{"id":37348738,"url":"https://github.com/aeondave/cryptonite-go","last_synced_at":"2026-01-16T04:00:51.917Z","repository":{"id":320038125,"uuid":"1080497696","full_name":"AeonDave/cryptonite-go","owner":"AeonDave","description":"Minimal, dependency-free cryptography library in Go","archived":false,"fork":false,"pushed_at":"2025-10-21T16:18:05.000Z","size":227,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-10-21T16:38:26.880Z","etag":null,"topics":["cryptography","cypher","go","purego","tiny"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AeonDave.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-10-21T13:04:00.000Z","updated_at":"2025-10-21T16:03:42.000Z","dependencies_parsed_at":"2025-10-21T16:38:30.114Z","dependency_job_id":null,"html_url":"https://github.com/AeonDave/cryptonite-go","commit_stats":null,"previous_names":["aeondave/cryptonite-go"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/AeonDave/cryptonite-go","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AeonDave%2Fcryptonite-go","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AeonDave%2Fcryptonite-go/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AeonDave%2Fcryptonite-go/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AeonDave%2Fcryptonite-go/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AeonDave","download_url":"https://codeload.github.com/AeonDave/cryptonite-go/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AeonDave%2Fcryptonite-go/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28477206,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T03:13:13.607Z","status":"ssl_error","status_checked_at":"2026-01-16T03:11:47.863Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptography","cypher","go","purego","tiny"],"created_at":"2026-01-16T04:00:29.812Z","updated_at":"2026-01-16T04:00:51.890Z","avatar_url":"https://github.com/AeonDave.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Cryptonite-go\n\n[![CodeQL Advanced](https://github.com/AeonDave/cryptonite-go/actions/workflows/codeql.yml/badge.svg)](https://github.com/AeonDave/cryptonite-go/actions/workflows/codeql.yml)\n[![Go Report Card](https://goreportcard.com/badge/github.com/AeonDave/cryptonite-go)](https://goreportcard.com/report/github.com/AeonDave/cryptonite-go)\n![GitHub License](https://img.shields.io/github/license/AeonDave/cryptonite-go)\n\nModern, ultra-fast, zero-dependency cryptography library for Go 1.22+\nImplemented using only the standard library. Battle-tested primitives, minimal attack surface, ergonomic APIs.\n\n## Overview\n\n- Small and auditable: pure Go, no third-party dependencies.\n- Reduced attack surface: shared, tested internal primitives and minimal cross-package APIs.\n- Consistent, ergonomic interfaces: uniform AEAD, hashing, KDF, signature, and ECDH APIs for easy composition.\n- Practical security defaults: spec-aligned choices, selective zeroisation of sensitive buffers, constant-time behavior where required.\n- Robust test coverage and regression protection: known-answer tests, Wycheproof-inspired suites, and fuzzing harnesses.\n- Interoperability for real-world use: implements widely used constructions without exposing low-level implementation details.\n\n## Requirements\n\n- Go 1.22+\n\n## Installation\n\n```bash\ngo get github.com/AeonDave/cryptonite-go\n```\n\n## Supported Algorithms\n\n### AEAD (Authenticated Encryption)\n- **Mainstream**: AES-GCM, ChaCha20-Poly1305, XChaCha20-Poly1305, AES-GCM-SIV\n- **Lightweight**: ASCON-128a/80pq (NIST winner), Xoodyak, GIFT-COFB, SKINNY, Deoxys-II\n- **Nonce-misuse resistant**: AES-SIV, AES-GCM-SIV\n\n### Hashing \u0026 XOF\n- **Fast**: BLAKE2b/s (742 MB/s), SHA-3 family\n- **Streaming**: SHAKE128/256, BLAKE2 XOF, Xoodyak\n- **Specialized**: TupleHash, ParallelHash (SP 800-185)\n\n### Key Derivation (KDF)\n- **Modern**: