We have collection of more than 1 Million open source products ranging from Enterprise product to
small libraries in all platforms. We aggregate information from all open source repositories.
Search and find the best for your needs. Check out projects section.
ring is focused on the implementation, testing, and optimization of a core set of cryptographic operations exposed via an easy-to-use (and hard-to-misuse) API. ring exposes a Rust API and is written in a hybrid of Rust, C, and assembly language. ring is focused on general-purpose cryptography. WebPKI X.509 certificate validation is done in the webpki project, which is built on top of ring. Also, multiple groups are working on implementations of cryptographic protocols like TLS, SSH, and DNSSEC on top of ring.
Logins and passwords are for humans. Communication between applications need to be protected through different means. ApiAuth is a Ruby gem designed to be used both in your client and server HTTP-based applications. It implements the same authentication methods (HMAC-SHA1) used by Amazon Web Services.
Privy is a small and fast utility for password-protecting secret data such as API keys, cryptocurrency wallets, or seeds for digital signatures.Say for example you are using GnuPG. You are about to sign a message but it first requires your password. Does your password become the input to instantiate your private key? No, it is first hashed by a secure key derivation function. That hash then becomes the input to a symmetric cipher such as AES which then decrypts your stored private key. That is what Privy does.
Have a look at the official crypto documentation.Please be aware that the browser version of this library uses crypto-browserify, which is only a partial implementation of node's native crypto module. Check out their documentation to see what is supported and what not.
Token is just a small wrapper around sha512 HMAC hashes. Note that tokens from the previous and next time step are accepted, e.g. tokens can be valid up to three time steps from when they were issued. This allows for 1) the token to expire lazily and 2) for the servers to disagree on time (e.g. even if the generating server is ahead, the token will be accepted).