Suggest a crypto library?

<p>Looking for a crypto library for encrypting an decrypting strings. I would like for this encryption to be secure, and I want all the complexity as far as length, padding, etc., to be abstracted away from me. I want to be able to pass in basically any length of key and any length of string to encrypt, although most likely the string to encrypt will always be 64 characters and the key will always be 128 characters. </p> <p>I just want to be able to do something fairly simple like this: </p> <pre><code>library.encrypt(stringToEncrypt, key) library.decrypt(stringToDecrypt, key) </code></pre> <p>It also needs to use a reasonably common algorithm, so that I can have a javascript application that could produce the same output from the same inputs as the Golang code produces. </p> <p>Suggestions? </p> <hr/>**评论：**<br/><br/>tscs37: <pre><p><a href="https://godoc.org/golang.org/x/crypto/nacl" rel="nofollow">See here</a></p> <p>NaCl has sane defaults and is fairly secure, it&#39;s in the /x/ repo but fairly stable in general and shouldn&#39;t change really. Just use that.</p> <p>You will have to deal with nonces and key lengths though, no working around that, there are plenty of established and safe standards for that though (argon2, bcrypt, pbkdf2 as long as you have high parameters, scrypt, etc.)</p></pre>jerf: <pre><p>This is exactly what the NaCl functionality and API was designed for as its core use case. <a href="/u/Renorei" rel="nofollow">/u/Renorei</a>, where your ideas and NaCl&#39;s ideas about what the perfect API is may diverge, I would extremely strongly suggest taking NaCl&#39;s ideas. The API is as easy as it can safely be.</p></pre>tclineks: <pre><p>See gtank&#39;s cryptopasta: <a href="https://github.com/gtank/cryptopasta" rel="nofollow">https://github.com/gtank/cryptopasta</a></p></pre>bear1728: <pre><p>I wrote an example showing how to use (mostly) just the standard library and get a simple encrypt/decrypt working in Go, Javascript, and Python. You may want to look at this:</p> <p><a href="https://gist.github.com/tscholl2/dc7dc15dc132ea70a98e8542fefffa28" rel="nofollow">https://gist.github.com/tscholl2/dc7dc15dc132ea70a98e8542fefffa28</a></p> <p>I would also recommend cryptopasta as someone else mentioned.</p></pre>Renorei: <pre><p>Going to use this for now as I need to be able to specify the key. Thanks!</p></pre>qu33ksilver: <pre><p>Here you go -</p> <pre><code>// Encrypt is used to encrypt a text func Encrypt(plaintext []byte) ([]byte, error) { c, err := aes.NewCipher(encryptionKey) if err != nil { return nil, err } gcm, err := cipher.NewGCM(c) if err != nil { return nil, err } nonce := make([]byte, gcm.NonceSize()) if _, err = io.ReadFull(rand.Reader, nonce); err != nil { return nil, err } return gcm.Seal(nonce, nonce, plaintext, nil), nil } // Decrypt is used decrypt a ciphertext func Decrypt(ciphertext []byte) ([]byte, error) { c, err := aes.NewCipher(encryptionKey) if err != nil { return nil, err } gcm, err := cipher.NewGCM(c) if err != nil { return nil, err } nonceSize := gcm.NonceSize() if len(ciphertext) &lt; nonceSize { return nil, errors.New(&#34;ciphertext too short&#34;) } nonce, ciphertext := ciphertext[:nonceSize], ciphertext[nonceSize:] return gcm.Open(nil, nonce, ciphertext, nil) } </code></pre></pre>