Easy to use encryption library for Go



EncryptedBox is an easy to use module for Go that can encrypt or sign any type of data. It is especially useful when you must serialize your structured data before encrypting or signing it.

There are a number of examples provided in this repo, which should make it easy to understand how to use this library.

How it works

EncryptedBox provides a Cipher component which can be configured to encrypt and decrypt data using an easy to understand pipeline which includes serial and deserialization. Alternatively, it can also sign and verify data.

  1. Serialize structured data to raw binary data
  2. (Optional) Compress the binary data
  3. Encrypt or Sign
  4. (Optional) Encode encrypted data or signature as a string

The inverse steps must be done in reverse order when decrypting. Encryptedbox allows you fit these pieces together in a way where the implementation for any of the steps can be easily changed to suit your needs.


Encryption works on binary data, so the first step to encrypt anything is to turn it into a stream of bytes.

encryptedbox can work with easily with Go data structures by serializing them into JSON. You can also use other provided serializers or create your own to pack your structs into binary more efficiently.


Encrypted data appears random, and so compression is no longer possible. If the data is compressible and you want to compress it, you should do it before encryption.

* Note in some circumstances, compressing data can cause information to be leaked, especially if an attacker can control part of the message being compressed. See for instance CRIME (Compression Ratio Info-leak Made Easy).

Encrypt or Sign

EncryptedBox includes components for encrypting with AES for private key encryption and RSA for public key encryption. It also includes components for HMAC-SHA for symmetric signatures and RSA signing for asymmetric signatures.

The library chooses reasonably safe defaults out of the box:

  • the same plaintext will produce different ciphertext each time it is run
  • you can encrypt as many blocks as you want

Encode encrypted data or signature as a string

It is common the encrypted payload will need to be encoded into a safe format in order to be transmitted in different contexts, such as a query parameter. At the expense of the message size, encryptedbox has two convenience functions to make this easier, Cipher.EncryptToString() and Cipher.DecryptString(). The encoding used by this function can be changed if you are unhappy with the default of base64.RawURLEncoding.


The most basic example that can be contrived is the following snippet, which encrypts and decrypts "Hello world!"

key, _ := aesutil.NewKey256()
cipher, _ := encryptedbox.NewAESCipher(key)

ciphertext, _ := cipher.Encrypt("Hello world!")

var decrypted string
_ = cipher.Decrypt(ciphertext, &decrypted)


There are several more examples located in the examples directory.

Jesse Swidler
Senior Software Engineer at AKASA
Jesse Swidler
A super easy file encryption utility written in go and under 800kb

filecrypt A super easy to use file encryption utility written in golang ⚠ Help Wanted on porting filecrypt to other programing languages NOTE: if you

Flew Software 75 Nov 5, 2021
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

Filippo Valsorda 9.7k Jan 15, 2022
The minilock file encryption system, ported to pure Golang. Includes CLI utilities.

Go-miniLock A pure-Go reimplementation of the miniLock asymmetric encryption system. by Cathal Garvey, Copyright Oct. 2015, proudly licensed under the

Cathal Garvey 173 May 11, 2021
DERO Homomorphic Encryption Blockchain Protocol

Homomorphic encryption is a form of encryption allowing one to perform calculations on encrypted data without decrypting it first. The result of the computation is in an encrypted form, when decrypted the output is the same as if the operations had been performed on the unencrypted data.

null 47 Jan 13, 2022
Sekura is an Encryption tool that's heavily inspired by the Rubberhose file system.

It allows for multiple, independent file systems on a single disk whose existence can only be verified if you posses the correct password.

null 49 Nov 18, 2021
A document encryption solution for the reMarkable 2 ePaper tablet.

Remarkable 2 Encryption This repository contains multiple tools to encrypt the home folder of the reMarkable 2 epaper tablet using gocryptfs. Detailed

RedTeam Pentesting GmbH 22 Nov 11, 2021
Encryption Abstraction Layer and Utilities for ratnet

What is Bencrypt? Bencrypt is an abstraction layer for cryptosystems in Go, that lets applications use hybrid cryptosystems without being coupled to t

null 17 Dec 15, 2021
Go implementation of the Data At Rest Encryption (DARE) format.

Secure IO Go implementation of the Data At Rest Encryption (DARE) format. Introduction It is a common problem to store data securely - especially on u

Object Storage for the Era of the Hybrid Cloud 278 Jan 3, 2022
A simple, semantic and developer-friendly golang package for encoding&decoding and encryption&decryption

A simple, semantic and developer-friendly golang package for encoding&decoding and encryption&decryption

null 69 Jan 6, 2022
Encryption & Decryption package for golang

encdec Encryption & Decryption package for golang func main() { startingTime := time.Now() privKey, pubKey := GenerateRsaKeyPair() fmt.Println("Priva

MD MOSTAIN BILLAH 3 Aug 27, 2021
A tool for secrets management, encryption as a service, and privileged access management

Deploy HCP Vault & AWS Transit Gateways via Terraform https://medium.com/hashicorp-engineering/deploying-hcp-vault-using-the-hcp-terraform-provider-5e

Temur Yunusov 0 Nov 23, 2021
TTAK.KO-12.0223 Lightweight Encryption Algorithm with Galois/Counter Mode (LEA-GCM)

LEACrypt The Lightweight Encryption Algorithm (also known as LEA) is a 128-bit block cipher developed by South Korea in 2013 to provide confidentialit

Pedro F. Albanese 0 Dec 28, 2021
Functional encryption for images

ImageFE Functional encryption for images. Introduction In the traditional cryptography framework, a decryptor either recovers the entire plaintext fro

null 2 Dec 5, 2021
Attempts to make attribute based encryption work, particularly trying out bn256 pairing curve

EC Pairings over bn256 This is an attempt to solve the core problem of attribute based encryption, where the goal is to be able to use CA-issued attri

Robert Fielding 1 Jan 5, 2022
Go Encrypt! Is a simple command-line encryption and decryption application using AES-256 GCM.

Go Encrypt! Go Encrypt! is a command-line application used to easily encrypt and decrypt files with the AES-256 GCM encryption algorithm. Usage Usage

Peter Georgas 0 Jan 5, 2022
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Cossack Labs 1.4k Jan 11, 2022
A golang library to use aes encrypt easier.

Aes a golang library to use aes encrypt easier. Install go get github.com/hanson/aes Document import import github.com/hanson/aes CBC orig := "hello

null 2 Dec 3, 2021
Cross-platform application for easy encrypted sharing of files, folders, and text between devices.

wormhole-gui Wormhole-gui is a cross-platform application that lets you easily share files, folders and text between devices. It uses the Go implement

Jacob 538 Dec 30, 2021
An easy tool to apply transactions to the current EVM state. Optimized for MEV.

sibyl A more embedded version of fxfactorial/run-evm-code. This tool makes it easy to apply transactions to the current EVM state. Call it a transacti

Dialectic 38 Jan 13, 2022