diff --git a/setup.py b/setup.py
index ea10b24..cc3a9b8 100755
--- a/setup.py
+++ b/setup.py
@@ -43,7 +43,7 @@ install_requires = [
     'paste',
     'zope.interface',
     'repoze.who',
-    'pycrypto', #'Crypto'
+    'pycrypto',  # 'Crypto'
     'pytz'
 ]
 
diff --git a/src/saml2/cert.py b/src/saml2/cert.py
index 8234daa..638052e 100644
--- a/src/saml2/cert.py
+++ b/src/saml2/cert.py
@@ -5,7 +5,7 @@ import datetime
 import dateutil.parser
 import pytz
 from OpenSSL import crypto
-from os.path import exists, join
+from os.path import join
 from os import remove
 from Crypto.Util import asn1
 
@@ -228,7 +228,8 @@ class OpenSSLWrapper(object):
                 return False, message
             else:
                 cert_str = tmp_cert_str
-            return True, "Signed certificate is valid and correctly signed by CA certificate."
+            return (True,
+                "Signed certificate is valid and correctly signed by CA certificate.")
 
     def certificate_not_valid_yet(self, cert):
         starts_to_be_valid = dateutil.parser.parse(cert.get_notBefore())
diff --git a/src/saml2/sigver.py b/src/saml2/sigver.py
index 8323de6..193bf6f 100644
--- a/src/saml2/sigver.py
+++ b/src/saml2/sigver.py
@@ -52,12 +52,16 @@ from saml2.time_util import str_to_time
 
 from tempfile import NamedTemporaryFile
 from subprocess import Popen, PIPE
+from xmlenc import EncryptionMethod, EncryptedKey, CipherData, CipherValue, \
+    EncryptedData
 
 logger = logging.getLogger(__name__)
 
 SIG = "{%s#}%s" % (ds.NAMESPACE, "Signature")
 
 RSA_SHA1 = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
+RSA_1_5 = "http://www.w3.org/2001/04/xmlenc#rsa-1_5"
+TRIPLE_DES_CBC = "http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
 
 from Crypto.Hash import SHA256, SHA384, SHA512, SHA
 
@@ -1509,6 +1513,28 @@ def pre_signature_part(ident, public_key=None, identifier=None):
     return signature
 
 
+def pre_encryption_part(msg_enc=TRIPLE_DES_CBC, key_enc=RSA_1_5):
+    """
+
+    :param msg_enc:
+    :param key_enc:
+    :return:
+    """
+    msg_encryption_method = EncryptionMethod(algorithm=msg_enc)
+    key_encryption_method = EncryptionMethod(algorithm=key_enc)
+    encrypted_key = EncryptedKey(encryption_method=key_encryption_method,
+                                 key_info=ds.KeyInfo(
+                                     key_name=ds.KeyName(text="")),
+                                 cipher_data=CipherData(
+                                     cipher_value=CipherValue(text="")))
+    key_info = ds.KeyInfo(encrypted_key=encrypted_key)
+    encrypted_data = EncryptedData(
+        encryption_method=msg_encryption_method,
+        key_info=key_info,
+        cipher_data=CipherData(cipher_value=CipherValue(text="")))
+    return encrypted_data
+
+
 def response_factory(sign=False, encrypt=False, **kwargs):
     response = samlp.Response(id=sid(), version=VERSION,
                               issue_instant=instant())