Liberal Go TLS + X.509 Library for Research
casebenton and zakird Preserve Signature OID when Marhsaling Cert JSON (#176)
* Preserve Signature OID when Marhsaling Cert JSON

This PR ensures that the original OID stored in a certificate
is used when outputing the json data for that certificate - previously,
x509/json could swap out the original listed SHA1-RSA OID for different
(valid) one that was not actally listed in the cert.

* fixing up tests
Latest commit 9e2be9c Sep 11, 2018


Build Status Go Report Card GoDoc

ZCrypto contains specialized versions of tls and x509. It is written in Golang and is primarily based on Golang's TLS library.


Danger: Experimental

ZCrypto is a research library, designed to be used for data collection and analysis, as well as experimenting and prototyping. It should not be used to provide security for production systems.

zcrypto/tls (formerly known as ZTLS)

A research TLS library based on Golang standard library crypto/tls that contains that speaks old TLS versions, export ciphers, logs handshake messages, and is highly configurable. Many scary parts are exposed as public variables. It is primarily used for data collection, and is used by ZGrab. Uses zcrypto/x509.


A fork of the Golang stdlib crypto/x509 that adds the ability to serialize certificates to JSON, and plays nice with CT.


A fork of the Google Certificate Transparency Golang library, designed to play nice with ZCrypto.


Documentation uses Godoc. See