This package provides an implementation of the PKCS#11 API. It wraps the library closely, but uses Go idiom where it makes sense. It has been tested with SoftHSM.

pkcs8 implements functions to process private keys in PKCS#8 format, as defined in RFC 5208 and RFC 5958. It can handle both unencrypted PKCS#8 PrivateKeyInfo format and EncryptedPrivateKeyInfo format with PKCS#5 (v2.0) algorithms.

Package imohash implements a fast, constant-time hash for files. It is based atop murmurhash3 and uses file size and sample data to construct the hash.

Fast implementation of base58 encoding on Golang. A trivial big.Int encoding benchmark results in 6 times faster encoding and 8 times faster decoding.

This provides a fork of uTLS for the specific purpose of improving obfs4proxy's meek_lite transport.

This package was initially based on the pure go BLAKE2b implementation of Dmitry Chestnykh and merged with the (cgo dependent) AVX optimized BLAKE2 implementation (which in turn is based on the official implementation. It does so by using Go's Assembler for amd64 architectures with a golang only fallback for other architectures.

In addition to AVX there is also support for AVX2 as well as SSE. Best performance is obtained with AVX2 which gives roughly a 4X performance increase approaching hashing speeds of 1GB/sec on a single core.

This package provides a dictionary for TLS written in Go providing bidirectional mapping values to their names, plus enum convenience for values.

This package is an Ed25519 based public-key signature system that simplifies keys and seeds and performs signing and verification.

Package btcec implements elliptic curve cryptography needed for working with Bitcoin (secp256k1 only for now). It is designed so that it may be used with the standard crypto/ecdsa packages provided with Go. A comprehensive suite of test is provided to ensure proper functionality. Package btcec was originally based on work from ThePiachu which is licensed under the same terms as Go, but it has significantly diverged since then. The btcsuite developers original is licensed under the liberal ISC license.

Although this package was primarily written for btcd, it has intentionally been designed so it can be used as a standalone package for any projects needing to use secp256k1 elliptic curve cryptography.

Libsignal-protocol-go is a Go implementation of the Signal Client Protocol.

This package provides a Go translation of the reference C++ code for MetroHash, a high quality, high performance hash algorithm.

Go-ShadowSocks is a Go implementation of the Shadowsocks tunnel proxy protocol.

This package calculates CRC64 checksums using carryless-multiplication accelerated with SIMD instructions for both ARM and x86. The code is based on the https://github.com/awesomized/crc64fast-nvme.git, crc64fast-nvme package in Rust.

This package produces a collection of cryptographic utilities, including the following:

• drbg: a cryptographically secure pseudorandom number generator as specified in NIST SP 800-90A

• encoding/base32: a compact base32 encoder

• secretkey: user-friendly secret keys that can be used with secretbox

• salsa20: a streaming interface (cipher.Stream) for the Salsa20 stream cipher

• poly1305: a streaming interface (hash.Hash) for the Poly1305 one-time authenticator as specified in poly1305

The bsaes is a portable pure-Go constant time AES implementation based on the code from BearSSL. On appropriate systems, with a sufficiently recent Go runtime, it will transparently call crypto/aes when NewCipher is invoked.

This package provides a Go implementation of JSON Web Tokens and supports the parsing and verification as well as the generation and signing of JSON Web Tokens. The currently supported signing algorithms are HMAC SHA, RSA, RSA-PSS, and ECDSA, though hooks are present for adding your own.

This package implements a functionality to convert keys between the PEM and JWK file formats.

This package provides cryptography for Go. This version of the package is a fork that adds a more up-to-date OpenPGP implementation. It is completely backwards compatible with golang.org/x/crypto, the official package.

This package provides a native Go implementation of Austin Appleby's third MurmurHash revision (aka MurmurHash3).

Package sha1cd implements collision detection based on the whitepaper Counter-cryptanalysis from Marc Stevens. The original ubc implementation was done by Marc Stevens and Dan Shumow, and can be found at: @urlhttps://github.com/cr-marcstevens/sha1collisiondetection,https://github.com/cr-marcstevens/sha1collisiondetection.

This package implements file encryption according to the https://age-encryption.org/v1 specification. It features small explicit keys, no configuration options, and Unix-style composability. This package provides a command line interface (CLI) tools.

This package implements a functionality for two parties to generate a mutual secret key by using a weak key that is known to both beforehand (e.g. via some other channel of communication). This is a simple API for an implementation of Password-Authenticated Key Exchange. This protocol is derived from Dan Boneh and Victor Shoup's cryptography book (pg 789, PAKE2 protocol).

blake3 implements the BLAKE3 cryptographic hash function. In addition to the pure-Go implementation, this package also contains AVX-512 and AVX2 routines (generated by avo) that greatly increase performance for large inputs and outputs.

This package implements the pseudo-random-function (PRF) HighwayHash. HighwayHash is a fast hash function designed to defend hash-flooding attacks or to authenticate short-lived messages.