Skip to main content

Fast and flexible security protocol parser and generator

Project description


What is it and what is it not?

As the project name CryptoParser implies, it is a cryptographic protocol parser. The main purpose of creating this library is the fact, that cryptography protocol analysis differs in many aspect from establishing a connection using a cryptographic protocol. Analysis is mostly testing where we trigger special and corner cases of the protocol and we also trying to establish connection with hardly supported, experimental, obsoleted or even deprecated mechanisms or algorithms which are may or may not supported by the latest or any version of an implementation of the cryptographic protocol.

As follows, it is neither a comprehensive nor a secure implementation of any cryptographic protocol. On the one hand library implements only the absolutely necessary parts of the protocol. On the other it contains completely insecure algorithms and mechanisms. It is not designed and contraindicated to use this library establishing secure connections. If you are searching for cryptographic protocol implementation, there are several existing wrappers and native implementations for Python (eg: M2Crypto, pyOpenSSL, Paramiko, ...).

Quick start

CryptoParser can be installed directly via pip:

$ pip install cryptoparser

Development environment

If you want to setup a development environment, you are in need of pipenv.

$ cd cryptoparser
$ pipenv install --dev
$ pipenv shell



Python implementation

  • CPython (2.7, >=3.3)
  • PyPy (2.7, 3.5)

Operating systems

  • Linux
  • macOS
  • Windows

Protocol Specific Features

Hypertext Transfer Protocol (HTTP)


  1. supports header wire format parsing
  2. supports detailed parsing of generic headers (Content-Type, Server)
  3. supports detailed parsing of caching headers (Age, Cache-Control, Date, ETag, Expires, Last-Modified, Pragma)
  4. supports detailed parsing of security headers (Expect-CT, Expect-Staple, Referrer-Policy, Strict-Transport-Security, X-Content-Type-Options, X-Frame-Options)

Transport Layer Security (TLS)

Only features that cannot be or difficultly implemented by some of the most popular SSL/TLS implementations (eg: GnuTls, LibreSSL, OpenSSL, wolfSSL, ...) are listed.


  1. supports Generate Random Extensions And Sustain Extensibility (GREASE) values for
    • protocol version
    • extension type
    • ciphers suite
    • signature algorithms
    • named group
  2. supports easy JA3 fingerprint generation

Protocol Versions

  1. support not only the final, but also draft versions

Cipher Suites

  1. supports each cipher suites discussed on
  2. supports GOST (national standards of the Russian Federation and CIS countries) cipher suites

Secure Shell (SSH)

Cipher Suites

  1. identifies as much encryption algorithms as possible (more than 200, compared to 70+ currently supported by OpenSSH)
  2. supports HASSH fingerprint calculation (#96)

Public Keys

  1. supports host keys and cretificates (both V00 and V01)


The code is available under the terms of Mozilla Public License Version 2.0 (MPL 2.0).

A non-comprehensive, but straightforward description of MPL 2.0 can be found at Choose an open source license website.

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cryptoparser-0.8.2.tar.gz (79.0 kB view hashes)

Uploaded source

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page