tessl/pypi-pycryptodome
PyCryptodome is a self-contained Python package of low-level cryptographic primitives
- Workspace
- tessl
- Visibility
- Public
- Created
- Last updated
- Describes
'%3e%3cpath%20d='M3.389%209.069c0-.009.043-.033.029-.044L.029%207.77l3.287-1.197L6.574%207.77l.106.083.005%204-3.297%201.185V9.068ZM13.582%209.32V2.74l3.405%201.238v4.104L13.583%209.32ZM10.253%2014.66l-3.476%201.268v-4.027l3.476-1.313v4.072ZM10.253%2010.558l-3.476%201.239V7.784l3.476-1.268v4.042ZM10.253%2014.719v3.968L6.777%2020v-3.998l3.476-1.283ZM17%208.139v4.042l-3.418%201.239V9.378L17%208.138ZM3.3%2017.168%200%2015.943v-4.027l3.3%201.224v4.028ZM6.69%2011.916v4.027l-3.302%201.225v-4.072l3.301-1.18ZM6.69%203.743v4.012l-3.33-1.21V2.564l3.33%201.18Z'/%3e%3cpath%20d='M3.3%2013.066%200%2011.842V7.844l3.3%201.224v3.998ZM13.524%209.334l-.175.088.175-.014v4.027l-3.152%201.183-.06-.032v-3.983l1.986-.767-.111.006-1.876.657V6.531l3.213-1.224v4.027Zm-.263.133c-.065.008-.198.023-.233.088.065-.008.198-.023.233-.088Zm-.321.118c-.065.008-.198.023-.233.088.065-.009.198-.023.233-.088Zm-.321.118c-.066.008-.199.023-.234.088.065-.008.199-.023.234-.088ZM13.524%201.266v3.968l-3.213%201.195V2.46l3.213-1.194ZM10.253%202.475v3.968L6.777%207.726V3.743l3.476-1.268ZM8.2%204.458c-.304.064-.627.5-.708.79-.27.963.636%201.081%201.091.364.277-.437.354-1.308-.383-1.154ZM13.524%2013.51v3.983l-3.17%201.177c-.011%200-.043-.067-.043-.07v-3.895l3.213-1.195Zm-.884%201.63c-.495.085-1.068%201.015-.676%201.435.483.517%201.502-.636%201.147-1.246-.098-.169-.286-.221-.47-.19ZM10.165%202.387l-.037.065-3.395%201.249-3.345-1.212L6.88%201.21l3.285%201.178ZM13.437%201.177l-.088.073-3.057%201.127-3.034-1.082-.277-.133L10.151%200l3.286%201.177Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h17v20H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
To install, run
npx @tessl/cli install tessl/pypi-pycryptodome@3.23.0index.mddocs/
PyCryptodome
PyCryptodome is a comprehensive self-contained Python library providing low-level cryptographic primitives. It offers a complete suite of symmetric ciphers, cryptographic hash functions, public key cryptography algorithms, digital signature schemes, key derivation functions, and secure random number generation.
Package Information
- Package Name: pycryptodome
- Language: Python
- Installation:
pip install pycryptodome
Core Imports
import CryptoCommon module imports:
from Crypto.Cipher import AES, ChaCha20, DES3
from Crypto.Hash import SHA256, HMAC
from Crypto.PublicKey import RSA, ECC
from Crypto.Signature import pkcs1_15, pss
from Crypto.Random import get_random_bytes
from Crypto.Util.Padding import pad, unpadBasic Usage
from Crypto.Cipher import AES
from Crypto.Hash import SHA256
from Crypto.PublicKey import RSA
from Crypto.Random import get_random_bytes
from Crypto.Util.Padding import pad, unpad
# Symmetric encryption with AES
key = get_random_bytes(16) # 128-bit key
cipher = AES.new(key, AES.MODE_CBC)
plaintext = b"Secret message that needs to be encrypted!"
padded_data = pad(plaintext, AES.block_size)
ciphertext = cipher.encrypt(padded_data)
# Decryption
decipher = AES.new(key, AES.MODE_CBC, cipher.iv)
decrypted_padded = decipher.decrypt(ciphertext)
decrypted = unpad(decrypted_padded, AES.block_size)
# Hash computation
hash_obj = SHA256.new()
hash_obj.update(b"Data to hash")
hash_digest = hash_obj.digest()
# RSA key generation and usage
key = RSA.generate(2048)
public_key = key.publickey()Architecture
PyCryptodome is organized into functional modules that provide distinct cryptographic capabilities:
- Cipher Module: Symmetric and asymmetric encryption algorithms with multiple modes of operation
- Hash Module: Cryptographic hash functions, message authentication codes, and extendable output functions
- PublicKey Module: Public key cryptography including RSA, DSA, ECC, and ElGamal key management
- Signature Module: Digital signature schemes for RSA, DSA, and elliptic curve algorithms
- Protocol Module: High-level cryptographic protocols including key derivation and secret sharing
- Util Module: Utility functions for padding, encoding, number theory, and data manipulation
- IO Module: Input/output utilities for PEM and PKCS#8 key formats
- Math Module: Mathematical primitives for big integers and primality testing
- Random Module: Cryptographically secure random number generation
This modular design enables developers to import only the required functionality while maintaining compatibility with the broader Python cryptographic ecosystem.
