15,244 questions
Advice
0
votes
0
replies
57
views
How should I encrypt my email service so only the allowed clients are able to call it
I have an email microservice that I created.
I have a platform deployed for multiple tenants. Example; clienta.platform.com, clientb.platform.com etc etc.
Now I want to secure the email micro-service ...
- 19
0
votes
0
answers
86
views
Is key recovery possible for this 4-round 64-bit SPN cipher given 65k known plaintext-ciphertext pairs?
Given this specific cipher design and known-plaintext corpus, is there a cryptanalytic or structural weakness that enables key recovery or decryption faster than brute force?
The setup is:
There’s a ...
14
votes
3
answers
2k
views
Why would one reset local variables at the end of a C function?
Take a look at the function SHA1Transform taken from an SHA1 algorithm on Github. Assuming SHA1HANDSOFF is defined, the function looks like this:
void SHA1Transform(
uint32_t state[5],
const ...
- 10.6k
1
vote
1
answer
103
views
`pepk.jar` fails with `javax.crypto.BadPaddingException` preventing Play App Signing enrollment for existing app
Title: pepk.jar fails with javax.crypto.BadPaddingException preventing Play App Signing enrollment for existing app
Problem Statement:
We are trying to enroll an existing Android app (com.clsreview....
- 21
Advice
1
vote
2
replies
58
views
What is decentralization in blockchain?
Decentralization in blockchain means data isn’t controlled by one authority. Instead, it’s distributed across many independent nodes, making the system more secure, transparent, and resistant to ...
Advice
0
votes
0
replies
84
views
Design review: ntfy-based remote unlock for Vaultwarden without exposing .env passphrase on a compromised host?
(If you want to skip to the part I ask the question, scroll down to the last section with the heading "Concrete question".)
I’m working on a home lab / learning project and would appreciate ...
- 41
2
votes
1
answer
138
views
The operation failed for an operation-specific reason: Cipher job failed
I have the following code that should encrypt a string with a password in nodeJS. You can find an example here: https://jsfiddle.net/ujr4gev3/1/
I have also tried the approach here: https://gist....
- 23
2
votes
1
answer
229
views
Upgrading PHP scripts to use phpseclib3 versus phpseclib version 2
I am trying to upgrade my phpseclib-based scripts to the latest, which is version 3. (Previously, I was using version 2.) I have run into a number of problems, beginning with the fact that class ...
- 1,316
2
votes
2
answers
162
views
Storing biometric data in a PDF without breaking the digital signature
I'm developing a tool that stores a signer's biometric data inside a PDF together with the digital signature, but I'm unsure where this information should be embedded.
The biometric data is captured ...
- 23
Advice
0
votes
1
replies
106
views
What are other alternatives for python keyring?
I'm trying to find a secure way to store token for my cli application. In the app I take the token from ms entra id and I want to store this token in user computer so that user can use it again until ...
- 495
0
votes
1
answer
158
views
Calculating DigestValue of SignedProperties in XAdES
I am trying to create an application to sign xml documents in xades format by using PKCS11Interop library. I have a xades sign application provided by a government institute to test my results. I am ...
1
vote
1
answer
153
views
Migrating from OpenSSL 1.1 to 3.0: How to generate DH key pair with 32-byte prime using EVP_PKEY-DH interface?
I'm migrating my Diffie-Hellman (DH) implementation from OpenSSL 1.1 to OpenSSL 3.0. Previously, I used APIs like DH_set0_pqg, but these are now deprecated. I am switching to the EVP_PKEY-DH interface ...
- 637
1
vote
0
answers
144
views
Why does EVP_PKEY_derive_set_peer cause a segmentation fault when using a peer public key reconstructed from BIGNUM in OpenSSL 3?
I'm using OpenSSL 3.0 EVP_PKEY in C to perform Diffie-Hellman key exchange. I generate Alice's and Bob's key pairs. I extract Bob's public key as a BIGNUM and try to reconstruct an EVP_PKEY for Bob's ...
- 637
0
votes
0
answers
99
views
Signing JWT not working: An exception of type 'System.MethodAccessException' occurred
I'm trying to sign a JWT with a key that is stored in an Azure Keyvault using the keyvault as signer, in a way that the actual private part of the key never leaves the keyvault.
I've come-up with the ...
- 11.5k
1
vote
0
answers
91
views
RSA based certs failing during TLS after removal of RSA-PSS ciphers from ClientSignatureAlgorithm
For FIPS mode, I added ClientSignatureAlgorithm in opensslcnf.txt. This change was done for FIPS mode using the crypto-policies package.
The support ciphers for ClientSignatureAlgorithms are same as ...
2
votes
1
answer
315
views
Does this function result in uniformly distributed integers?
Recently, on a project, I encountered the need for uniformly distributed integers within an arbitrary range [a, b] from random bytes, a problem that is quite common and is usually solved using ...
