15,248 questions
2
votes
1
answer
91
views
The operation failed for an operation-specific reason: Cipher job failed
I have the following code that should encrypt a string with a password in nodeJS. You can find an example here: https://jsfiddle.net/ujr4gev3/1/
I have also tried the approach here: https://gist....
- 21
1
vote
2
answers
128
views
Storing biometric data in a PDF without breaking the digital signature
I'm developing a tool that stores a signer's biometric data inside a PDF together with the digital signature, but I'm unsure where this information should be embedded.
The biometric data is captured ...
- 13
Advice
0
votes
1
replies
87
views
What are other alternatives for python keyring?
I'm trying to find a secure way to store token for my cli application. In the app I take the token from ms entra id and I want to store this token in user computer so that user can use it again until ...
- 495
1
vote
1
answer
135
views
Migrating from OpenSSL 1.1 to 3.0: How to generate DH key pair with 32-byte prime using EVP_PKEY-DH interface?
I'm migrating my Diffie-Hellman (DH) implementation from OpenSSL 1.1 to OpenSSL 3.0. Previously, I used APIs like DH_set0_pqg, but these are now deprecated. I am switching to the EVP_PKEY-DH interface ...
- 637
0
votes
0
answers
89
views
Signing JWT not working: An exception of type 'System.MethodAccessException' occurred
I'm trying to sign a JWT with a key that is stored in an Azure Keyvault using the keyvault as signer, in a way that the actual private part of the key never leaves the keyvault.
I've come-up with the ...
- 11.5k
2
votes
1
answer
308
views
Does this function result in uniformly distributed integers?
Recently, on a project, I encountered the need for uniformly distributed integers within an arbitrary range [a, b] from random bytes, a problem that is quite common and is usually solved using ...
- 23
5
votes
1
answer
189
views
Encrypting and decrypting with AES returns System.Byte[] [duplicate]
Using AES in C# I wrote two static methods for encryption and decryption.
Encrypt:
static byte[] Encrypt(byte[] plaintext, byte[] Key, byte[] IV)
{
byte[] encrypted_data = null;
using (Aes ...
- 41
1
vote
0
answers
181
views
Why is my crypto.getRandomValues() base36 ID generator producing duplicates despite 2.8 trillion possibilities?
Here is the function:
export function generateId(): string {
const chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
let result = "";
const randomArray = new Uint8Array(8);
...
- 193
1
vote
2
answers
118
views
pycryptodome decryption (aes-128 cbc) is yielding incorrect result
I have simple code to encrypt and decrypt as follows...
(1) To encrypt:
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad, unpad
from Crypto.Hash import SHA256 as sha256
def sha(text):...
- 12k
0
votes
0
answers
67
views
ADKG-based threshold ECDSA signature recovers different address per transaction—how to compute aggregate `r` and signature parameters?
Background
I’m implementing Asynchronous Distributed Key Generation (ADKG) over secp256k1 so that N nodes collectively hold a threshold private key. After DKG each node has a secret share. To sign an ...
- 121
2
votes
1
answer
87
views
How to handle Disposing of CryptoStream after exception occurs during decrypt
C# .Net Framework 4.8.
I am using CryptoStream Reader to decrypt an encrypted datastream within a Using {} block.
If the Key used for decryption is incorrect, the CryptoStream Reader throws an ...
- 177
0
votes
1
answer
123
views
cryptography and pyinstaller (not using Fernet) error
I'm using pyinstaller main2.spec command. The main2.spec file is the next:
# -*- mode: python ; coding: utf-8 -*-
a = Analysis(
['main.py'],
pathex=[],
binaries=[],
datas=[
('./...
1
vote
1
answer
189
views
Validating an Ed25519 public key (isOnCurve check) in Java
Is there a standard way to validate an Ed25519 public key (check that it's really a point on the curve and not some random bytes) using the standard Java Crypto APIs and/or BouncyCastle?
I found a ...
- 6,034
0
votes
1
answer
165
views
Incorrect Injective address from mnemonic using DirectSecp256k1HdWallet with custom HD path
I'm trying to derive a bech32 address on the Injective chain using a mnemonic and the Ethereum HD path (m/44'/60'/0'/0/0). Here's the code I'm using:
import { DirectSecp256k1HdWallet } from '@cosmjs/...
- 481
0
votes
1
answer
167
views
C# Signing Logic for a Tron transaction
I am attempting to sign a transaction created using TronGrid's https://api.trongrid.io/wallet/createtransaction endpoint. My current code looks like this, where JsonNode txNode passed to ...
- 305
0
votes
0
answers
115
views
TR34 Sample Enveloped Data
I have a TR34 sample enveloped data from X9 TR34–2012.
I am trying to decrypt it, but I am not sure which part of the token contains encrypted ephemeral key and which exact rsa algorithm is used for ...
- 23
-2
votes
1
answer
109
views
Key unwrapping fails
I want to protect a RSA private key stored in localStorage by wrapping it with a key derived from the user's password.
However when unwrapping the key the error DOMException: An invalid or illegal ...
- 410
1
vote
1
answer
90
views
Can't align RSA encryption in Python and Kotlin
I would like to add RSA encryption in my server (Python FastAPI) and my Android app.
But the encryption didn't work as the way I expected.
I already have AES-GCM encryption/decryption working between ...
- 13
1
vote
1
answer
132
views
How to read the public key's exponent and the modulus using System.Formats.Asn1.AsnReader in C#
The goal is to read a certificate and parse the ASN.1 elements for further use.
I managed to instantiate the reader as follows with no issues:
AsnReader readerAll = new AsnReader(new ReadOnlyMemory&...
1
vote
0
answers
93
views
How to persist a string in the TPM by using the ESYS API?
I want to store a short string like "foo: bar, abc: def" inside of the TPM.
While tss2 CLI commands seem to work pretty well in doing so, I feel pretty lost in trying to achieve the same ...
- 11
2
votes
0
answers
189
views
How to calculate and derive secret from account credentials to create cryptographic key on the server
I am having problem deriving secret from account credential to create a key password which will enable me to create a cryptographic key on the server.
The calculation of the signatures (Key signature ...
0
votes
1
answer
153
views
How do I create a shared 128-bit AES-GCM key using ECDH?
Given a supplied public key, plus my own private key, how do I generate "a shared 128-bit AES-GCM key... using ECDH", using something suitable for the JVM and/or Android?
The Tesla Fleet ...
- 1.0m
0
votes
0
answers
99
views
Which Should I Choose: SHA256withRSA or SHA512withRSA for Android App Keystore?
I'm in the process of generating a keystore for signing my Android app, and I'm wondering about the best choice for the signature algorithm. My current command is as follows:
KeyTool.exe -genkey -v ^
-...
- 13.3k
0
votes
0
answers
58
views
Android SQLite DB encryption for FIPS compliance without SQLCipher
We're working on getting our Android app FedRAMP certified and are looking for a solution to encrypt our database with a FIPS-validated cryptographic provider. SQLCipher offers this capability, but ...
0
votes
0
answers
90
views
Generating HMAC-SHA256 Token in JavaScript to Match PHP Output
I am trying to call an API written in PHP that generates a token using the following method:
base64_encode(hash_hmac("sha256", "<api-key>", "<email>:<gmdate('y-...
