-
These unusual combinations of P-256 + {SHA-384, SHA-512} and P-384 + SHA-256 are supported in some crypto libraries, for backward compatibility with some TLS implementations. However, there are no tes…
-
After the unsecure and obsolete DIGEST-MD5, can you add supports of :
- SCRAM-SHA-1
- SCRAM-SHA-1-PLUS
- SCRAM-SHA-224
- SCRAM-SHA-224-PLUS
- SCRAM-SHA-256
- SCRAM-SHA-256-PLUS
- SCRAM-SHA-384
…
-
`HashBuilder` isn’t actually taking into account the provider defined in `DigestType`
- Changing the provider in `DigestType` to Bouncy Castle has no effect - Sun is always used, since it’s the pre…
-
Hi,
When logging with an Inrupt.com account (a.k.a Pod Spaces, https://signup.pod.inrupt.com/) on several apps, I find the following error in the console: `normalizedAlgorithm.importKey is not a fu…
-
127.0.0.1/:132 The `integrity` attribute is currently ignored for preload destinations that do not support subresource integrity. See https://crbug.com/981419 for more information
127.0.0.1/:1 Fail…
-
Spotted this during a routine penetration testing exercise
This class: `com/pubnub/api/vendor/Crypto.java`
**Potential Issues**
1. Configuration is vulnerable to padding oracle attacks : Enc…
-
-
**Describe the bug**
Since the new version 9.1, RFC 5709 OSPFv2 HMAC-SHA Cryptographic Authentication can be used - https://github.com/FRRouting/frr/pull/14398. It works well, but in the standard r…
-
because the export was declared using "="
I just had to change
```ts
// index.d.ts
interface TotpOptions {
period?: number | undefined;
/**
* The desired SHA variant (SHA-…
-
Other tools and expert sources include the AES CBC cipher combinations as weak. That includes Qualys SSL test labs (https://www.ssllabs.com/) Tenable Nessus and CIS benchmarks. However using sslsca…
rdurk updated
2 years ago