HKDF-SHA256/BLAKE2b, Argon2id, scrypt\n- **Password**: PBKDF2-SHA1/SHA256\n\n### MAC \u0026 Stream Ciphers\n- **MAC**: HMAC-SHA256, Poly1305 (3+ GB/s)\n- **Stream**: ChaCha20, XChaCha20, AES-CTR\n\n### Public Key Crypto\n- **Signatures**: Ed25519, ML-DSA-44/65/87 (Dilithium), ECDSA P-256\n- **Key Exchange**: X25519, X448, ECDH P-256/P-384\n- **KEM**: ML-KEM-512/768/1024 (Kyber) via `pq.NewMLKEM*`\n- **Hybrid**: X25519 + ML-KEM builders (`pq.NewHybridX25519MLKEM*`)\n\nFull algorithm matrix with specs:\nSee [docs/ALGORITHMS.md](docs/ALGORITHMS.md)\n\n## API Quick Start\n\n### Authenticated Encryption (ASCON-128a)\n\n```go\npackage main\n\nimport (\n    \"fmt\"\n    \"github.com/AeonDave/cryptonite-go/aead\"\n)\n\nfunc main() {\n    cipher := aead.NewAscon128()\n    key := make([]byte, 16)\n    nonce := make([]byte, 16)\n    \n    ciphertext, _ := cipher.Encrypt(key, nonce, []byte(\"header\"), []byte(\"secret data\"))\n    plaintext, _ := cipher.Decrypt(key, nonce, []byte(\"header\"), ciphertext)\n    \n    fmt.Println(string(plaintext)) // \"secret data\"\n}\n```\n\n### Hashing (BLAKE2b)\n\n```go\nimport \"github.com/AeonDave/cryptonite-go/hash\"\n\nhasher := hash.NewBlake2bHasher()\ndigest := hasher.Hash([]byte(\"hello world\"))\nfmt.Printf(\"%x\\n\", digest)\n```\n\n### Key Exchange (X25519 / X448)\n\n```go\nimport \"github.com/AeonDave/cryptonite-go/ecdh\"\n\nx25519 := ecdh.NewX25519()\nx448 := ecdh.NewX448()\nalicePriv, _ := x25519.GenerateKey()\nbobPriv, _ := x25519.GenerateKey()\n\naliceShared, _ := x25519.SharedSecret(alicePriv, bobPriv.PublicKey())\nbobShared, _ := x25519.SharedSecret(bobPriv, alicePriv.PublicKey())\n// aliceShared == bobShared\n\n// X448 exposes the same API for higher security deployments.\nalice448, _ := x448.GenerateKey()\nbob448, _ := x448.GenerateKey()\nshared448, _ := x448.SharedSecret(alice448, bob448.PublicKey())\n```\n\n### Digital Signatures (Ed25519)\n\n```go\nimport \"github.com/AeonDave/cryptonite-go/sig\"\n\npub, priv, _ := sig.GenerateKey()\nsignature := sig.Sign(priv, []byte(\"message\"))\nvalid := sig.Verify(pub, []byte(\"message\"), signature)\n```\n\n### Post-Quantum Signatures (ML-DSA-44 / Dilithium-2)\n\n```go\nimport \"github.com/AeonDave/cryptonite-go/sig\"\n\nscheme := sig.NewMLDSA44()\npub, priv, _ := scheme.GenerateKey()\nsignature, _ := scheme.Sign(priv, []byte(\"message\"))\nvalid := scheme.Verify(pub, []byte(\"message\"), signature)\n```\n\nFor deterministic signing (useful for KAT/interop), replace `sig.NewMLDSA44()` with `sig.NewDeterministicMLDSA44()` or\nderive keys from a fixed 32-byte seed via `sig.GenerateDeterministicKeyMLDSA44(seed)`.\n\n### Post-Quantum KEM (ML-KEM-768 / Kyber-768)\n\n```go\nimport \"github.com/AeonDave/cryptonite-go/pq\"\n\nkem := pq.NewMLKEM768()\npk, sk, _ := kem.GenerateKey()\nciphertext, shared1, _ := kem.Encapsulate(pk)\nshared2, _ := kem.Decapsulate(sk, ciphertext)\n// shared1 == shared2\n\nhybrid := pq.NewHybridX25519MLKEM768()\nhybridPK, hybridSK, _ := hybrid.GenerateKey()\nct, combined, _ := hybrid.Encapsulate(hybridPK)\nrecovered, _ := hybrid.Decapsulate(hybridSK, ct)\n// combined == recovered\n```\n\n## Running tests\n\n- All tests: `go test ./...`\n- With race detector: `go test -race ./...`\n- ML-KEM / ML-DSA KATs: `go test ./test/pq -run TestMLKEMKAT` and `go test ./test/sig -run TestMLDSAKAT`\n\nTests include KAT suites for ASCON, Xoodyak, ChaCha20‑Poly1305, AES-GCM-SIV, and AES-SIV (RFC 5297), plus tamper checks\non tags and ciphertext.