30 open-source projects similar to weidai11/cryptopp, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Cryptopp alternative.
phpseclib is a pure-PHP cryptographic library that provides a comprehensive suite of cryptographic operations entirely without requiring compiled C extensions. At its core, it implements arbitrary-precision integer arithmetic for big-number math, ASN.1 DER encoding and decoding for working with cryptographic data structures, and a full set of pure-PHP cryptographic primitives. The library is designed to operate on PHP 5.6 and above, automatically detecting and using native extensions like GMP or BCMath when available, but falling back to its own pure-PHP implementations when they are not. The
CryptoSwift is a cryptography library implemented entirely in the Swift programming language. It provides a collection of standard cryptographic algorithms for encryption, decryption, and hashing without relying on native C libraries or system frameworks. The library supports symmetric and asymmetric encryption, including RSA key generation and signature management. It features authenticated encryption schemes and the ability to generate cryptographic digests for data integrity verification. The toolset covers message authentication codes, secure key derivation from passwords, and data paddi
GmSSL is an open-source cryptographic library that implements the Chinese national cryptographic standards SM2, SM3, SM4, SM9, and ZUC as a unified algorithm suite. It provides a comprehensive set of cryptographic primitives including symmetric and asymmetric encryption, digital signatures, hashing, and key exchange, all built around these national standards for government and enterprise security applications. The library distinguishes itself through several integration capabilities. It includes an OpenSSL compatibility layer that maps GmSSL functions to OpenSSL API calls, enabling drop-in re
Mbed TLS is an open-source TLS and DTLS library with a small footprint, designed for embedded systems and IoT devices. It provides a portable cryptographic library that includes symmetric ciphers, hashing, and public-key cryptography, along with a reference implementation of the PSA Cryptography API for standardized cryptographic operations across platforms. The library also offers X.509 certificate management for parsing, validating, and managing certificate chains in secure communications. The library is built around a platform abstraction layer that decouples it from OS-specific services t
Libsodium is a portable, C-based cryptographic library that provides a collection of modern primitives for encryption, decryption, digital signatures, password hashing, and secure key exchange. It is designed to facilitate secure communication and data integrity across diverse hardware architectures and operating systems. The library distinguishes itself by utilizing constant-time primitive execution to prevent side-channel attacks and employing memory-hard algorithms to increase the difficulty of brute-force password attacks. It abstracts complex mathematical operations into simplified inter
pysheeet is a technical reference library providing a curated collection of code snippets and implementation patterns for advanced Python development, system integration, and high-performance computing. It serves as a comprehensive guide for implementing low-level network programming, native C extensions, and asynchronous and concurrent programming. The project provides specialized frameworks for the development and deployment of large language models, including tools for distributed GPU inference and high-performance serving. It also includes detailed patterns for high-performance computing
tiny-AES-c is a lightweight C language cryptography library that provides a symmetric cipher implementation of the Advanced Encryption Standard. It functions as a portable set of functions for encrypting and decrypting data using a shared secret key. The library is designed for embedded system security, enabling cryptographic operations on hardware with limited memory and processing power. It provides these capabilities without relying on large external dependencies. The implementation utilizes a standard C library approach, employing table-based substitution and in-place buffer mutation to
git-crypt is a transparent cryptography layer and secret manager for Git repositories. It encrypts specific files so they remain as ciphertext on remote servers while appearing as plaintext in local directories. The tool uses Git attributes to define the scope of files and directories targeted for encryption. It supports both symmetric secret key encryption for shared access and asymmetric public key encryption to control decryption permissions among multiple collaborators. The system automates the encryption and decryption process through hook-based filters that trigger during commit and ch
This project is a comprehensive cryptographic toolkit that provides a collection of standard security algorithms and protocols for implementing data encryption and network communication. It serves as a foundational library for securing software applications through a wide range of cryptographic functions. The architecture is defined by a modular provider system that allows for the dynamic loading of external cryptographic implementations without requiring modifications to the core application binary. It supports metadata-driven algorithm querying, which resolves security primitives by matchin
