Obfs4 is a look-like nothing obfuscation protocol that incorporates ideas and concepts from Philipp Winter's ScrambleSuit protocol.

The notable differences between ScrambleSuit and obfs4 are:

• The handshake always does a full key exchange (no such thing as a Session Ticket Handshake).

• The handshake uses the Tor Project's ntor handshake with public keys obfuscated via the Elligator 2 mapping.

• The link layer encryption uses NaCl secret boxes (Poly1305/XSalsa20).

This package provides a native Go implementation of Austin Appleby's third MurmurHash revision (aka MurmurHash3).

Package whirlpool implements the ISO/IEC 10118-3:2004 whirlpool cryptographic hash as specified in http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html.

ChaCha is a stream cipher family created by Daniel Bernstein. The most common ChaCha variant is ChaCha20 (20 rounds). ChaCha20 is standardized in RFC 7539.

obfs4proxy is a tool that attempts to circumvent censorship by transforming the Tor traffic between the client and the bridge. This way censors, who usually monitor traffic between the client and the bridge, will see innocent-looking transformed traffic instead of the actual Tor traffic.

This package provides a avo vectorized version of BLAKE3 implementation in Golang.

Package pinentry provides a client to GnuPG's pinentry.

Package ed25519 implements the Ed25519 signature algorithm.

noise implements the Noise protocol framework. Noise is a low-level framework for building crypto protocols. Noise protocols support mutual and optional authentication, identity hiding, forward secrecy, zero round-trip encryption, and other advanced features.

Package scrypt provides a convenience wrapper around Go's existing crypto/scrypt package that makes it easier to securely derive strong keys from weak inputs (i.e. user passwords). The package provides password generation, constant-time comparison and parameter upgrading for scrypt derived keys.

Package keccak implements the Keccak (SHA-3) hash algorithm. See http://keccak.noekeon.org.

This package provides a functionality to communicate directly with a Trusted Platform Module device. The libraries don't implement the entire spec for neither 1.2 nor 2.0.

Included submodules:

• tpm - TPM 1.2 client library

• tpm2 - TPM 2.0 client library.

• direct - the prototype "TPMDirect" TPM 2.0 API, which is intended to (eventually) be 1:1 with the TPM 2.0 spec

Package crypt is a implementation of crypt(3) by golang, originated from https://code.google.com/p/go-crypt.

This package implements file encryption according to the https://age-encryption.org/v1 specification. It features small explicit keys, no configuration options, and Unix-style composability.

This package provides an implementation of the PKCS#11 API. It wraps the library closely, but uses Go idiom where it makes sense. It has been tested with SoftHSM.

Shapeshifter-IPC is a library for Go implementing the IPC protocol from the Pluggable Transports 2.0 specification.

This package was initially based on the pure go BLAKE2b implementation of Dmitry Chestnykh and merged with the (cgo dependent) AVX optimized BLAKE2 implementation (which in turn is based on the official implementation. It does so by using Go's Assembler for amd64 architectures with a golang only fallback for other architectures.

In addition to AVX there is also support for AVX2 as well as SSE. Best performance is obtained with AVX2 which gives roughly a 4X performance increase approaching hashing speeds of 1GB/sec on a single core.

This package provides a Go library for generating, decoding, and encrypting JSON Web Tokens (JWT). It relies only on the standard library.

This native Go library manages secrets via the freedesktop.org Secret Service DBus interface.

blake3 is an implementation of BLAKE3 with AVX2 and SSE4.1 acceleration.

blake3 implements the BLAKE3 cryptographic hash function. In addition to the pure-Go implementation, this package also contains AVX-512 and AVX2 routines (generated by avo) that greatly increase performance for large inputs and outputs.

Shapeshifter-IPC is a library for Go implementing the IPC protocol from the Pluggable Transports 2.0 specification.

Package btcec implements elliptic curve cryptography needed for working with Bitcoin (secp256k1 only for now). It is designed so that it may be used with the standard crypto/ecdsa packages provided with Go. A comprehensive suite of test is provided to ensure proper functionality. Package btcec was originally based on work from ThePiachu which is licensed under the same terms as Go, but it has significantly diverged since then. The btcsuite developers original is licensed under the liberal ISC license.

Although this package was primarily written for btcd, it has intentionally been designed so it can be used as a standalone package for any projects needing to use secp256k1 elliptic curve cryptography.

This package implements the edwards25519 elliptic curve in Go, exposing the necessary APIs to build a wide array of higher-level primitives.