{"id":13813992,"url":"https://github.com/keybase/python-triplesec","last_synced_at":"2025-08-29T20:31:26.815Z","repository":{"id":53614676,"uuid":"13936609","full_name":"keybase/python-triplesec","owner":"keybase","description":"A Python port of the triplesec library.","archived":true,"fork":false,"pushed_at":"2024-01-05T17:59:11.000Z","size":688,"stargazers_count":82,"open_issues_count":4,"forks_count":18,"subscribers_count":17,"default_branch":"master","last_synced_at":"2025-07-07T02:45:33.624Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/keybase.png","metadata":{"files":{"readme":"README.rst","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2013-10-28T19:45:52.000Z","updated_at":"2025-04-20T22:51:24.000Z","dependencies_parsed_at":"2024-08-04T04:15:27.881Z","dependency_job_id":null,"html_url":"https://github.com/keybase/python-triplesec","commit_stats":{"total_commits":61,"total_committers":8,"mean_commits":7.625,"dds":0.4098360655737705,"last_synced_commit":"0a73e18cfe542d0cd5ee57bd823a67412b4b717e"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/keybase/python-triplesec","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keybase%2Fpython-triplesec","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keybase%2Fpython-triplesec/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keybase%2Fpython-triplesec/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keybase%2Fpython-triplesec/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/keybase","download_url":"https://codeload.github.com/keybase/python-triplesec/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keybase%2Fpython-triplesec/sbom","scorecard":{"id":557941,"data":{"date":"2025-08-11","repo":{"name":"github.com/keybase/python-triplesec","commit":"0a73e18cfe542d0cd5ee57bd823a67412b4b717e"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":2,"reason":"Found 5/24 approved changesets -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"project is archived","details":["Warn: Repository is archived."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: BSD 3-Clause \"New\" or \"Revised\" License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2024-3 / GHSA-j225-cvw7-qrx7","Warn: Project is vulnerable to: GHSA-6w4m-2xhg-2658"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 14 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-20T12:50:46.165Z","repository_id":53614676,"created_at":"2025-08-20T12:50:46.165Z","updated_at":"2025-08-20T12:50:46.165Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":272758377,"owners_count":24988238,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-29T02:00:10.610Z","response_time":87,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T04:01:39.329Z","updated_at":"2025-08-29T20:31:26.320Z","avatar_url":"https://github.com/keybase.png","language":"Python","readme":"python-triplesec\n================\n\n.. image:: https://travis-ci.org/keybase/python-triplesec.png\n   :alt: Build Status\n   :target: https://travis-ci.org/keybase/python-triplesec\n\n.. image:: https://coveralls.io/repos/keybase/python-triplesec/badge.png\n   :alt: Coverage Status\n   :target: https://coveralls.io/r/keybase/python-triplesec\n\n.. image:: https://img.shields.io/pypi/v/TripleSec.svg\n   :alt: PyPi version\n   :target: https://crate.io/packages/TripleSec\n\n.. image:: https://img.shields.io/pypi/dm/TripleSec.svg\n   :alt: PyPi downloads\n   :target: https://crate.io/packages/TripleSec\n\n\nA Python port of the TripleSec_ library. See also the JS implementation_.\n\nCompatible with Python 2.7 and 3.6+.\n\n.. _TripleSec: https://keybase.io/triplesec/\n.. _implementation: https://github.com/keybase/triplesec/\n\n\nInstallation\n------------\n\n::\n\n  pip install TripleSec\n\nNote: You may get an OpenSSL error while installing\nthe scrypt dependency on older operating systems.\nOn Ubuntu/Debian, run\n::\n# apt-get install libssl-dev\nOn OS X, follow the instructions at https://github.com/ethereum/pyethapp/issues/209#issuecomment-308466232.\n\nUsage\n-----\n\nInstantiate a ``triplesec.TripleSec(key=None)`` object, with or without a key (if omitted it will have to be specified at each use), then use the ``encrypt(message, key=None)`` and ``decrypt(ciphertext, key=None)`` methods.\n\nAll values must be binary strings (``str`` on Python 2, ``bytes`` on Python 3)\n\nShortcuts\n~~~~~~~~~\n\nThe (unkeyed) functions ``encrypt`` and ``decrypt`` are exposed at the module level.\n\nCommand line tool\n-----------------\n\nTripleSec offers a ``triplesec`` command line tool to encrypt and decrypt messages from the terminal.\n\nHere is the help::\n\n  Command-line TripleSec encryption-decryption tool\n\n  usage: triplesec [-h] [-b | --hex] [-k KEY] {enc|dec} [data]\n\n  positional arguments:\n    {enc|dec}          enc: encrypt and sign a message with TripleSec; by\n                       default output a hex encoded ciphertext (see -b and\n                       --hex) -- dec: decrypt and verify a TripleSec ciphertext\n    data               the TripleSec message or ciphertext; if not specified it\n                       will be read from stdin; by default ciphertexts will be\n                       considered hex encoded (see -b and --hex)\n\n  optional arguments:\n    -h, --help         show this help message and exit\n    -b, --binary       consider all input (key, plaintext, ciphertext) to be\n                       plain binary data and output everything as binary data -\n                       this turns off smart decoding/encoding - if you pipe\n                       data, you should use this\n    --hex              consider all input (key, plaintext, ciphertext) to be hex\n                       encoded; hex encode all output\n    -k KEY, --key KEY  the TripleSec key; if not specified will check the\n                       TRIPLESEC_KEY env variable, then prompt the user for it\n    --compatibility    Use Keccak instead of SHA3 for the second MAC and reverse\n                       endianness of Salsa20 in version 1. Only effective in\n                       versions before 4.\n\nChanges in 0.5\n-----------------------\nFor message authentication, the Triplesec spec uses the Keccak SHA3 proposal function for versions 1 through 3, but for some time, this library used the standardized SHA3-512 function instead. Thus, by default, the Python implementation for versions 1 through 3 is incompatible with the JavaScript and Golang implementations.\nFrom version 4 and going forward, the spec will use only the standardized SHA3-512 function (provided, for example, by `hashlib` in Python), and the Python, JavaScript, and Golang implementations will be compatible.\n\nIf you would like to use Keccak with versions 1 through 3 (and thus achieve compatibility with the Node and Go packages), you can pass in `compatibility=True` to `encrypt` and `decrypt`, or on the commandline as detailed in the above section.\n\nAdditionally, encryptions that do not specify a version will now use version 4 by default, which is not compatible with previous versions.\n\nExample\n-------\n\n\u003e\u003e\u003e import triplesec\n\u003e\u003e\u003e x = triplesec.encrypt(b\"IT'S A YELLOW SUBMARINE\", b'* password *')\n\u003e\u003e\u003e print(triplesec.decrypt(x, b'* password *').decode())\nIT'S A YELLOW SUBMARINE\n\n\u003e\u003e\u003e from triplesec import TripleSec\n\u003e\u003e\u003e T = TripleSec(b'* password *')\n\u003e\u003e\u003e x = T.encrypt(b\"IT'S A YELLOW SUBMARINE\")\n\u003e\u003e\u003e print(T.decrypt(x).decode())\nIT'S A YELLOW SUBMARINE\n","funding_links":[],"categories":["Python"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkeybase%2Fpython-triplesec","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkeybase%2Fpython-triplesec","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkeybase%2Fpython-triplesec/lists"}