libxcrypt is a modern library for one-way hashing of passwords. It supports a wide variety of both modern and historical hashing methods: yescrypt, gost-yescrypt, scrypt, bcrypt, sha512crypt, sha256crypt, md5crypt, SunMD5, sha1crypt, NT, bsdicrypt, bigcrypt, and descrypt.

The Olm library implements the Double Ratchet cryptographic ratchet. It is written in C and C++11, and exposed as a C API.

DigiDoc is an XML file format for documents with digital signatures used by the Estonian ID card infrastructure. This library allows for creation and reading of DigiDoc files.

This package provides a simple password-based encryption utility as a demonstration of the scrypt key derivation function. Scrypt is designed to be far more resistant against hardware brute-force attacks than alternative functions such as PBKDF2 or bcrypt.

The currently provided message digest algorithms are:

• MD2

• MD4

• MD5

• RIPEMD-160

• SHA-1

• SHA-2 (SHA-256, SHA-384 and SHA-512)

Crypto++ is a C++ class library of cryptographic schemes.

Keychain is usually run from shell profiles like ~/.bash_profile, but it is also possible to use it with non-interactive shells. It works with various operating systems (including GNU/Linux and HURD) and shells (like bourne-compatible, csh-compatible and fish shells). By default Keychain will only start ssh-agent, but it can also be configured to start gpg-agent.

ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a fast pseudo-random number generator. It is suitable for applications where a significant amount of random data needs to be produced quickly, such as solving using the Monte Carlo method or for games. The results are uniformly distributed, unbiased, and unpredictable unless you know the seed.

This package provides a Perl interface to the ISAAC pseudo random number generator.

libscrypt implements scrypt key derivation function. It is designed to be far more secure against hardware brute-force attacks than alternative functions such as PBKDF2 or bcrypt.

stoken is a token code generator compatible with RSA SecurID 128-bit (AES) tokens. This package contains a standalone command-line program that allows for importing token seeds, generating token codes, and various utility/testing functions.

Optimized C library for EC operations on curve secp256k1.

Features:

• secp256k1 ECDSA signing/verification and key generation.

• Additive and multiplicative tweaking of secret/public keys.

• Serialization/parsing of private keys, public keys, signatures.

• Constant time, constant memory access signing and public key generation.

• Derandomized ECDSA (via RFC6979 or with a caller provided function.)

• Very efficient implementation.

• Suitable for embedded systems.

• No runtime dependencies.

• Optional module for public key recovery.

• Optional module for ECDH key exchange.

• Optional module for Schnorr signatures according to BIP-340.

This module provides implementations for a number of byte-oriented sources of random data.

This module is intended to provide a cryptographically-secure replacement for Perl's built-in rand function. "Cryptographically secure", in this case, means:

1. No matter how many numbers you see generated by the random number generator, you cannot guess the future numbers, and you cannot guess the seed.

2. There are so many possible seeds that it would take decades, centuries, or millennia for an attacker to try them all.

3. The seed comes from a source that generates relatively strong random data on your platform, so the seed itself will be as random as possible.

The signify utility creates and verifies cryptographic signatures using the elliptic curve Ed25519. This is a Linux port of the OpenBSD tool of the same name.

Keyutils is a set of utilities for managing the key retention facility in the Linux kernel, which can be used by file systems, block devices, and more to gain and retain the authorization and encryption keys required to perform secure operations.

Transcrypt is a script to configure transparent encryption of sensitive files stored in a Git repository. Files that you choose will be automatically encrypted when you commit them, and automatically decrypted when you check them out. The process will degrade gracefully, so even people without your encryption password can safely commit changes to the repository's non-encrypted files.

This package provides b3sum, a command line checksum tool based on the BLAKE3 cryptographic hash function.

Optimized C library for cryptographic operations on curve secp256k1.

This library is used for consensus critical cryptographic operations on the Bitcoin Cash network.

Features:

• secp256k1 ECDSA signing/verification and key generation.

• secp256k1 Schnorr signing/verification (Bitcoin Cash Schnorr variant).

• Additive and multiplicative tweaking of secret/public keys.

• Serialization/parsing of secret keys, public keys, signatures.

• Constant time, constant memory access signing and pubkey generation.

• Derandomized ECDSA (via RFC6979 or with a caller provided function).

• Very efficient implementation.

• Suitable for embedded systems.

• Optional module for public key recovery.

• Optional module for ECDH key exchange (experimental).

• Optional module for multiset hash (experimental).

The libdecaf library is an implementation of elliptic curve cryptography using the Montgomery and Edwards curves Curve25519, Ed25519, Ed448-Goldilocks and Curve448, using the Decaf encoding.

Asignify offers public cryptographic signatures and encryption with a library or a command-line tool. The tool is heavily inspired by signify as used in OpenBSD. The main goal of this project is to define a high level API for signing files, validating signatures and encrypting using public-key cryptography. Asignify is designed to be portable and self-contained with zero external dependencies. Asignify can verify OpenBSD signatures, but it cannot sign messages in OpenBSD format yet.

The Olm library implements the Double Ratchet cryptographic ratchet. It is written in C and C++11, and exposed as a C API.

This package provides architecture-specific implementations of the CRC32C algorithm, which is specified in RFC 3720, section 12.1.

The Olm library implements the Double Ratchet cryptographic ratchet. This package contains its Python bindings.

BLAKE2 is a cryptographic hash function faster than MD5, SHA-1, SHA-2, and SHA-3, yet is at least as secure as SHA-3.