{"id":13801361,"url":"https://github.com/dmazzella/ucryptography","last_synced_at":"2026-01-18T10:48:21.343Z","repository":{"id":161082121,"uuid":"199630412","full_name":"dmazzella/ucryptography","owner":"dmazzella","description":"Lightweight porting of pyca/cryptography to Micropython based on ARM Mbed TLS","archived":false,"fork":false,"pushed_at":"2024-03-14T16:12:58.000Z","size":506,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-04-22T12:32:59.299Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dmazzella.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-07-30T10:32:13.000Z","updated_at":"2024-07-08T12:05:47.258Z","dependencies_parsed_at":null,"dependency_job_id":"abb12622-00d1-47ca-8bca-fb2ab081edeb","html_url":"https://github.com/dmazzella/ucryptography","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dmazzella%2Fucryptography","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dmazzella%2Fucryptography/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dmazzella%2Fucryptography/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dmazzella%2Fucryptography/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dmazzella","download_url":"https://codeload.github.com/dmazzella/ucryptography/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253932807,"owners_count":21986449,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T00:01:22.022Z","updated_at":"2026-01-18T10:48:21.215Z","avatar_url":"https://github.com/dmazzella.png","language":"C","readme":"# ucryptography\r\n\r\n\u003cb\u003e\u003ci\u003eLightweight porting of [cryptography](https://github.com/pyca/cryptography)  to Micropython based on [ARM Mbed TLS](https://github.com/ARMmbed/mbedtls)\u003c/i\u003e\u003c/b\u003e\r\n\r\n\u003e [!TIP]\r\n\u003e If you find **ucryptography** useful, consider :star: this project\r\n\u003e and why not ... [Buy me a coffee](https://www.buymeacoffee.com/damianomazp) :smile:\r\n\r\n## Basic usage\r\n\r\n```python\r\ntry:\r\n    from cryptography import hashes, rsa, padding\r\nexcept ImportError:\r\n    from cryptography.hazmat.primitives import hashes\r\n    from cryptography.hazmat.primitives.asymmetric import rsa\r\n    from cryptography.hazmat.primitives.asymmetric import padding\r\n\r\nmessage = b\"A message I want to sign\"\r\nchosen_hash = hashes.SHA256()\r\n\r\nprivate_key = rsa.generate_private_key(public_exponent=65537, key_size=2048)\r\nsignature = private_key.sign(\r\n    message,\r\n    padding.PSS(\r\n        mgf=padding.MGF1(chosen_hash), salt_length=chosen_hash.digest_size\r\n    ),\r\n    chosen_hash,\r\n)\r\npublic_key = private_key.public_key()\r\npublic_key.verify(\r\n    signature,\r\n    message,\r\n    padding.PSS(\r\n        mgf=padding.MGF1(chosen_hash), salt_length=chosen_hash.digest_size\r\n    ),\r\n    chosen_hash,\r\n)\r\n```\r\n\r\n## More examples\r\n- [tests/cryptography](https://github.com/dmazzella/ucryptography/tree/master/tests/cryptography)\r\n\r\n## How to build\r\n\r\n\u003e [!IMPORTANT]\r\n\u003e Currently needs a patch to the file `extmod/mbedtls/mbedtls_config_common.h` to enable all its functionality.