crypto package - crypto - Go Packages

Path Synopsis Package aes implements AES encryption (formerly Rijndael), as defined in U.S. Federal Information Processing Standards Publication 197. Package cipher implements standard block cipher modes that can be wrapped around low-level block cipher implementations. Package des implements the Data Encryption Standard (DES) and the Triple Data Encryption Algorithm (TDEA) as defined in U.S. Federal Information Processing Standards Publication 46-3. Package dsa implements the Digital Signature Algorithm, as defined in FIPS 186-3. Package ecdh implements Elliptic Curve Diffie-Hellman over NIST curves and Curve25519. Package ecdsa implements the Elliptic Curve Digital Signature Algorithm, as defined in [FIPS 186-5]. Package ed25519 implements the Ed25519 signature algorithm. Package elliptic implements the standard NIST P-224, P-256, P-384, and P-521 elliptic curves over prime fields. Package fips140 provides information about the FIPS 140-3 Go Cryptographic Module and FIPS 140-3 mode. Package hkdf implements the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC 5869. Package hmac implements the Keyed-Hash Message Authentication Code (HMAC) as defined in U.S. Federal Information Processing Standards Publication 198. Package hpke implements Hybrid Public Key Encryption (HPKE) as defined in [RFC 9180]. Package boring provides access to BoringCrypto implementation functions. Package bcache implements a GC-friendly cache (see Cache) for BoringCrypto. Package sig holds “code signatures” that can be called and will result in certain code sequences being linked into the final binary. Package entropy provides the passive entropy source for the FIPS 140-3 module. Package entropy implements a CPU jitter-based SP 800-90B entropy source. Package alias implements memory aliasing tests. Package check implements the FIPS 140 load-time code+data verification. Package checktest defines some code and data for use in the crypto/internal/fips140/check test. Package drbg provides cryptographically secure random bytes usable by FIPS code. Package edwards25519 implements group logic for the twisted Edwards curve Package field implements fast arithmetic modulo 2^255-19. Package hmac implements HMAC according to [FIPS 198-1]. Package mlkem implements the quantum-resistant key encapsulation method ML-KEM (formerly known as Kyber), as specified in [NIST FIPS 203]. Package nistec implements the elliptic curves from NIST SP 800-186. Package sha256 implements the SHA-224 and SHA-256 hash algorithms as defined in FIPS 180-4. Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length functions defined by [FIPS 202], as well as the cSHAKE extendable-output-length functions defined by [SP 800-185]. Package sha512 implements the SHA-384, SHA-512, SHA-512/224, and SHA-512/256 hash algorithms as defined in FIPS 180-4. Package ssh implements the SSH KDF as specified in RFC 4253, Section 7.2 and allowed by SP 800-135 Revision 1. Package tls13 implements the TLS 1.3 Key Schedule as specified in RFC 8446, Section 7.1 and allowed by FIPS 140-3 IG 2.4.B Resolution 7. Package fips140cache provides a weak map that associates the lifetime of values with the lifetime of keys. Package fipsdeps contains wrapper packages for internal APIs that are exposed to the FIPS module. Package impl is a registry of alternative implementations of cryptographic primitives, to allow selecting them for testing. Package randutil contains internal randomness utilities for various crypto packages. Package rand provides cryptographically secure random bytes from the operating system. Package md5 implements the MD5 hash algorithm as defined in RFC 1321. Package mlkem implements the quantum-resistant key encapsulation method ML-KEM (formerly known as Kyber), as specified in [NIST FIPS 203]. Package mlkemtest provides testing functions for the ML-KEM algorithm. Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC 8018 (PKCS #5 v2.1). Package rand implements a cryptographically secure random number generator. Package rc4 implements RC4 encryption, as defined in Bruce Schneier's Applied Cryptography. Package rsa implements RSA encryption as specified in PKCS #1 and RFC 8017. Package sha1 implements the SHA-1 hash algorithm as defined in RFC 3174. Package sha256 implements the SHA224 and SHA256 hash algorithms as defined in FIPS 180-4. Package sha3 implements the SHA-3 hash algorithms and the SHAKE extendable output functions defined in FIPS 202. Package sha512 implements the SHA-384, SHA-512, SHA-512/224, and SHA-512/256 hash algorithms as defined in FIPS 180-4. Package subtle implements functions that are often useful in cryptographic code but require careful thought to use correctly. Package tls partially implements TLS 1.2, as specified in RFC 5246, and TLS 1.3, as specified in RFC 8446. Package fips140tls controls whether crypto/tls requires FIPS-approved settings. Package x509 implements a subset of the X.509 standard. Package macos provides cgo-less wrappers for Core Foundation and Security.framework, similarly to how package syscall provides access to libSystem.dylib. Package pkix contains shared, low level structures used for ASN.1 parsing and serialization of X.509 certificates, CRL and OCSP.