This package implements file encryption according to the https://age-encryption.org/v1 specification. It features small explicit keys, no configuration options, and Unix-style composability. This package provides a command line interface (CLI) tools.

pkcs8 implements functions to process private keys in PKCS#8 format, as defined in RFC 5208 and RFC 5958. It can handle both unencrypted PKCS#8 PrivateKeyInfo format and EncryptedPrivateKeyInfo format with PKCS#5 (v2.0) algorithms.

Boiler-plate to securely seed Go's random number generator (if possible).

This package implements a subset of PKCS #7 / Cryptographic Message Syntax (RFC 2315, RFC 5652).

This package provides a Go implementation of several rolling hashes.

This package implements the pseudo-random-function (PRF) HighwayHash. HighwayHash is a fast hash function designed to defend hash-flooding attacks or to authenticate short-lived messages.

pcg is a random number generator that uses Permuted Congruential Generator (PCG) algorithm.

The pgpmail package implements PGP encryption for e-mail messages.

This package provides an extract bcrypt from golang.org/x/crypto/bcrypt.

This package implements consistent hashing that can be used when the number of server nodes increase or decrease (like in memcached). The hashing ring is built using the same algorithm as libketama.

FarmHash provides hash functions for strings and other data. The functions mix the input bits thoroughly but are not suitable for cryptography. It is implemented as a mechanical translation of the non-SSE4/non-AESNI hash functions from Google's FarmHash.

This package provides a Go implementation of JSON Web Tokens and supports the parsing and verification as well as the generation and signing of JSON Web Tokens. The currently supported signing algorithms are HMAC SHA, RSA, RSA-PSS, and ECDSA, though hooks are present for adding your own.

This package provides Abstract Syntax Notation One BER encoding and decoding in the Go language.

Package pinentry provides a client to GnuPG's pinentry.

Native Go implementation of Austin Appleby's third MurmurHash revision (aka MurmurHash3). Reference algorithm has been slightly hacked as to support the streaming mode required by Go's standard Hash interface.

This package produces a collection of cryptographic utilities, including the following:

• drbg: a cryptographically secure pseudorandom number generator as specified in NIST SP 800-90A

• encoding/base32: a compact base32 encoder

• secretkey: user-friendly secret keys that can be used with secretbox

• salsa20: a streaming interface (cipher.Stream) for the Salsa20 stream cipher

• poly1305: a streaming interface (hash.Hash) for the Poly1305 one-time authenticator as specified in poly1305

Package pkcs12 implements some of PKCS#12 (also known as P12 or PFX). It is intended for decoding DER-encoded P12/PFX files for use with the crypto/tls package, and for encoding P12/PFX files for use by legacy applications which do not support newer formats. Since PKCS#12 uses weak encryption primitives, it SHOULD NOT be used for new applications.

This package provides a dictionary for TLS written in Go providing bidirectional mapping values to their names, plus enum convenience for values.

Package knownhosts is a thin wrapper around golang.org/x/crypto/ssh/knownhosts, adding the ability to obtain the list of host key algorithms for a known host.

This is a native Go implementation of the xxHash algorithm, an extremely fast non-cryptographic hash algorithm, working at speeds close to RAM limits.

This package provides primitives for generating random values.

EME (ECB-Mix-ECB or, clearer, Encrypt-Mix-Encrypt) is a wide-block encryption mode developed by Halevi and Rogaway.

This package provides AES Cipher Block Chaining CipherText Stealing encryption and decryption methods.

This provides a fork of uTLS for the specific purpose of improving obfs4proxy's meek_lite transport.