Python has a complex past with cryptography. There are half a dozen major frameworks built on at least three separate C implementations, each with their own strengths and weaknesses and in various states of maintenance.
In our development of an open source key management system for OpenStack (Barbican), our team has spent some time investigating the major options including OpenSSL, libnss, nacl and pycrypto on the C side and PyOpenSSL, Pycrypto, python-nss and m2crypto on the Python side.
In our research, we noted several challenges with the current crop of libraries including audit state, support for PyPy, maintenance status, etc. In response to this, a group of Python aficionados with more time than sense have begun development of Cryptography (https://github.com/pyca/cryptography). Cryptography is a modern Python crypto library capable of utilizing multiple C backends based on CFFI, thus enabling PyPy use. We will cover the current state of the library, it’s goals and design decisions.