37,195 questions
-6
votes
0
answers
46
views
Decoding text by frequency analysis
I'm doing a lab on information security. I can't decrypt the text. I started the work with a literal logical selection:
I assumed that each letter in ascending order is a specific letter in the ...
0
votes
1
answer
69
views
Change Minimum Inbound TLS Cipher Suite for Azure App Service [closed]
For my Azure App Service I have Minimum Inbound TLS Cipher Suite set to TLS_RSA_WITH_AES_128_CBC_SHA.
For my App Service it is:
I know that I can change it manually via App service -> ...
- 5,869
Advice
0
votes
0
replies
74
views
Design review: ntfy-based remote unlock for Vaultwarden without exposing .env passphrase on a compromised host?
(If you want to skip to the part I ask the question, scroll down to the last section with the heading "Concrete question".)
I’m working on a home lab / learning project and would appreciate ...
- 41
0
votes
0
answers
25
views
Openssl decrypt BUF_MEM_grow_clean:malloc failure [closed]
Attempting to decrypt a large binary file created with
openssl fails regardless of the amount of OS memory available.
Tried using the openssl -stream option but yet it fails
Here is the memory info :-
...
- 978
0
votes
0
answers
57
views
React Native (Expo SDK 54): How to encrypt request body when sending FormData (file upload)?
I’m using React Native with Expo SDK 54, and I have an API client built with Axios.
All my normal JSON requests are encrypted before being sent to a .NET 6 backend. When I send a normal JSON body, my ...
- 1
Advice
0
votes
1
replies
91
views
What are other alternatives for python keyring?
I'm trying to find a secure way to store token for my cli application. In the app I take the token from ms entra id and I want to store this token in user computer so that user can use it again until ...
- 495
0
votes
1
answer
157
views
Why do I need an IvParameter and how do I implement it?
I'm trying to write a java program that encrypts and decrypts a byte array of text based on a password, but when decrypting, it returns an error
Error message:
Exception in thread "main" ...
- 83
Advice
0
votes
1
replies
89
views
Is it possible to use random IV for each ts segment when ffmpeg do hls encrypt?
I want to encrypt the hls like this: each segment with different IV (random string)
#EXTM3U
#EXT-X-VERSION:3
#EXT-X-MEDIA-SEQUENCE:0
#EXT-X-ALLOW-CACHE:YES
#EXT-X-TARGETDURATION:11
#EXT-X-KEY:METHOD=...
- 28.6k
0
votes
0
answers
108
views
How to implement non-plain-text password transmission in Spring Authorization Server 1.4.3 (password grant extension)
I’m using Spring Authorization Server 1.4.3 to build an authentication center.
I’ve extended the authorization server to support the password grant type, so clients can obtain access tokens via the /...
- 181
0
votes
1
answer
90
views
Is it safe to store a product serial number under the Uninstall registry key where WiX stores bundle metadata?
I’m seeking clarification about storing custom data—specifically a product serial number—under the Windows Uninstall registry key created by WiX Toolset.
When we install a WiX-based bundle or MSI, it ...
0
votes
0
answers
131
views
Why am I getting "Invalid initialization vector" when calling my signed URL upload API in Node.js?
I’m working on a Node.js backend that generates a signed URL for uploading files to AWS S3 via CloudFront.
However, when I hit the signed URL endpoint from curl, I always get the following response:
{&...
1
vote
1
answer
150
views
Symmetric Encryption Padding Issues AES/PKCS*7/CBC [duplicate]
I am unable to determine what is causing the exception being thrown ("invalid padding bytes"). From trying to find examples of the same issue, this seems to mostly be using the incorrect key ...
1
vote
0
answers
78
views
RSA based certs failing during TLS after removal of RSA-PSS ciphers from ClientSignatureAlgorithm
For FIPS mode, I added ClientSignatureAlgorithm in opensslcnf.txt. This change was done for FIPS mode using the crypto-policies package.
The support ciphers for ClientSignatureAlgorithms are same as ...
0
votes
2
answers
194
views
Generating Key & Nonce Pairs from Web Crypto API vs from Word List. Is entropy the same?
I want to find out if the 2 methods shown below achieve the same level of entropy.
For this first secure method, a 32 byte / 256 bit key and a 12 byte / 96 bit nonce are generated using the JavaScript ...
- 5,034
1
vote
1
answer
78
views
c# client server certificate is not configured properly with HTTP.SYS in the HTTPS case - Server 2016
We are trying to make a soap request to a specific remote web service (https://example.com) from two server 2016 machines with c# client. Server A can get response. But server B can't. Server A and B ...
- 11
4
votes
2
answers
194
views
Why does Java's X22519 Lib works with some inputs but not others
I am using java built-in SunEC 21 security provider to do X25519 test cases and all work but one.
I am using the same logic for every test just different inputs.
When I use the inputs:
Public key: ...
