Package pkcs12 implements some of PKCS#12 (also known as P12 or PFX). It is intended for decoding DER-encoded P12/PFX files for use with the crypto/tls package, and for encoding P12/PFX files for use by legacy applications which do not support newer formats. Since PKCS#12 uses weak encryption primitives, it SHOULD NOT be used for new applications.

This package implements RFC 7512 - the PKCS #11 URI Scheme; and errata specifications.

Keyring provides utility functions for and a common interface to a range of secure credential storage services. Originally developed as part of AWS Vault, a command line tool for securely managing AWS access from developer workstations.

Currently Keyring supports the following backends: macOS/OSX Keychain, Windows pcredential store, Pass, Secret Service, KDE Wallet, Encrypted File. This package provides an command line interface (CLI) tool.

This package provides Abstract Syntax Notation One BER encoding and decoding in the Go language.

This package provides ssh-to-pgp: a Go command line +utility to convert SSH RSA keys to GPG keys.

This package provides primitives for generating random values.

This package provides cryptography for Go. This version of the package is a fork that adds a more up-to-date OpenPGP implementation. It is completely backwards compatible with golang.org/x/crypto, the official package.

This package is an external copy of the Go standard library's internal ChaCha20 package.

Shapeshifter-Transports is a set of Pluggable Transports implementing the Go API from the Pluggable Transports 2.0 specification. Each transport implements a different method of shapeshifting network traffic. The goal is for application traffic to be sent over the network in a shapeshifted form that bypasses network filtering, allowing the application to work on networks where it would otherwise be blocked or heavily throttled.

Package blake256 implements BLAKE-256 and BLAKE-224 with SSE2, SSE4.1, and AVX acceleration and zero allocations.

This package calculates CRC64 checksums using carryless-multiplication accelerated with SIMD instructions for both ARM and x86. The code is based on the https://github.com/awesomized/crc64fast-nvme.git, crc64fast-nvme package in Rust.

The pgpmail package implements PGP encryption for e-mail messages.

obfs4proxy is a tool that attempts to circumvent censorship by transforming the Tor traffic between the client and the bridge. This way censors, who usually monitor traffic between the client and the bridge, will see innocent-looking transformed traffic instead of the actual Tor traffic.

Package whirlpool implements the ISO/IEC 10118-3:2004 whirlpool cryptographic hash as specified in http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html.

This package is a Go library for creating a unique hash value for arbitrary values in Go. This can be used to key values in a hash (for use in a map, set, etc.) that are complex. The most common use case is comparing two values without sending data across the network, caching values locally (de-dup), and so on.

Native Go implementation of Austin Appleby's third MurmurHash revision (aka MurmurHash3). Reference algorithm has been slightly hacked as to support the streaming mode required by Go's standard Hash interface.

ChaCha is a stream cipher family created by Daniel Bernstein. The most common ChaCha variant is ChaCha20 (20 rounds). ChaCha20 is standardized in RFC 7539.

Dust is an Internet protocol designed to resist a number of attacks currently in active use to censor Internet communication. While adherence to the theoretical maxims of cryptographic security is observed where possible, the focus of Dust is on real solutions to real attacks.

This package provides an extract bcrypt from golang.org/x/crypto/bcrypt.

This package implements file encryption according to the https://age-encryption.org/v1 specification. It features small explicit keys, no configuration options, and Unix-style composability. This package provides a command line interface (CLI) tools.

This package implements a functionality for two parties to generate a mutual secret key by using a weak key that is known to both beforehand (e.g. via some other channel of communication). This is a simple API for an implementation of Password-Authenticated Key Exchange. This protocol is derived from Dan Boneh and Victor Shoup's cryptography book (pg 789, PAKE2 protocol).

This package exports a super-isolated elliptic curve. Over the base field 𝔽ₚ, the curve E does not admit any isogenies to other curves.

This package provides extensions to the Go standard library's Ed25519 and curve25519 implementations, primarily extracted from @urlhttps://github.com/oasisprotocol/curve25519-voi,curve25519-voi. This package is intended for interoperability with the standard library and the @urlhttps://filippo.io/edwards25519,edwards25519 package as much as possible.

This package provides a avo vectorized version of BLAKE3 implementation in Golang.