The Python Cryptography Toolkit
Python C Perl C++ Other
Clone or download
Pull request Compare This branch is 1 commit ahead, 164 commits behind dlitz:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


Python Cryptography Toolkit (pycrypto)

This is a collection of both secure hash functions (such as SHA256 and
RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal,
etc.).  The package is structured to make adding new modules easy.
This section is essentially complete, and the software interface will
almost certainly not change in an incompatible way in the future; all
that remains to be done is to fix any bugs that show up.  If you
encounter a bug, please report it in the Launchpad bug tracker at

An example usage of the SHA256 module is:
>>> from Crypto.Hash import SHA256
>>> hash =
>>> hash.update('message')
>>> hash.digest()

An example usage of an encryption algorithm (AES, in this case) is:

>>> from Crypto.Cipher import AES
>>> obj ='This is a key123', AES.MODE_CBC, 'This is an IV456')
>>> message = "The answer is no"
>>> ciphertext = obj.encrypt(message)
>>> ciphertext
>>> obj2 ='This is a key123', AES.MODE_CBC, 'This is an IV456')
>>> obj2.decrypt(ciphertext)
'The answer is no'

One possible application of the modules is writing secure
administration tools.  Another application is in writing daemons and
servers.  Clients and servers can encrypt the data being exchanged and
mutually authenticate themselves; daemons can encrypt private data for
added security.  Python also provides a pleasant framework for
prototyping and experimentation with cryptographic algorithms; thanks
to its arbitrary-length integers, public key algorithms are easily

As of PyCrypto 2.1.0, PyCrypto provides an easy-to-use random number

>>> from Crypto import Random
>>> rndfile =

A stronger version of Python's standard "random" module is also

>>> from Crypto.Random import random
>>> random.choice(['dogs', 'cats', 'bears'])

Caveat: For the random number generator to work correctly, you must
call Random.atfork() in both the parent and child processes after
using os.fork()


PyCrypto is written and tested using Python version 2.1 through 3.2.  Python
1.5.2 is not supported.

The modules are packaged using the Distutils, so you can simply run
"python build" to build the package, and "python
install" to install it.

If the script crashes with a DistutilsPlatformError
complaining that the file /usr/lib/python2.2/config/Makefile doesn't
exist, this means that the files needed for compiling new Python
modules aren't installed on your system.  Red Hat users often run into
this because they don't have the python2-devel RPM installed.  The fix
is to simply install the requisite RPM.  On Debian/Ubuntu, you need the
python-dev package.

To verify that everything is in order, run "python test".  It
will test all the cryptographic modules, skipping ones that aren't
available.  If the test script reports an error on your machine,
please report the bug using the bug tracker (URL given above).  If
possible, track down the bug and include a patch that fixes it,
provided that you are able to meet the eligibility requirements at

It is possible to test a single sub-package or a single module only, for instance
when you investigate why certain tests fail and don't want to run the whole
suite each time. Use "python test --module=name", where 'name'
is either a sub-package (Cipher, PublicKey, etc) or a module (Cipher.DES,
PublicKey.RSA, etc).
To further cut test coverage, pass also the option "--skip-slow-tests".

To install the package under the site-packages directory of
your Python installation, run "python install".

If you have any comments, corrections, or improvements for this
package, please report them to our mailing list, accessible via the
PyCrypto website: