pkcs8 implements functions to process private keys in PKCS#8 format, as defined in RFC 5208 and RFC 5958. It can handle both unencrypted PKCS#8 PrivateKeyInfo format and EncryptedPrivateKeyInfo format with PKCS#5 (v2.0) algorithms.

Obfs4 is a look-like nothing obfuscation protocol that incorporates ideas and concepts from Philipp Winter's ScrambleSuit protocol.

The notable differences between ScrambleSuit and obfs4 are:

• The handshake always does a full key exchange (no such thing as a Session Ticket Handshake).

• The handshake uses the Tor Project's ntor handshake with public keys obfuscated via the Elligator 2 mapping.

• The link layer encryption uses NaCl secret boxes (Poly1305/XSalsa20).

This package provides Abstract Syntax Notation One BER encoding and decoding in the Go language.

This package provides a native Go implementation of Austin Appleby's third MurmurHash revision (aka MurmurHash3).

The ocicrypt library is the OCI image spec implementation of container image encryption. More details of the spec can be seen in the OCI repository. The purpose of this library is to encode spec structures and consts in code, as well as provide a consistent implementation of image encryption across container runtimes and build tools.

Package imohash implements a fast, constant-time hash for files. It is based atop murmurhash3 and uses file size and sample data to construct the hash.

This package implements the edwards25519 elliptic curve in Go, exposing the necessary APIs to build a wide array of higher-level primitives.

SipHash is a family of pseudorandom functions (PRFs) optimized for speed on short messages.

This library is a JWT implementation that uses nkeys to digitally sign JWT tokens. Nkeys use Ed25519 to provide authentication of JWT claims.

Boiler-plate to securely seed Go's random number generator (if possible).

This package provides a avo vectorized version of BLAKE3 implementation in Golang.

GoPtLib is a library for writing Tor pluggable transports in Go.

Keyring provides utility functions for and a common interface to a range of secure credential storage services. Originally developed as part of AWS Vault, a command line tool for securely managing AWS access from developer workstations.

Currently Keyring supports the following backends: macOS/OSX Keychain, Windows pcredential store, Pass, Secret Service, KDE Wallet, Encrypted File. This package provides an command line interface (CLI) tool.

Package ed25519 implements the Ed25519 signature algorithm.

FarmHash provides hash functions for strings and other data. The functions mix the input bits thoroughly but are not suitable for cryptography. It is implemented as a mechanical translation of the non-SSE4/non-AESNI hash functions from Google's FarmHash.

Package agent implements the ssh-agent protocol, and provides both a client and a server. The client can talk to a standard ssh-agent that uses UNIX sockets, and one could implement an alternative ssh-agent process using the sample server.

This package provides a Go implementation of several rolling hashes.

This package provides qtls, a QUIC-capable variant of the Go standard library's TLS 1.3 implementation.

This package produces a collection of cryptographic utilities, including the following:

• drbg: a cryptographically secure pseudorandom number generator as specified in NIST SP 800-90A

• encoding/base32: a compact base32 encoder

• secretkey: user-friendly secret keys that can be used with secretbox

• salsa20: a streaming interface (cipher.Stream) for the Salsa20 stream cipher

• poly1305: a streaming interface (hash.Hash) for the Poly1305 one-time authenticator as specified in poly1305

This package is an external copy of the Go standard library's internal ChaCha20 package.

Fast implementation of base58 encoding on Golang. A trivial big.Int encoding benchmark results in 6 times faster encoding and 8 times faster decoding.

Package keccak implements the Keccak (SHA-3) hash algorithm. See http://keccak.noekeon.org.

This package implements file encryption according to the https://age-encryption.org/v1 specification. It features small explicit keys, no configuration options, and Unix-style composability. This package provides a command line interface (CLI) tools.

Libsignal-protocol-go is a Go implementation of the Signal Client Protocol.