uTLS is a fork of “crypto/tls”, which provides ClientHello fingerprinting resistance, low-level access to handshake, fake session tickets and some other features. Handshake is still performed by “crypto/tls”, this library merely changes ClientHello part of it and provides low-level access.

This package implements file encryption according to the https://age-encryption.org/v1 specification. It features small explicit keys, no configuration options, and Unix-style composability.

This package provides a Go implementation of JSON Web Tokens and supports the parsing and verification as well as the generation and signing of JSON Web Tokens. The currently supported signing algorithms are HMAC SHA, RSA, RSA-PSS, and ECDSA, though hooks are present for adding your own.

This library is a JWT implementation that uses nkeys to digitally sign JWT tokens. Nkeys use Ed25519 to provide authentication of JWT claims.

This package provides a drop-in replacement of the Golang standard encoding/base64 library.

This provides a fork of uTLS for the specific purpose of improving obfs4proxy's meek_lite transport.

Package scrypt provides a convenience wrapper around Go's existing crypto/scrypt package that makes it easier to securely derive strong keys from weak inputs (i.e. user passwords). The package provides password generation, constant-time comparison and parameter upgrading for scrypt derived keys.

The ocicrypt library is the OCI image spec implementation of container image encryption. More details of the spec can be seen in the OCI repository. The purpose of this library is to encode spec structures and consts in code, as well as provide a consistent implementation of image encryption across container runtimes and build tools.

This native Go library manages secrets via the freedesktop.org Secret Service DBus interface.

This package implements a functionality to convert keys between the PEM and JWK file formats.

Various cryptographic utilities used by IPFS

EME (ECB-Mix-ECB or, clearer, Encrypt-Mix-Encrypt) is a wide-block encryption mode developed by Halevi and Rogaway.

Package xxhash implements the 64-bit variant of xxHash (XXH64) as described at https://xxhash.com/.

This package provides a Go implementation of Google City Hash, originated from https://github.com/zhenjl/cityhash and https://github.com/zentures/cityhash projects.

pcg is a random number generator that uses Permuted Congruential Generator (PCG) algorithm.

Package pbkdf2 implements password-based key derivation using the PBKDF2 algorithm described in RFC 2898 and RFC 8018.

This package provides an optimized pure Go implementation of elliptic curve cryptography operations over the secp256k1 curve as well as data structures and functions for working with public and private secp256k1 keys as cpecified in the https://www.secg.org/sec2-v2.pdf standard.

In addition, sub packages are provided to produce, verify, parse, and serialize ECDSA signatures and EC-Schnorr-DCRv0 (a custom Schnorr-based signature scheme specific to Decred) signatures. See the README.md files in the relevant sub packages for more details about those aspects.

Shapeshifter-IPC is a library for Go implementing the IPC protocol from the Pluggable Transports 2.0 specification.

Go-ShadowSocks is a Go implementation of the Shadowsocks tunnel proxy protocol.

This package provides a native Go implementation of Austin Appleby's third MurmurHash revision (aka MurmurHash3).

This is a SIMD accelerated MD5 package, allowing up to either 8 (AVX2) or 16 (AVX512) independent MD5 sums to be calculated on a single CPU core.

md5-simd integrates a similar mechanism as described in minio/sha256-simd for making it easy for clients to take advantages of the parallel nature of the MD5 calculation. This will result in reduced overall CPU load.

This is a Go implementation of the Google Authenticator library as specified in RFC 4226 and RFC 6238.

Native Go implementation of Austin Appleby's third MurmurHash revision (aka MurmurHash3). Reference algorithm has been slightly hacked as to support the streaming mode required by Go's standard Hash interface.

Accelerate SHA256 computations in pure Go using AVX512 and AVX2 for Intel and ARM64 for ARM. On AVX512 it provides an up to 8x improvement (over 3 GB/s per core) in comparison to AVX2.

This package is designed as a replacement for crypto/sha256. For Intel CPUs it has two flavors for AVX512 and AVX2 (AVX/SSE are also supported). For ARM CPUs with the Cryptography Extensions, advantage is taken of the SHA2 instructions resulting in a massive performance improvement.

This package uses Golang assembly. The AVX512 version is based on the Intel's "multi-buffer crypto library for IPSec" whereas the other Intel implementations are described in "Fast SHA-256 Implementations on Intel Architecture Processors" by J. Guilford et al.