- 31
0
votes
1
answer
145
views
In-place modification of large encrypted file
The server-side application I'm working on stores structured data in a single large file that is continuously encrypted using the ChaCha20 stream cipher. I want to modify parts of the file without ...
- 69
0
votes
1
answer
177
views
encrypt using OpenSSL and RSA_public_encrypt
I need to encrypt strings using a public key contained in an X509 certificate using Delphi 10.3 and OpenSSL. The certificate is already loaded in memory using the BIO routines:
var
ptrX509: pX509;
...
- 481
1
vote
1
answer
49
views
Tortoise ORM postgresql Encryption
I figured out how to decrypt fields
class _Decrypt(Function):
def __init__(self, term: Any, key, alias: str | None = None) -> None:
super().__init__("pgp_sym_decrypt", term, ...
- 11
1
vote
0
answers
113
views
Logic App Standard Inline C# action fails to decrypt AES CBC with PKCS7 (works in function app)
I’m trying to decrypt AES-encrypted data inside a Logic App Standard Inline C# action, but the code that works fine in a function app fails inside Logic Apps.
Problem
The AES key is stored in Azure ...
2
votes
1
answer
139
views
How can I securely encrypt spatial fields (GeoDjango / PostGIS) in Django?
I’m working on a Django project with GeoDjango models that store user location data (e.g., PointField, LineStringField). Because location data is highly sensitive, I want to ensure it’s secured (?...
- 33
-1
votes
1
answer
103
views
OpenSSL::Cipher::CipherError Rails 7 does not decrypt manually
I'm having some trouble to decrypt ciphertext that was added to my logs using Rails 7.1.5.1
I recently added the Rails Encryption and made the upgrade to Rails 7 and now I need to decrypt logs that I ...
0
votes
2
answers
118
views
mkinitcpio ERROR: Hook 'luks_unlock' cannot be found
I am trying to build a full-disk encryption scheme in ArchLinux. I found that GRUB cannot pass header parameters, so I think I need to write a custom hook script to guide the LUKS header and key file.
...
- 1
0
votes
0
answers
42
views
TLS Key Schedule is failing via Server_Handshake_traffic_secret
I am making a minimal TLS 1.3/HTTPS server in Java using only Sockets.
I have already created a ClientHello parser and a ServerHello. When testing with OpenSSL the ServerHello is accepted, but when ...
- 31
1
vote
0
answers
241
views
Export PEM private key to DER with Delphi and OpenSSL
A brief context: in mexico there is the so called "electronic invoice". The IRS equivalent, emits a certificate/key pair (.cer, .key) in DER format, named Digital Sign Certificate to each ...
- 481
0
votes
0
answers
61
views
How to securely connect Flutter to a Node.js server with TLS or RSA encryption?
I'm building a Flutter app that needs to send user data (like name and street) to a Node.js backend server. Currently, the data is sent via URL like this:
http://192.168.1.126:8080/save?name=toto&...
- 15
0
votes
0
answers
80
views
Is it possible to encrypt subscriberkey when it is an email_XtraLinkParameters which is handled in Setup > Parameter Management
My customer wants to encrypt sensitive data (subscriberkey) in email urls.
The url points to external webpages.
I guess we could use EncryptSymmetric if it wasn't so that the subscriberkey is added ...
- 75
0
votes
0
answers
70
views
ADKG-based threshold ECDSA signature recovers different address per transaction—how to compute aggregate `r` and signature parameters?
Background
I’m implementing Asynchronous Distributed Key Generation (ADKG) over secp256k1 so that N nodes collectively hold a threshold private key. After DKG each node has a secret share. To sign an ...
- 121
0
votes
0
answers
102
views
How to open encrypted xlsb file?
I used this code for open encrypted .xlsx files and it's work.
path_to_my_file = r'filename.xlsx'
passwd = 'pwd'
decrypted_workbook = io.BytesIO()
with open(path_to_my_file , 'rb') as file:
...
1
vote
0
answers
132
views
Undefined reference to mbedtls functions using Zephyr
I am building an application for a Nordic NRF5240 with Zephyr. In my security code I am attempting to derive a session key with the following function:
int derive_session_key(const uint8_t *...
- 4,159
2
votes
0
answers
110
views
PSA_ERROR_INSUFFICIENT_ENTROPY when trying to encrypt plaintext
I am developing an application which uses Zephyr. I am trying to encrypt plaintext into ciphertext using AES-CCM encryption with my function as below. No matter what, psa_crypto_init() fails with ...
- 4,159
0
votes
0
answers
137
views
How to create token using A128CBC_HS256 encryption in c#
I am trying to encrypt a string using jose-jwt library with JweEncryption.A128CBC_HS256
It encrypted the string but failed in decode.
My code:
using Jose;
using System.Text;
public class MyProgram {
...
2
votes
1
answer
126
views
Difference in behavior between AesManaged and Aes.Create()
I'm porting an app from .NET framework to .NET and have notice some difference in behavior after the conversion.
