This package provides primitives for generating random values.

Package keccak implements the Keccak (SHA-3) hash algorithm. See http://keccak.noekeon.org.

Package knownhosts is a thin wrapper around golang.org/x/crypto/ssh/knownhosts, adding the ability to obtain the list of host key algorithms for a known host.

This package provides a dictionary for TLS written in Go providing bidirectional mapping values to their names, plus enum convenience for values.

This package provides a Golang implementation of the bcrypt hash algorithm. It is a fork of github.com/jameskeane/bcrypt.

This package provides a functionality to communicate directly with a Trusted Platform Module device. The libraries don't implement the entire spec for neither 1.2 nor 2.0.

Included submodules:

• tpm - TPM 1.2 client library

• tpm2 - TPM 2.0 client library.

• direct - the prototype "TPMDirect" TPM 2.0 API, which is intended to (eventually) be 1:1 with the TPM 2.0 spec

This package provides a Go implementation of JSON Web Tokens and supports the parsing and verification as well as the generation and signing of JSON Web Tokens. The currently supported signing algorithms are HMAC SHA, RSA, RSA-PSS, and ECDSA, though hooks are present for adding your own.

This package provides ShāngMì 4 cipher suites implementation (GM SM2/3/4).

Main functions:

• SM2 national secret elliptic curve algorithm library

• SM3 national secret hash algorithm library

• SM4 national secret block cipher algorithm library

Various cryptographic utilities used by IPFS

Package pkcs12 implements some of PKCS#12 (also known as P12 or PFX). It is intended for decoding DER-encoded P12/PFX files for use with the crypto/tls package, and for encoding P12/PFX files for use by legacy applications which do not support newer formats. Since PKCS#12 uses weak encryption primitives, it SHOULD NOT be used for new applications.

This native Go library manages secrets via the freedesktop.org Secret Service DBus interface.

Package agent implements the ssh-agent protocol, and provides both a client and a server. The client can talk to a standard ssh-agent that uses UNIX sockets, and one could implement an alternative ssh-agent process using the sample server.

Boiler-plate to securely seed Go's random number generator (if possible).

This package implements file encryption according to the https://age-encryption.org/v1 specification. It features small explicit keys, no configuration options, and Unix-style composability. This package provides a command line interface (CLI) tools.

This package provides Abstract Syntax Notation One BER encoding and decoding in the Go language.

This package implements a subset of PKCS #7 / Cryptographic Message Syntax (RFC 2315, RFC 5652).

Keyring provides utility functions for and a common interface to a range of secure credential storage services. Originally developed as part of AWS Vault, a command line tool for securely managing AWS access from developer workstations.

Currently Keyring supports the following backends: macOS/OSX Keychain, Windows pcredential store, Pass, Secret Service, KDE Wallet, Encrypted File. This package provides an command line interface (CLI) tool.

Go-Bloom implements bloom filter using double hashing.

This package is an Ed25519 based public-key signature system that simplifies keys and seeds and performs signing and verification.

The pgpmail package implements PGP encryption for e-mail messages.

This package provides a avo vectorized version of BLAKE3 implementation in Golang.

CIRCL (Cloudflare Interoperable, Reusable Cryptographic Library) is a collection of cryptographic primitives written in Go. The goal of this library is to be used as a tool for experimental deployment of cryptographic algorithms targeting Post-Quantum (PQ) and Elliptic Curve Cryptography (ECC).

This package provides a Go implementation of JSON Web Tokens and supports the parsing and verification as well as the generation and signing of JSON Web Tokens. The currently supported signing algorithms are HMAC SHA, RSA, RSA-PSS, and ECDSA, though hooks are present for adding your own.

blake3 implements the BLAKE3 cryptographic hash function. In addition to the pure-Go implementation, this package also contains AVX-512 and AVX2 routines (generated by avo) that greatly increase performance for large inputs and outputs.