15,235 questions
Advice
1
vote
5
replies
82
views
How to Verify WordPress Password Hash in Python/Django?
I have a WordPress database that I am accessing from a Django site. I'd like to be able to log users in with their WordPress passwords. Is there a good way to do this in Python? I have tried these ...
- 1,098
Best practices
0
votes
0
replies
47
views
Recommended way to implement Cryptography Bill of Materials (CBOM) in an organization
CycloneDX defines CBOM (Cryptography Bill of Materials) as a separate BOM type for tracking cryptographic usage.
At an organizational level:
How is CBOM usually implemented in practice?
Should teams ...
Advice
2
votes
2
replies
52
views
"I have already tried to install cham-crypto library but it wont work directly in vs code , is there any other ways to do this installation coreectly
I am trynna install the libarary charm-crypto in my VS code
but it shows some errors when executing the command
pip install charm-crypto-framework
....
what are the other ways to we can do to resolve ...
0
votes
2
answers
175
views
How to cryptographically prove a file existed at a specific time? [closed]
I need to prove that a specific file (e.g. a PDF contract or build artifact) existed at a certain point in time, in a way that is independently verifiable after anchoring, without requiring the ...
- 9
Best practices
2
votes
4
replies
97
views
search/where conditions on AES-GCM encrypted columns using Prisma middleware
I have implemented AES-GCM encryption for sensitive database columns (e.g., SSN).
I wrote a Prisma middleware that:
Encrypts sensitive fields before write operations (create/update).
Decrypts ...
- 708
4
votes
1
answer
157
views
Reducing memory usage when writing chunks in order with Go parallel workers
I have a Go function for encrypting data in parallel using AES-GCM:
func encryptParallel(ctx context.Context, aead cipher.AEAD, w io.Writer, r io.Reader, workers uint64) error
The design is:
One ...
- 83
2
votes
1
answer
168
views
Argon2 hash verify using 'node:crypto' module functions
I'm using the Argon2 functions from node:crypto module to hash passwords, but I can't find the argon2.verify() function equivalent that is in the argon2 npm module.
import { argon2Sync } from 'node:...
- 13.8k
1
vote
0
answers
67
views
Generating EC keypair with javacard and exporting its public key
I am working with Oracle Javacard simulator and its latest version 3.2
I have tried to generate EC Public Key pair and export EC Public key with ECPublicKey.getW() with the following code:
// Create ...
- 3,352
0
votes
1
answer
140
views
Why is Node v22 encryption slower and returns different ciphertext than Node v18?
I’m migrating from Node v18 to Node v22 and I noticed two major differences in behavior.
Performance difference
Node v18 (fast)
const crypto = require('crypto');
const SECRET = 'SECRET-KEY-FOR-...
- 19
3
votes
1
answer
120
views
My C# HMAC-SHA256 implementation matches only one online calculator - all others give different results [closed]
I'm working on HMAC-SHA256 signature validation in C# and ran into something strange. When I test my code against different online HMAC calculators, I get inconsistent results. My implementation ...
- 31
Advice
1
vote
3
replies
48
views
Chaining calls to the only available hash function to "increase" the entropy
Let's say my platform / framework only allows me to use a single hash function ($toHashedIndexKey, for the reference, presumably truncated first 64-bits of standard 128-bit MD5 hash implementation). ...
- 447
1
vote
1
answer
178
views
Why cryptopp generates different signature than libsecp256k1 for ECDSA
I'm trying to use cryptopp to implement ECDSA signing used by Ethereum. But I couldn't get the result right. Here is a sample implementation using both cryptopp and libsecp25k1, where the latter ...
- 75
0
votes
1
answer
87
views
Is an ECPrivateKey stored in transient memory automatically in javacard, or do you have to specify (and how would you do that)?
When creating an ECPrivateKey as below, where initaliseDomainParameters(ECKey ecKey) sets the elliptic curve parameters:
public KeyPair keyPair = new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder....
- 303
2
votes
1
answer
302
views
OpenSAML Signing with Azure Key Vault using Azure's KeyVaultJcaProvider : engineInitSign() not supported
I am attempting to sign the OpenSAML response using Azure KeyVault but the default keyvault behaviour does not allow me to sign the payload because KeyVaultJcaProvider has ...
- 2,073
Best practices
1
vote
5
replies
158
views
Should I change RSA algorithm to some more modern algorithm or just stay on RSA but use larger key length?
I tried use 6144 bits RSA key, but this has been taking so much time as around of 5 - 7 seconds to generate key pair, I think it's too long. On the other side, using keys with less length may become ...
- 43