- 23
2
votes
0
answers
76
views
Using OpenSSL provider to delegate TLS_PSK_WITH_NULL_SHA256 key operations to TZ or TPM
I am developing software that uses OpenSSL for implementing a TLS client. I am developing it in the C++ language, to run in Linux for ARM 64-bit.
I intend to use the cipher TLS_PSK_WITH_NULL_SHA256.
...
- 1,569
5
votes
1
answer
202
views
Encrypting and decrypting with AES returns System.Byte[] [duplicate]
Using AES in C# I wrote two static methods for encryption and decryption.
Encrypt:
static byte[] Encrypt(byte[] plaintext, byte[] Key, byte[] IV)
{
byte[] encrypted_data = null;
using (Aes ...
- 41
0
votes
1
answer
200
views
Decrypting data from stream without knowing data size
Assuming we know the key and the IV for the data we're getting from the stream, is it possible to decrypt it within stream? I encrypted the same message three times and then decrypted it all at once, ...
- 43
1
vote
0
answers
184
views
Why is my crypto.getRandomValues() base36 ID generator producing duplicates despite 2.8 trillion possibilities?
Here is the function:
export function generateId(): string {
const chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
let result = "";
const randomArray = new Uint8Array(8);
...
- 193
1
vote
1
answer
89
views
Azure container app crashing while computing hash for large files
I have a piece of code deployed in Azure Container Apps that primarily copies the file from the staging Azure blob storage to the final Azure blob storage and computes the SHA256 hash.
However, I have ...
- 151
1
vote
2
answers
120
views
pycryptodome decryption (aes-128 cbc) is yielding incorrect result
I have simple code to encrypt and decrypt as follows...
(1) To encrypt:
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad, unpad
from Crypto.Hash import SHA256 as sha256
def sha(text):...
- 12k
1
vote
0
answers
70
views
How to know a security provider supports a specific keysize without trying to init?
The Cipher states that Java platforms require to support following transformations and keysizes.
AES/CBC/NoPadding (128)
AES/CBC/PKCS5Padding (128)
AES/ECB/NoPadding (128)
AES/ECB/PKCS5Padding (128)
...
- 22.4k
0
votes
0
answers
70
views
ADKG-based threshold ECDSA signature recovers different address per transaction—how to compute aggregate `r` and signature parameters?
Background
I’m implementing Asynchronous Distributed Key Generation (ADKG) over secp256k1 so that N nodes collectively hold a threshold private key. After DKG each node has a secret share. To sign an ...
- 121
3
votes
0
answers
142
views
Python requests library refusing to accept correct verify certificate
The following application performs a basic HTTP GET request against https://google.com, retrieves the peer certificate and saves it in PEM format into a file called cert.pem.
After that it attempts ...
- 3,307
2
votes
1
answer
95
views
How to handle Disposing of CryptoStream after exception occurs during decrypt
C# .Net Framework 4.8.
I am using CryptoStream Reader to decrypt an encrypted datastream within a Using {} block.
If the Key used for decryption is incorrect, the CryptoStream Reader throws an ...
- 177
1
vote
1
answer
90
views
Why does the round trip from creation of self-signed EC X509Certificate to PEM file to load fails in .NET 9?
Here is the .NET 9 code that creates a self-signed EC cert, persists to a .PEM file and attempts re-create the certificate from the .PEM file.
// Generate ECC key pair
using var ecdsa = ECDsa....
- 3,111
0
votes
1
answer
143
views
cryptography and pyinstaller (not using Fernet) error
I'm using pyinstaller main2.spec command. The main2.spec file is the next:
# -*- mode: python ; coding: utf-8 -*-
a = Analysis(
['main.py'],
pathex=[],
binaries=[],
datas=[
('./...
1
vote
1
answer
89
views
What are session objects? Where are they stored? [closed]
The question is about where session objects are created and stored - on a token or in RAM of an application that uses a pkcs11 library?
It seems that pkcs11 specification does not differentiate them ...
- 29
1
vote
1
answer
201
views
Validating an Ed25519 public key (isOnCurve check) in Java
Is there a standard way to validate an Ed25519 public key (check that it's really a point on the curve and not some random bytes) using the standard Java Crypto APIs and/or BouncyCastle?
I found a ...
- 6,034
1
vote
1
answer
140
views
How does U32C in ChaCha20 bypass endianness concerns?
While reading the ChaCha20 cipher's source code, I noticed something unusual. The algorithm's constants (like 0x61707865) aren't converted for endianness, yet this doesn't cause issues across ...
- 402
0
votes
1
answer
173
views
Incorrect Injective address from mnemonic using DirectSecp256k1HdWallet with custom HD path
I'm trying to derive a bech32 address on the Injective chain using a mnemonic and the Ethereum HD path (m/44'/60'/0'/0/0). Here's the code I'm using:
import { DirectSecp256k1HdWallet } from '@cosmjs/...
- 521
1
vote
1
answer
82
views
Migration from SmartCard .Net technology to JavaCard
I have a .Net application, let's call it MyApplicationDotNet, that currently communicates with Gemalto IdPrime 510 smartcards based on .Net technology, I need to make it use javacard. Is it necessary ...