\r\n\r\n\u003cdetails\u003e\u003csummary\u003e\u003cb\u003ediff\u003c/b\u003e\u003c/summary\u003e\r\n\u003cp\u003e\r\n\r\n```diff\r\ndiff --git a/extmod/mbedtls/mbedtls_config_common.h b/extmod/mbedtls/mbedtls_config_common.h\r\nindex 6cd14befc..ab8c39835 100644\r\n--- a/extmod/mbedtls/mbedtls_config_common.h\r\n+++ b/extmod/mbedtls/mbedtls_config_common.h\r\n@@ -47,9 +47,11 @@\r\n #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED\r\n #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED\r\n #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED\r\n+#define MBEDTLS_BASE64_C\r\n #define MBEDTLS_CAN_ECDH\r\n #define MBEDTLS_PK_CAN_ECDSA_SIGN\r\n #define MBEDTLS_PKCS1_V15\r\n+#define MBEDTLS_PKCS1_V21\r\n #define MBEDTLS_SHA256_SMALLER\r\n #define MBEDTLS_SSL_PROTO_TLS1\r\n #define MBEDTLS_SSL_PROTO_TLS1_1\r\n@@ -68,19 +70,25 @@\r\n #define MBEDTLS_BIGNUM_C\r\n #define MBEDTLS_CIPHER_C\r\n #define MBEDTLS_CTR_DRBG_C\r\n+#define MBEDTLS_DES_C\r\n #define MBEDTLS_ECDH_C\r\n #define MBEDTLS_ECDSA_C\r\n #define MBEDTLS_ECP_C\r\n #define MBEDTLS_ENTROPY_C\r\n #define MBEDTLS_ERROR_C\r\n+#define MBEDTLS_GENPRIME\r\n #define MBEDTLS_GCM_C\r\n #define MBEDTLS_MD_C\r\n #define MBEDTLS_MD5_C\r\n #define MBEDTLS_OID_C\r\n+#define MBEDTLS_PEM_PARSE_C\r\n+#define MBEDTLS_PEM_WRITE_C\r\n #define MBEDTLS_PKCS5_C\r\n+#define MBEDTLS_PKCS12_C\r\n #define MBEDTLS_PK_C\r\n #define MBEDTLS_PK_HAVE_ECC_KEYS\r\n #define MBEDTLS_PK_PARSE_C\r\n+#define MBEDTLS_PK_WRITE_C\r\n #define MBEDTLS_PLATFORM_C\r\n #define MBEDTLS_RSA_C\r\n #define MBEDTLS_SHA1_C\r\n\r\n```\r\n\u003c/p\u003e\r\n\u003c/details\u003e\r\n\r\n***\r\n\r\n\u003cdetails\u003e\u003csummary\u003e\u003cb\u003eUNIX port (coverage)\u003c/b\u003e\u003c/summary\u003e\r\n\u003cp\u003e\r\n\r\n```bash\r\n$ git clone https://github.com/micropython/micropython.git\r\n$ cd micropython\r\nmicropython$ git submodule update --init --depth 1\r\nmicropython$ git clone https://github.com/dmazzella/ucryptography.git usercmodule/ucryptography\r\nmicropython$ git apply usercmodule/ucryptography/patches/extmod__mbedtls__mbedtls_config_common.h.patch\r\nmicropython$ cd usercmodule/ucryptography\r\nucryptography$ git submodule update --init --depth 1\r\nucryptography$ cd ../../\r\nmicropython$ make -j2 -C mpy-cross/\r\nmicropython$ make -j2 -C ports/unix/ VARIANT=\"coverage\" MICROPY_SSL_AXTLS=0 MICROPY_SSL_MBEDTLS=1 USER_C_MODULES=\"$(pwd)/usercmodule\"\r\n```\r\n\u003c/p\u003e\r\n\u003c/details\u003e\r\n\r\n\u003cdetails\u003e\u003csummary\u003e\u003cb\u003eESP32 port (ESP32_GENERIC_C3)\u003c/b\u003e\u003c/summary\u003e\r\n\u003cp\u003e\r\n\r\n```bash\r\n$ git clone https://github.com/micropython/micropython.git\r\n$ cd micropython\r\nmicropython$ git submodule update --init --depth 1\r\nmicropython$ git clone https://github.com/dmazzella/ucryptography.git usercmodule/ucryptography\r\nmicropython$ git apply usercmodule/ucryptography/patches/extmod__mbedtls__mbedtls_config_common.h.patch\r\nmicropython$ cd usercmodule/ucryptography\r\nucryptography$ git submodule update --init --depth 1\r\nucryptography$ cd ../../\r\nmicropython$ make -j2 -C mpy-cross/\r\nmicropython$ make -C ports/esp32 BOARD=ESP32_GENERIC_C3 USER_C_MODULES=\"$(pwd)/usercmodule/ucryptography/micropython.cmake\"\r\n```\r\n\u003c/p\u003e\r\n\u003c/details\u003e\r\n\r\n\u003cdetails\u003e\u003csummary\u003e\u003cb\u003eSTM32 