{"id":37111420,"url":"https://github.com/ericlagergren/aegis","last_synced_at":"2026-01-14T13:12:28.774Z","repository":{"id":40456603,"uuid":"443216000","full_name":"ericlagergren/aegis","owner":"ericlagergren","description":"Implementation of https://www.ietf.org/archive/id/draft-denis-aegis-aead-00.html / https://competitions.cr.yp.to/round3/aegisv11.pdf","archived":false,"fork":false,"pushed_at":"2023-03-12T19:59:28.000Z","size":112,"stargazers_count":9,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-11-14T21:41:55.805Z","etag":null,"topics":["aead","aegis","golang","ietf"],"latest_commit_sha":null,"homepage":"","language":"Assembly","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ericlagergren.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-12-31T00:36:58.000Z","updated_at":"2024-10-30T08:51:56.000Z","dependencies_parsed_at":"2024-06-19T05:32:20.805Z","dependency_job_id":"de9cf939-8911-44ec-b361-9b1755bcb908","html_url":"https://github.com/ericlagergren/aegis","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ericlagergren/aegis","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericlagergren%2Faegis","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericlagergren%2Faegis/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericlagergren%2Faegis/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericlagergren%2Faegis/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ericlagergren","download_url":"https://codeload.github.com/ericlagergren/aegis/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericlagergren%2Faegis/sbom","scorecard":{"id":380464,"data":{"date":"2025-08-11","repo":{"name":"github.com/ericlagergren/aegis","commit":"cd0defd64358dcf6a98894ef68b626c4476a99c3"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.8,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/go.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":1,"reason":"Found 2/17 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/ericlagergren/aegis/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/ericlagergren/aegis/go.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/go.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/ericlagergren/aegis/go.yml/main?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: BSD 2-Clause \"Simplified\" License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2022-0493 / GHSA-p782-xgp4-8hr8"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 21 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-18T15:19:33.324Z","repository_id":40456603,"created_at":"2025-08-18T15:19:33.324Z","updated_at":"2025-08-18T15:19:33.324Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28420854,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T10:47:48.104Z","status":"ssl_error","status_checked_at":"2026-01-14T10:46:19.031Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aead","aegis","golang","ietf"],"created_at":"2026-01-14T13:12:28.202Z","updated_at":"2026-01-14T13:12:28.754Z","avatar_url":"https://github.com/ericlagergren.png","language":"Assembly","funding_links":[],"categories":[],"sub_categories":[],"readme":"# aegis\n\n[![Go Reference](https://pkg.go.dev/badge/github.com/ericlagergren/aegis.svg)](https://pkg.go.dev/github.com/ericlagergren/aegis)\n\nThis module implements the AEGIS-128L and AEGIS-256 AEAD\nalgorithms.\n\nSee https://competitions.cr.yp.to/round3/aegisv11.pdf or \nhttps://www.ietf.org/archive/id/draft-denis-aegis-aead-00.html\nfor more information.\n\n## Installation\n\n```bash\ngo get github.com/ericlagergren/aegis@latest\n```\n\n## Usage\n\nThe APIs conform to Go's `crypto/cipher` package. Note that the\nfollowing example is not a substitute for reading the package\ndocumentation.\n\n```go\npackage main\n\nimport (\n\t\"crypto/rand\"\n\n\t\"github.com/ericlagergren/aegis\"\n)\n\nfunc main() {\n\tkey := make([]byte, aegis.KeySize128L)\n\tif _, err := rand.Read(key); err != nil {\n\t\t// rand.Read failing is almost always catastrophic.\n\t\tpanic(err)\n\t}\n\n\tnonce := make([]byte, aegis.NonceSize128L)\n\tif _, err := rand.Read(nonce); err != nil {\n\t\t// rand.Read failing is almost always catastrophic.\n\t\tpanic(err)\n\t}\n\n\taead, err := aegis.New(key)\n\tif err != nil {\n\t\t// New will only return an error if the key is an invalid\n\t\t// length.\n\t\tpanic(err)\n\t}\n\n\t// Plaintext is encrypted and authenticated.\n\tplaintext := []byte(\"example plaintext\")\n\n\t// Additional data is authenticated alongside the plaintext,\n\t// but not included in the ciphertext.\n\tadditionalData := []byte(\"example additional authenticated data\")\n\n\t// Encrypt and authenticate |plaintext| and authenticate\n\t// |additionalData|.\n\tciphertext := aead.Seal(nil, nonce, plaintext, additionalData)\n\n\t// Decrypt and authentiate |ciphertext| and authenticate\n\t// |additionalData|.\n\tplaintext, err = aead.Open(nil, nonce, ciphertext, additionalData)\n\tif err != nil {\n\t\t// Authentication failed. Either the ciphertext or\n\t\t// additionalData (or both) were invalid for the \n\t\t// (key, nonce) pair.\n\t\t[...]\n\t}\n}\n```\n\n## Performance\n\nThe x86-64 and ARMv8 assembly implementations run at 0.3 and 0.4\ncycles per byte, respectively. The x86-64 implementation requires\nSSE4.1 and AES instructions. The ARMv8 implementation requires\nNEON and AES instructions.\n\nThe default pure Go implementation will be selected if the CPU\ndoes not support either assembly implementation. (This \nimplementation can also be selected with the `purego` build tag.) \nIt is much slower at around 5.6 cycles per byte.\n\nNote also that the pure Go implementation uses S-boxes and leaks\ncache timing information. See golang.org/issues/13795 for more\ninformation.\n\n## Security\n\n### Disclosure\n\nThis project uses full disclosure. If you find a security bug in\nan implementation, please e-mail me or create a GitHub issue.\n\n### Disclaimer\n\nYou should only use cryptography libraries that have been\nreviewed by cryptographers or cryptography engineers. While I am\na cryptography engineer, I'm not your cryptography engineer, and\nI have not had this project reviewed by any other cryptographers.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fericlagergren%2Faegis","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fericlagergren%2Faegis","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fericlagergren%2Faegis/lists"}