This project is a Python cryptography library that provides a collection of cryptographic primitives and high-level recipes for implementing secure encryption and authentication. It functions as a symmetric encryption toolkit and a cryptographic hash provider, offering both a low-level cryptographic interface for building custom protocols and high-level tools for securing data. The library covers a broad range of security capabilities, including symmetric data encryption, the derivation of cryptographic keys from passwords or secret values, and data integrity verification through the generati
crypto-js is a JavaScript cryptography library providing a collection of standard cryptographic algorithms and data transformation tools. It functions as a symmetric encryption toolset, a cryptographic hash implementation, and a password derivation tool for the JavaScript environment. The library enables the protection of sensitive data through symmetric encryption and the production of fixed-size data digests to verify integrity. It includes utilities for converting user passwords into secure cryptographic keys and a data format converter for translating information between Base64, Hex, and
sjcl is a JavaScript cryptography library providing a collection of primitives for encryption, hashing, and encoding within a web browser. It functions as an AES symmetric encryption tool, a cryptographic hashing library, and a Base32 data encoder. The project provides implementations for the Advanced Encryption Standard to secure data through symmetric key encryption and decryption. It also enables the generation of fixed-length data fingerprints to verify information integrity and authenticity. The library covers a broader range of security capabilities, including client-side data hashing,
Sui is a blockchain platform featuring an object-centric state model and resource-oriented smart contracts. It utilizes parallel transaction execution to increase network throughput and supports programmable transaction blocks that bundle multiple operations into single atomic units. The platform distinguishes itself with a capability-based access control system and zero-knowledge login mechanisms, enabling users to authenticate via identity providers without seed phrases. It also implements deterministic object addressing to allow predictable state lookups and supports the creation of soulbo
Blackbox is a GPG secret management tool and asymmetric encryption wrapper used to securely store and share sensitive files within version control systems like Git, Mercurial, or Subversion. It functions as a version control secret store that encrypts files for safe storage at rest while allowing authorized users and machines to decrypt them. The system distinguishes itself by integrating directly with version control to provide plaintext diff and log visualization of encrypted files. It supports multi-recipient encryption and automated secret decryption via passphrase-less GPG subkeys, enabl
KeePassDX is an Android password manager that opens, edits, and stores encrypted credential databases using the open KeePass 2.x file format. It keeps all password data stored locally on the device without requiring cloud sync or internet access, and supports multiple symmetric-key encryption algorithms including AES, Twofish, and ChaCha20 with Argon2 key derivation. The app unlocks the credential database by delegating authentication to the platform's biometric API, allowing users to bypass the master password entry using fingerprint or face recognition. It generates one-time passwords local
This is a symmetric cryptography library written in C that provides a portable implementation of the Advanced Encryption Standard. It functions as a block cipher implementation supporting 128, 192, and 256 bit key sizes for encrypting and decrypting data. The library includes an AES cipher mode provider that supports electronic codebook, cipher block chaining, and counter modes. These operational modes are decoupled from the core block transformation to allow for different encryption patterns. The implementation utilizes static memory allocation and table-based substitution to avoid dynamic
This is a Java library and framework for creating, parsing, and validating JSON Web Tokens within Java and Android applications. It provides a comprehensive toolkit for handling signed and encrypted tokens, including the generation and verification of JWS and JWE objects. The project differentiates itself through a flexible architecture that supports pluggable JSON serialization and custom signature algorithms. It includes a dedicated key manager for generating, encoding, and organizing JSON Web Keys and key sets, as well as support for hardware security module integration. The library cover
Aegis is a mobile application designed to manage and store multi-factor authentication tokens. It functions as a local-first credential vault that generates time-based and counter-based one-time passwords to verify user identity across various online services. The application secures sensitive authentication data by employing authenticated symmetric encryption and hardware-backed key storage to protect credentials at rest. Access to the stored tokens is gated by system-level biometric authentication or password verification, ensuring that only authorized users can retrieve the generated secur
This is a cryptographic implementation of the Argon2 memory-hard function, serving as a password hashing library and key derivation function. It transforms passwords and salts into secure hashes and generates cryptographic keys designed to resist high-speed hardware cracking attacks. The library utilizes a memory-hard design that requires significant RAM to prevent acceleration via GPUs or ASICs. It incorporates data-independent memory access to block side-channel timing attacks and supports the integration of secret keys or peppers to protect against brute-force attacks on compromised salts.