port (ARDUINO_PORTENTA_H7)\u003c/b\u003e\u003c/summary\u003e\r\n\u003cp\u003e\r\n\r\n```bash\r\n$ git clone https://github.com/micropython/micropython.git\r\n$ cd micropython\r\nmicropython$ git submodule update --init --depth 1\r\nmicropython$ git clone https://github.com/dmazzella/ucryptography.git usercmodule/ucryptography\r\nmicropython$ git apply usercmodule/ucryptography/patches/extmod__mbedtls__mbedtls_config_common.h.patch\r\nmicropython$ cd usercmodule/ucryptography\r\nucryptography$ git submodule update --init --depth 1\r\nucryptography$ cd ../../\r\nmicropython$ make -j2 -C mpy-cross/\r\nmicropython$ make -C ports/stm32 BOARD=ARDUINO_PORTENTA_H7 USER_C_MODULES=\"$(pwd)/usercmodule\"\r\n```\r\n\u003c/p\u003e\r\n\u003c/details\u003e\r\n\r\n\r\n## Goals \r\n\r\n![In progress](https://progress-bar.dev/100/?title=completed)\r\n\r\n- [x] ciphers\r\n  - [x] AESGCM\r\n  - [x] Cipher\r\n  - [x] algorithms\r\n    - [x] AES\r\n    - [x] TripleDES\r\n  - [x] modes\r\n    - [x] CBC\r\n    - [x] ECB\r\n    - [x] GCM\r\n- [x] ec\r\n  - [x] ECDH\r\n  - [x] ECDSA\r\n  - [x] SECP256R1\r\n  - [x] SECP384R1\r\n  - [x] SECP521R1\r\n  - [x] EllipticCurvePublicKey\r\n    - [x] from_encoded_point\r\n  - [x] EllipticCurvePublicNumbers\r\n  - [x] EllipticCurvePrivateKey\r\n  - [x] EllipticCurvePrivateNumbers\r\n  - [x] generate_private_key\r\n  - [x] derive_private_key\r\n- [x] ed25519\r\n  - [x] Ed25519PrivateKey\r\n  - [x] Ed25519PublicKey\r\n- [x] exceptions\r\n  - [x] InvalidSignature\r\n  - [x] AlreadyFinalized\r\n  - [x] UnsupportedAlgorithm\r\n  - [x] InvalidKey\r\n  - [x] InvalidToken\r\n- [x] hashes\r\n  - [x] SHA1\r\n  - [x] SHA256\r\n  - [x] SHA384\r\n  - [x] SHA512\r\n  - [x] BLAKE2s\r\n  - [x] Hash\r\n- [x] hmac\r\n  - [x] HMAC\r\n- [x] padding\r\n  - [x] PKCS1v15\r\n  - [x] PSS\r\n  - [x] OAEP\r\n  - [x] MGF1\r\n  - [x] calculate_max_pss_salt_length\r\n- [x] rsa\r\n  - [x] RSAPublicKey\r\n  - [x] RSAPublicNumbers\r\n  - [x] RSAPrivateKey\r\n  - [x] RSAPrivateNumbers\r\n  - [x] rsa_crt_iqmp\r\n  - [x] rsa_crt_dmp1\r\n  - [x] rsa_crt_dmq1\r\n  - [x] rsa_recover_prime_factors\r\n  - [x] generate_private_key\r\n- [x] serialization\r\n  - [x] load_der_public_key\r\n  - [x] load_der_private_key\r\n  - [x] NoEncryption\r\n  - [x] Encoding\r\n    - [x] DER\r\n    - [x] PEM\r\n    - [x] X962\r\n    - [x] Raw\r\n  - [x] PublicFormat\r\n    - [x] SubjectPublicKeyInfo\r\n    - [x] UncompressedPoint\r\n    - [x] Raw\r\n  - [x] PrivateFormat\r\n    - [x] TraditionalOpenSSL\r\n    - [x] Raw\r\n- [x] twofactor\r\n  - [x] HOTP\r\n  - [x] TOTP\r\n- [x] utils\r\n  - [x] RFC6979\r\n  - [x] Prehashed\r\n  - [x] constant_time_bytes_eq\r\n  - [x] bit_length\r\n  - [x] encode_dss_signature\r\n  - [x] decode_dss_signature\r\n  - [x] rsa_deduce_private_exponent\r\n- [x] x509\r\n  - [x] load_der_x509_certificate\r\n  - [x] Certificate\r\n","funding_links":["https://www.buymeacoffee.com/damianomazp"],"categories":["Libraries"],"sub_categories":["Communications"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdmazzella%2Fucryptography","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdmazzella%2Fucryptography","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdmazzella%2Fucryptography/lists"}