The ocicrypt library is the OCI image spec implementation of container image encryption. More details of the spec can be seen in the OCI repository. The purpose of this library is to encode spec structures and consts in code, as well as provide a consistent implementation of image encryption across container runtimes and build tools.

A Golang library to verify Minisign signatures.

This package provides a functionality to communicate directly with a Trusted Platform Module device. The libraries don't implement the entire spec for neither 1.2 nor 2.0.

Included submodules:

• tpm - TPM 1.2 client library

• tpm2 - TPM 2.0 client library.

• direct - the prototype "TPMDirect" TPM 2.0 API, which is intended to (eventually) be 1:1 with the TPM 2.0 spec

Go-ShadowSocks is a Go implementation of the Shadowsocks tunnel proxy protocol.

This package is an external copy of the Go standard library's internal ChaCha20 package.

This package implements a functionality to convert keys between the PEM and JWK file formats.

This package is an Ed25519 based public-key signature system that simplifies keys and seeds and performs signing and verification.

This package implements RFC 7512 - the PKCS #11 URI Scheme; and errata specifications.

Package imohash implements a fast, constant-time hash for files. It is based atop murmurhash3 and uses file size and sample data to construct the hash.

This provides a fork of uTLS for the specific purpose of improving obfs4proxy's meek_lite transport.

Package blake256 implements BLAKE-256 and BLAKE-224 with SSE2, SSE4.1, and AVX acceleration and zero allocations.

Libsignal-protocol-go is a Go implementation of the Signal Client Protocol.

This package provides a Go library for the Concise Binary Object Representation (CBOR) Object Signing and Encryption (COSE) specification.

Accelerate SHA256 computations in pure Go using AVX512 and AVX2 for Intel and ARM64 for ARM. On AVX512 it provides an up to 8x improvement (over 3 GB/s per core) in comparison to AVX2.

This package is designed as a replacement for crypto/sha256. For Intel CPUs it has two flavors for AVX512 and AVX2 (AVX/SSE are also supported). For ARM CPUs with the Cryptography Extensions, advantage is taken of the SHA2 instructions resulting in a massive performance improvement.

This package uses Golang assembly. The AVX512 version is based on the Intel's "multi-buffer crypto library for IPSec" whereas the other Intel implementations are described in "Fast SHA-256 Implementations on Intel Architecture Processors" by J. Guilford et al.

This repository contains Go packages related to cryptographic standards that are not included in the Go standard library.

This is a Go implementation of the Google Authenticator library as specified in RFC 4226 and RFC 6238.

This package provides a Go library for generating, decoding, and encrypting JSON Web Tokens (JWT). It relies only on the standard library.

Shapeshifter-IPC is a library for Go implementing the IPC protocol from the Pluggable Transports 2.0 specification.

This package implements consistent hashing that can be used when the number of server nodes increase or decrease (like in memcached). The hashing ring is built using the same algorithm as libketama.

This package implements functionality based on ideas and concepts from Philipp Winter's ScrambleSuit protocol. The notable differences between ScrambleSuit and obfs4:

• the handshake always does a full key exchange (no such thing as a Session Ticket Handshake)

• the handshake uses the Tor Project's ntor handshake with public keys obfuscated via the Elligator 2 mapping

• the link layer encryption uses NaCl secret boxes (Poly1305/XSalsa20)

Package sha1cd implements collision detection based on the whitepaper Counter-cryptanalysis from Marc Stevens. The original ubc implementation was done by Marc Stevens and Dan Shumow, and can be found at: @urlhttps://github.com/cr-marcstevens/sha1collisiondetection,https://github.com/cr-marcstevens/sha1collisiondetection.

This package exports a super-isolated elliptic curve. Over the base field 𝔽ₚ, the curve E does not admit any isogenies to other curves.

Package xxhash implements the 64-bit variant of xxHash (XXH64) as described at https://xxhash.com/.

This package implements the edwards25519 elliptic curve in Go, exposing the necessary APIs to build a wide array of higher-level primitives.