Security News
RubyGems Adds Cooldown Feature to Bundler for Newly Published Gems
RubyGems and Bundler 4.0.13 introduced an opt-in cooldown feature that delays newly published gems during dependency resolution.
By Sarah Gooding - Jun 05, 2026
Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement →
proxy-git.cwkhome.fun/smallstep/crypto
Advanced tools
proxy-git.cwkhome.fun/smallstep/crypto
- Version
- v0.69.0
- Version published
- Created
crypto
Crypto is a collection of packages used in smallstep products. See:
- step: A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
- step-ca: A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Usage
To add this to a project, just run:
go get go.step.sm/crypto
Packages
x509util
Package x509util implements utilities to build X.509 certificates based on JSON
templates.
sshutil
Package sshutil implements utilities to build SSH certificates based on JSON
templates.
keyutil
Package keyutil implements utilities to generate cryptographic keys.
pemutil
Package pemutil implements utilities to parse keys and certificates. It also
includes a method to serialize keys, X.509 certificates and certificate requests
to PEM.
randutil
Package randutil provides methods to generate random strings and salts.
tlsutil
Package tlsutil provides utilities to configure tls client and servers.
jose
Package jose is a wrapper for github.com/go-jose/go-jose/v3 and implements
utilities to parse and generate JWT, JWK and JWKSets.
x25519
Package x25519 adds support for X25519 keys and the
XEdDSA signature scheme.
minica
Package minica implements a simple certificate authority.
kms
Package kms implements interfaces to perform cryptographic operations like
signing certificates using cloud-based key management systems, PKCS #11 modules,
or just a YubiKey or an ssh-agent. On the cloud it supports:
fingerprint
Package fingerprint provides methods for creating and encoding X.509
certificate, SSH certificate and SSH key fingerprints.
tpm
Package tpm provides an abstraction over and utilities for interacting with
TPMs. It can be used to retrieve TPM information, retrieve its Endorsement Keys
(EK) and associated certificates, create and operate on Attestation Keys (AK),
and create and operate on (attested) application keys. The storage subpackage
provides an interface and concrete implementations offering a transparent
persistence mechanism for Attestation and application keys.
fipsutil
Package fipsutil reports whether the cryptography libraries are operating in
FIPS 140-3 mode.
FAQs
Unknown package
Package last updated on 06 Aug 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
pnpm 11.5 Adds Support for Recognizing npm Staged Publishes
pnpm 11.5 now recognizes npm staged publish approvals in release metadata, preventing those releases from being mistaken for lower-trust package publishes.
By Sarah Gooding - Jun 04, 2026
Security News
Federal Audit Finds NIST Wasted Funds With No Plan to Clear NVD Backlog
Federal audit finds NIST lacked a plan to clear the NVD backlog, wasted funds on duplicate work, and delayed use of CISA data.
By Sarah Gooding - Jun 03, 2026