\n\n## Benchmarks\n\n**Benchmark environment**: AMD Ryzen 7, Go 1.22+, `-benchmem`\n\n| Category   | Algorithm         | Throughput | Allocs/op | B/op |\n|------------|-------------------|------------|-----------|------|\n| **AEAD**   | AES-GCM (AES-NI)  | 1513 MB/s  | 3         | 2432 |\n|            | ChaCha20-Poly1305 | 167 MB/s   | 3         | 2192 |\n|            | ASCON-128a        | 232 MB/s   | 3         | 2192 |\n| **Hash**   | BLAKE2b-512       | 784 MB/s   | 2         | 448  |\n|            | SHA3-256          | 444 MB/s   | 1         | 32   |\n| **MAC**    | Poly1305          | 3019 MB/s  | 4         | 176  |\n| **Stream** | ChaCha20          | 218 MB/s   | 0         | 0    |\n| **Sig**    | Ed25519 Sign      | 50 MB/s    | 2         | 128  |\n|            | Ed25519 Verify    | 24 MB/s    | 0         | 0    |\n| **ECDH**   | X25519            | 0.75 MB/s  | 1         | 32   |\n\n**Highlights**:\n- Zero allocations on hot paths (AES, ChaCha20, signature verify)\n- Hardware acceleration (AES-NI) when available\n- Competitive with specialized C libraries\n\nThese commands exercise the encryption/decryption, hashing, KDF, MAC, stream,\nblock, signature, ECDH, HPKE, post-quantum, and secret-management benchmarks\nadded alongside the existing test vectors.\n\nSymmetric protection remains classical (AEAD); only the key agreement layer is\nmade hybrid/PQ-ready following the recommendations from\n[draft-ietf-tls-hybrid-design](https://datatracker.ietf.org/doc/html/draft-ietf-tls-hybrid-design-05).\n\n**Full benchmarks**: [benchmark.md](benchmark.md)\nRun locally:\n\n```bash\ngo test ./test/... -bench=. -benchmem\n\n# Focused ML-KEM profiling\ngo test ./test/pq -bench=BenchmarkMLKEM -benchmem\n```\nOn Windows PowerShell, quote the empty test pattern with double quotes:\n\n```powershell\ngo test ./test/... -run=\"^$\" -bench . -benchmem -count=1\n```\n\n## Security\n\n### Guarantees\n- Constant-time operations where required (Poly1305, X25519, Ed25519)\n- Automatic key/nonce zeroization via `secret` package helpers\n- Wycheproof test vectors + fuzzing harnesses\n- No CGO → reduced supply chain risk\n\n### Limitations\n- **This library has NOT been independently audited.** Even though it is deployed in production, perform thorough internal review and threat modeling before upgrading or integrating it into new systems.\n- **Nonce management**: Caller responsible for uniqueness (use `secret.NewNonce()` or counters)\n- **Side channels**: Best-effort mitigation; validate in your threat model\n- **Algorithm selection**: Some primitives are experimental (e.g., GIFT-COFB) – prefer mainstream options (AES-GCM, ChaCha20) unless you need specific properties\n\n### Reporting Issues\nSecurity vulnerabilities: open a private advisory via GitHub.  \nSee [SECURITY.md](SECURITY.md) for full policy.\n\n## Documentation\n\n- **API Docs**: [pkg.go.dev/github.com/AeonDave/cryptonite-go](https://pkg.go.dev/github.com/AeonDave/cryptonite-go)\n- **Guides**:\n  - [Algorithm Matrix](docs/ALGORITHMS.md) – full specs \u0026 references\n  - [Nonce Management](docs/NONCE_MANAGEMENT.md) – avoid reuse, counters, random generation\n  - [HPKE Usage](docs/HPKE.md) – hybrid public key encryption\n  - [Post-Quantum](docs/PQ.md) – hybrid X25519+ML-KEM guide\n  - [Interoperability](docs/INTEROP.md) – wire formats, encodings, gotchas\n- **Testing**: [docs/TESTING.md](docs/TESTING.md) – KAT, fuzzing, adding test vectors\n\n## Contributing\n\nContributions welcome! Please:\n\n1. **Run tests**: `go test -race ./...`\n2. **Check formatting**: `go fmt ./...` + `golangci-lint run`\n3. **Add vectors**: Include KAT for new algorithms (see [CONTRIBUTING.md](CONTRIBUTING.md))\n4. **Benchmark**: `go test ./test/... -bench=YourFunc -benchmem`\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for full guidelines.\n\n## License\n\nMIT – see [LICENSE](LICENSE)\n\n\n**If you find this useful, star the repo!** | Questions? Open an [issue](https://github.com/AeonDave/cryptonite-go/issues).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faeondave%2Fcryptonite-go","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faeondave%2Fcryptonite-go","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faeondave%2Fcryptonite-go/lists"}