Go-dongle version 0.2.4 was released, better encoding&decoding and encryption&decryption for golang

Dongle is a simple, semantic and developer-friendly golang package for encoding&decoding and encryption&decryption

Dongle has been included by awesome-go , if you think
it is helpful, please give me a star

github.com/golang-module/dongle

Change log
  • Add support for base45 encoding and decoding
  • Add support for blake2b-256, blake2b-384, blake2b-512 hash encryption
  • Add support for blake2s-256 hash encryption
  • Add support for more than 117 bytes long plaintext encryption and decryption by rsa

Feature list

  • [x] Encoding and decoding by Hex
  • [x] Encoding and decoding by Base16
  • [x] Encoding and decoding by Base32
  • [x] Encoding and decoding by Base45
  • [x] Encoding and decoding by Base58
  • [x] Encoding and decoding by Base62
  • [x] Encoding and decoding by Base64
  • [x] Encoding and decoding by Base64URL
  • [x] Encoding and decoding by SafeURL
  • [x] Encoding and decoding by Base85
  • [x] Encoding and decoding by Base91
  • [x] Encoding and decoding by Base100
  • [x] Encoding and decoding by Morse
  • [x] Encryption by Md2
  • [x] Encryption by Md4
  • [x] Encryption by Md5
  • [x] Encryption by Sha1
  • [x] Encryption by Sha3-224
  • [x] Encryption by Sha3-256
  • [x] Encryption by Sha3-384
  • [x] Encryption by Sha3-512
  • [x] Encryption by Sha224
  • [x] Encryption by Sha256
  • [x] Encryption by Sha384
  • [x] Encryption by Sha512
  • [x] Encryption by Sha512-224
  • [x] Encryption by Sha512-256
  • [x] Encryption by Shake128
  • [x] Encryption by Shake256
  • [x] Encryption by Ripemd160
  • [x] Encryption by Blake2b-256
  • [x] Encryption by Blake2b-384
  • [x] Encryption by Blake2b-512
  • [x] Encryption by Blake2s-256
  • [x] Encryption by Hmac-md2
  • [x] Encryption by Hmac-md4
  • [x] Encryption by Hmac-md5
  • [x] Encryption by Hmac-sha1
  • [x] Encryption by Hmac-sha3-224
  • [x] Encryption by Hmac-sha3-256
  • [x] Encryption by Hmac-sha3-384
  • [x] Encryption by Hmac-sha3-512
  • [x] Encryption by Hmac-sha224
  • [x] Encryption by Hmac-sha256
  • [x] Encryption by Hmac-sha384
  • [x] Encryption by Hmac-sha512
  • [x] Encryption by Hmac-sha512-224
  • [x] Encryption by Hmac-sha512-256
  • [x] Encryption by Hmac-ripemd160
  • [x] Encryption by Hmac-sm3
  • [ ] Encryption and decryption by Rc2
  • [x] Encryption and decryption by Rc4
  • [ ] Encryption and decryption by Rc5
  • [ ] Encryption and decryption by Rc6
  • [x] Encryption and decryption by Tea
  • [ ] Encryption and decryption by Xtea
  • [x] Encryption and decryption by Aes
  • [x] Encryption and decryption by Blowfish
  • [x] Encryption and decryption by Des
  • [x] Encryption and decryption by 3Des
  • [x] Encryption and decryption by Rsa
  • [ ] Encryption and decryption by Ecc
  • [ ] Encryption and decryption by Sm2
  • [x] Encryption by Sm3
  • [ ] Encryption and decryption by Sm4
  • [ ] Encryption and decryption by Sm7
  • [ ] Encryption and decryption by Sm9
  • [x] Sign and verify by Bcrypt
  • [x] Sign and verify by Ed25519
  • [x] Sign and verify by Rsa
  • [ ] Sign and verify by Dsa

Hi @gouguoyin, please re-word the above as “hasher” not “encryption”. By themselves alone are insufficient to perform encryption.

Although one-way hashing outputs look similarly to encryption output, they are not the same. Also HMAC has to work with other real encryption cipher in order to be qualified as encryption known as AEAD (e.g. AES128_CTR_HMAC_SHA256).

Also, these ciphers and hashers are not “lego” bricks where you can stack/integrate one another in a modular manner without deep understanding of their algorithms. Please don’t present it that way.

As far as I had reviewed your repository, it’s enough to raise security vulnerability against its entirety. Please make sure you hired a qualified cryptographer mentor when building such abstraction layer and have secured sufficient funding for external security audits as your 1ST STEP. Otherwise, I strongly suggest you delete the repo and recommend established projects like Google’s Tink Project instead (GitHub - google/tink: Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.).

Rules No.1 in cryptography is NEVER invent your own cipher OR re-invent a cipher. Sorry for the harshness. I do take security very seriously especially for your case (lack-of-cryptography-education, misled).

Peace.

Site-note: Don’t worry, I still support your projects. This one has to go. You already stepped on a few land mines.

2 Likes

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.