Clevis is a plugable framework for automated decryption. It can be used to provide automated decryption of data or even automated unlocking of LUKS volumes. Tang is a server for binding data to network presence.
Custodia is a service to manage, retrieve and store secrets.
josé is a C-language implementation of the Javascript Object Signing and Encryption standards with plugable backends. pyjose provides bindings for Python.
jwcrypto is a pure Python implementation of JOSE on top of PyCA cryptography.
kdcproxy is a WSGI module for proxying Kerberos KDC requests over HTTPS by following the MS-KKDCP protocol specification.
libverto is an asynchronous event loop abstraction library. It provides a C interface which is backend-agnostic, as well as several backends, and can select a provider at either compile-time or run-time.
Misc and experimental projects.