- 413
0
votes
1
answer
170
views
C# Signing Logic for a Tron transaction
I am attempting to sign a transaction created using TronGrid's https://api.trongrid.io/wallet/createtransaction endpoint. My current code looks like this, where JsonNode txNode passed to ...
- 305
0
votes
0
answers
109
views
Aptos SDK: "INVALID_SIGNATURE" error when submitting transaction signed via Fireblocks
I’m using Fireblocks raw signing to sign Aptos transactions because it holds the private key. I generated the Aptos address from the public key provided by Fireblocks, and this address can receive ...
0
votes
0
answers
118
views
TR34 Sample Enveloped Data
I have a TR34 sample enveloped data from X9 TR34–2012.
I am trying to decrypt it, but I am not sure which part of the token contains encrypted ephemeral key and which exact rsa algorithm is used for ...
- 23
0
votes
0
answers
70
views
Using lattice estimator with Sage
I'm looking to use the lattice-estimator here: https://github.com/malb/lattice-estimator?tab=readme-ov-file which depends on SageMath.
I have installed SageMath here:
john@sage:~/Downloads/sage-10.6$ ...
- 59
-2
votes
1
answer
113
views
Key unwrapping fails
I want to protect a RSA private key stored in localStorage by wrapping it with a key derived from the user's password.
However when unwrapping the key the error DOMException: An invalid or illegal ...
- 410
0
votes
1
answer
114
views
ECDSA-signed JWT validation failures between .NET and PHP
Why does a ECDSA-signed JWT in .NET fail validation in PHP when using OpenSSL, even with matching keys and algorithms?
In .NET using System.Security.Cryptography and System.IdentityModel.Tokens.Jwt ...
- 5,929
1
vote
1
answer
91
views
Can't align RSA encryption in Python and Kotlin
I would like to add RSA encryption in my server (Python FastAPI) and my Android app.
But the encryption didn't work as the way I expected.
I already have AES-GCM encryption/decryption working between ...
- 13
2
votes
1
answer
191
views
Lattice attack against single signature : how to modify the b1 and c1 constants in order to get the script working against smaller leaks?
The following script I found here. The idea explained here is that if for a single signature both the high order bits of the private key and nonce are set to 0, then it’s possible to combine those 2 ...
- 3,119
1
vote
1
answer
140
views
How to read the public key's exponent and the modulus using System.Formats.Asn1.AsnReader in C#
The goal is to read a certificate and parse the ASN.1 elements for further use.
I managed to instantiate the reader as follows with no issues:
AsnReader readerAll = new AsnReader(new ReadOnlyMemory&...
0
votes
0
answers
87
views
Is it secure to store only the aggregated BLS public key in a smart contract for signature verification?
I have a question regarding BLS signatures and aggregate signature verification in smart contracts.
Let’s say I have 3 honest signers, each with their own private key. They all sign the same message, ...
- 29
1
vote
0
answers
98
views
How to persist a string in the TPM by using the ESYS API?
I want to store a short string like "foo: bar, abc: def" inside of the TPM.
While tss2 CLI commands seem to work pretty well in doing so, I feel pretty lost in trying to achieve the same ...
- 11
-1
votes
1
answer
111
views
How can I securely integrate a crypto wallet connection (e.g., MetaMask) on a landing page built with React?
I'm building a crypto-focused landing page (https://blockwealth.com.au/cryptolandingpage/) using React, and I want to allow users to connect their MetaMask wallet for potential interactions like token ...
2
votes
0
answers
191
views
How to calculate and derive secret from account credentials to create cryptographic key on the server
I am having problem deriving secret from account credential to create a key password which will enable me to create a cryptographic key on the server.
The calculation of the signatures (Key signature ...
0
votes
1
answer
168
views
How do I do softap provisioning for an esp32-c6 in flutter?
I'm trying to write an app in flutter to perform softap provisioning for an ESP32-C6 (https://docs.espressif.com/projects/esp-idf/en/v5.4.1/esp32c6/api-reference/provisioning/wifi_provisioning.html). ...
0
votes
1
answer
167
views
How do I create a shared 128-bit AES-GCM key using ECDH?
Given a supplied public key, plus my own private key, how do I generate "a shared 128-bit AES-GCM key... using ECDH", using something suitable for the JVM and/or Android?
The Tesla Fleet ...
- 1.0m
0
votes
0
answers
144
views
Recreating TPM (Trusted platform module) PCR 10 from Linux IMA (Integrity Measurement Architectur) log
I created a VM on google cloud platform. After creating it, I edited /etc/default/grub file by adding additional kernel command line parameters so that I would enable IMA module:
...
0
votes
0
answers
103
views
Which Should I Choose: SHA256withRSA or SHA512withRSA for Android App Keystore?
I'm in the process of generating a keystore for signing my Android app, and I'm wondering about the best choice for the signature algorithm. My current command is as follows:
KeyTool.exe -genkey -v ^
-...
- 13.3k