use its backends at your own risk.

Argon2 is a secure password hashing algorithm. It is designed to have both a configurable runtime as well as memory consumption. This means that you can decide how long it takes to hash a password and how much memory is required.