OK, I guess it does work. This worked for me:
def crypt():
form = SQLFORM.factory(
Field('test', requires=CRYPT(auth.settings.hmac_key)))
if form.accepts(request.vars, session):
return dict(data=form.vars.test)
return dict(form=form)