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
LibTomCrypt is a fairly comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining modes, pseudo-random number generators, public key cryptography and a plethora of other routines.
A collection of hash functions, ciphers, tools, libraries, and materials related to cryptography & security. :closedlockwithkey::closedlockwithkey::closedlockwithkey::closedlockwithkey::closedlockwith_key: (project was renamed, libchaos is main)
Basic implementations of standard cryptography algorithms, like AES and SHA-1.
s2n is a C-based security library and TLS protocol implementation that serves as a secure network transport layer. It provides a modular cryptographic backend interface to encrypt data streams, manage handshakes, and handle mutual authentication between peers. The project focuses on post-quantum cryptography, integrating quantum-resistant key exchange and digital signatures to protect connections against future computing threats. It distinguishes itself through security hardening measures, such as memory-locked secret storage to prevent keys from being swapped to disk and timing-attack mitiga
jsencrypt is a JavaScript library for performing RSA encryption, decryption, and key generation. It functions as an asymmetric key generator and digital signature provider that executes all cryptographic processing directly in the browser. The library focuses on the use of the PEM standard for importing, exporting, and managing cryptographic keys. It provides the ability to create public and private RSA key pairs of various bit sizes and supports OpenSSL compatible formats. Its capabilities cover the transformation of plaintext into ciphertext and the recovery of original messages using corr
Signal-Android is an end-to-end encrypted messaging platform designed to ensure that only the sender and recipient can access communication content. The project provides a comprehensive framework for secure, asynchronous message initiation and key agreement, allowing users to establish private channels without requiring simultaneous online presence. It relies on a state machine architecture to manage communication epochs and authentication, ensuring consistent security transitions throughout the messaging lifecycle. The platform distinguishes itself through a hybrid cryptographic approach tha
ClickHouse is a high-performance, columnar analytical database designed for real-time query execution and large-scale data aggregation. It functions as a distributed data warehouse capable of processing petabytes of information, while also providing an embedded engine that integrates directly into applications for native query capabilities without external dependencies. The system is built to handle high-throughput ingestion and complex analytical workloads, delivering millisecond-level latency for interactive dashboards and operational monitoring. The platform distinguishes itself through ad
ZeroNet is a decentralized web browser and server that enables the hosting and accessing of websites without central servers. It functions as a peer-to-peer content distribution network that utilizes BitTorrent and Bitcoin cryptography to replicate and share site data across a distributed network of users. The system emphasizes censorship-resistant publishing and privacy through the integration of hidden services to anonymize network traffic. Site identity and content updates are managed via a cryptographic system using public-key pairs instead of centralized account passwords. The platform
Grid.js is a framework-agnostic JavaScript library for rendering interactive data grids. It allows for the display of structured information in tabular formats across different frontend environments, supporting data population from static arrays or JSON imports. The library features a plugin system for extending user interface components and logic, as well as a custom data pipeline for transforming information before it is displayed. It includes built-in support for multilingual localization to translate interface elements and messages. The project covers core data visualization capabilities
Logstash is a JVM-based event processor and extract, transform, load system designed for log data processing pipelines. It functions as a plugin-based data ingestor that collects, transforms, and delivers logs and event data from multiple sources to various destinations. The system utilizes a modular architecture of interchangeable input, filter, and output components to handle real-time data ingestion and enterprise log aggregation. Users can extend the pipeline's functionality by developing custom plugins to support unique data sources or specific transformation logic. The platform covers