Capabilities
Symmetric Encryption
Comprehensive collection of symmetric encryption algorithms including block ciphers (AES, DES, Blowfish) and stream ciphers (ChaCha20, Salsa20, ARC4) with support for multiple cipher modes.
# AES cipher factory
def AES.new(key, mode, *args, **kwargs): ...
# ChaCha20 cipher factory
def ChaCha20.new(**kwargs): ...
# Cipher mode constants
AES.MODE_ECB, AES.MODE_CBC, AES.MODE_CFB, AES.MODE_OFB, AES.MODE_CTR,
AES.MODE_GCM, AES.MODE_CCM, AES.MODE_EAX, AES.MODE_SIV, AES.MODE_OCBCryptographic Hashing
Complete suite of cryptographic hash functions including SHA family, SHA-3, MD family, BLAKE2, and specialized functions like SHAKE, cSHAKE, KMAC, and TurboSHAKE.
# Hash function factories
def SHA256.new(data=None): ...
def SHA3_256.new(data=None, update_after_digest=False): ...
def BLAKE2b.new(**kwargs): ...
# Message authentication codes
def HMAC.new(key, msg=b"", digestmod=None): ...
def CMAC.new(key, msg=None, ciphermod=None, **kwargs): ...Public Key Cryptography
Public key algorithms for key generation, encryption, and key exchange including RSA, DSA, ECC, and ElGamal with comprehensive key management capabilities.
# Key generation functions
def RSA.generate(bits, randfunc=None, e=65537): ...
def ECC.generate(**kwargs): ...
def DSA.generate(bits, randfunc=None, domain=None): ...
# Key import/export
def RSA.import_key(extern_key, passphrase=None): ...Digital Signatures
Digital signature schemes for RSA (PKCS#1 v1.5, PSS), DSA variants, and EdDSA with support for deterministic and probabilistic signing.
# RSA signature schemes
def pkcs1_15.new(rsa_key): ...
def pss.new(rsa_key, **kwargs): ...
# DSA signature scheme
def DSS.new(key, mode, encoding='binary', randfunc=None): ...Cryptographic Protocols
High-level cryptographic protocols including key derivation functions (PBKDF2, scrypt, HKDF), secret sharing, and key exchange protocols.
# Key derivation functions
def scrypt(password, salt, key_len, N, r, p, num_keys=1): ...
def PBKDF2(password, salt, dkLen=16, count=1000, prf=None, **kwargs): ...
# Secret sharing
class Shamir:
@staticmethod
def split(k, n, secret, ssss=False): ...
@staticmethod
def combine(shares, ssss=False): ...Utility Functions
Essential utilities for padding, encoding, number theory operations, and data manipulation that support the core cryptographic functions.
# Padding operations
def pad(data_to_pad, block_size, style='pkcs7'): ...
def unpad(padded_data, block_size, style='pkcs7'): ...
# Random number generation
def get_random_bytes(n): ...
# Number theory
def isPrime(N, false_positive_prob=1e-6, randfunc=None): ...
def getPrime(N, randfunc=None): ...Input/Output Operations
Utilities for encoding and decoding cryptographic objects in standard formats including PEM and PKCS#8 for key serialization.
# PEM encoding/decoding
def PEM.encode(data, marker, passphrase=None, randfunc=None): ...
def PEM.decode(pem_data, passphrase=None): ...
# PKCS#8 key wrapping
def PKCS8.wrap(private_key, key_oid, passphrase=None, **kwargs): ...
def PKCS8.unwrap(p8_private_key, passphrase=None): ...Mathematical Primitives
Mathematical operations for cryptographic computations including big integer arithmetic and primality testing.
# Big integer class
class Integer:
def __init__(self, value): ...
# Arithmetic and modular operations available
# Primality testing
def miller_rabin_test(candidate, iterations, randfunc=None): ...
def test_probable_prime(candidate, randfunc=None): ...Types
# Common cipher interface
class CipherObject:
def encrypt(self, plaintext: bytes) -> bytes: ...
def decrypt(self, ciphertext: bytes) -> bytes: ...
# Hash object interface
class HashObject:
def update(self, data: bytes) -> None: ...
def digest(self) -> bytes: ...
def hexdigest(self) -> str: ...
def copy(self): ...
# Key object interface
class KeyObject:
def has_private(self) -> bool: ...
def public_key(self): ...
def export_key(self, format: str = 'PEM', **kwargs) -> bytes: ...