Skip to main content

A library that provides cryptographic and general-purpose routines for Secure Systems Lab projects at NYU

Project description


CI Documentation Status

Securesystemslib is a cryptography interface for signing and verifying digital signatures. It is developed for the TUF and in-toto projects: the key and signature containers are compatible with metadata formats from those projects.

Under the hood, Securesystemslib can use various digital signing systems (e.g. cryptography, PIV hardware keys and multiple cloud-based key management systems).


The default installation supports pure-Python ed25519 signature verification only. To enable other schemes and signature creation, securesystemslib can be installed with extras. See pyproject.toml for available optional dependencies.

# Install with ed25519, RSA, ECDSA sign and verify support
pip install securesystemslib[crypto]
# ...or with HSM (e.g. Yubikey) support
pip install securesystemslib[hsm]




tox is used for testing. It can be installed via pip and executed from the command line in the root of the repository.


Legacy key migration

Use migrate_keys script to convert key pairs generated with legacy keys or interface modules to a consistent standard format, which is compatible with CryptoSigner.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

securesystemslib-0.31.0.tar.gz (1.0 MB view hashes)

Uploaded source

Built Distribution

securesystemslib-0.31.0-py3-none-any.whl (927.7 kB view hashes)

Uploaded py3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page