Inside a library that I use (not written by me) this piece of code will behave ...
- 4,596
0
votes
0
answers
49
views
How to do KDF sapling and Ka Agreements by zcash in a Wasm compatible manner?
I am having a lot of confusion because ZCASH has so many crates and libraries, and I am unsure which to use because I am thinking of making a new but wasm compatible crate that I can build and use in ...
- 337
0
votes
0
answers
123
views
Trying and failing to encrypt CSV with polars_encryption
When I try to run the below function:
import polars as pl
from polars_encryption import encrypt, decrypt
def crypt(csv_file: str, delim: str, password: str, output_file: str):
"""
...
- 116
1
vote
1
answer
135
views
XOR encryption/decryption of Mirai
I am doing a case study on Mirai, and I am stuck on the XOR encryption/decryption. From the source code, I copied the toggle_obf function and I tried several ways to reverse the "\x22\x35" ...
- 13
0
votes
0
answers
92
views
Cybersource microform upgrade from V0.4 to V2 -Validation of the Context key with the public key is getting failed
Here is the class that am using ,based on the flow that I have ,the validation always fails and return false in the line boolean isValid = signature.verify(signatureBytes);
LOG.info("Signature ...
- 381
2
votes
1
answer
273
views
Error while decrypting in Java for an encrypted string generated in C# using ECIES algorithm
We have a target Java codebase responsible for decrypting an incoming payload. The payload is being encrypted within a .NET Core isolated Azure Function before being sent to the endpoint where the ...
- 29
1
vote
0
answers
111
views
Microsoft Graph API Payload Decryption
I am trying to create a custom workforce integration with the Shifts app within Microsoft Teams, which uses Microsoft Graph API.
https://learn.microsoft.com/en-us/microsoft-365/frontline/shifts-custom-...
- 11
1
vote
2
answers
167
views
How to Enable Flash Encryption After Secure Boot V2 is Enabled? [closed]
I’ve successfully enabled Secure Boot V2 on my ESP32 device using ESP-IDF, and everything is working fine. Now, I want to enable Flash Encryption as the next step in securing my firmware.
I’m ...
- 81
1
vote
1
answer
82
views
new release of out of date android app: private key was not properly encrypted
I am trying to put up a new release of a game on android that was removed from google play, basically for being grossly out of date - only supported very old android versions.
So now I've updated it ...
- 165
0
votes
1
answer
200
views
Issue with SQL Azure Secure Enclave: LIKE Clause Failing with Error
I am using Microsoft SQL Azure (RTM) - 12.0.2000.8, where I configured the secure enclave with VBS where I am using keyvalut for creating column master key. All the operators are working fine except ...
-1
votes
1
answer
193
views
Rfc2898DeriveBytes function causes system operation not supported error
I'm attempting to hash passwords in VB.net, but I am having trouble. Originally, I was using sha512 in the system cryptography libraries but after some reading I found it was recommended to do key ...
0
votes
0
answers
129
views
AES + RSA OTA updater
I am doing an OTA updater for an ESP32. I am using AWS Lambda to encrypt a presigned URL that is being generated for a certain element from an S3 bucket. I am first doing an AES encryption, and then ...
- 11
1
vote
0
answers
102
views
Problems reading my own cookie in other parts of my Laravel app
I have a simple form where users come to report who they helped, and how. It is anonymous in the fact that they do not have to login in, but they are asked to provide their name. They will make many ...
- 1,821
0
votes
0
answers
93
views
Open DB browser For SQLCipher by command line
We use SQLite and, more recently, the encrypted version with SQLCipher.
It works well with our software, but I'm having a small problem using DB Browser for SQLCipher. This software works well, but it ...
- 1
1
vote
1
answer
186
views
Why is my salted SHA-512 hashing code not matching Excel's?
I am attempting to replicate the hashing the Excel does when a sheet is password-protected in Python, but am not matching even when testing on dummy inputs. From the xml file, I am seeing this:
...
- 13
0
votes
0
answers
87
views
RSA with nodejs and flutter Error during decryption (probably incorrect key). Original error: Error: error:02000079:rsa routines::oaep decoding error
I am experimenting with developing rsa with flutter and nodejs. public.pem and private.pem are same for both. Both the code are working fine when run in same language. but when transmitting data over ...
0
votes
0
answers
84
views
sFTP connection failure
I wrote this php script to fetch a file with sftp:
if (!is_writable(sys_get_temp_dir())) {
mylogger("Can't write to temporary directory");
return false;
}
if ( (!...
- 1,500
0
votes
1
answer
259
views
How would I decrypt a base64 string using a symmetric key with an Initializator Vector?
I'm doing a CTF and the task is to decrypt a base64 string with a symmetric key and an IV. However, I always get an error saying ValueError: Incorrect IV length (it must be 16 bytes long).
The ...
