-
Develop the capability to write an HMAC-SHA256 signature -- which is a [keyed-hash message authentication code (HMAC)](https://en.wikipedia.org/wiki/HMAC) created using the [SHA-256](https://en.wikipe…
-
Friend recommends bcrypt (+ HMAC given #108), but it should make it easy to use and migrate existing (hopefully hashed) credentials from prior authentication regimes. Methods to support for verifying …
-
-
More and more sites seem to have quite long secrets e.g. JREEWT1JJRFTGNCKLF7UMVJVJBETEQ2CIJGD6NKGGRLU6RJWJ54A
With such a secret no OTP is displayed
Interestingly it works in the Nextcloud app…
-
### What version of Bun is running?
1.0.35+940448d6b
### What platform is your computer?
Linux 6.1.0-1029-oem x86_64 x86_64
### What steps can reproduce the bug?
```sh
$ bun init
```
In `index…
-
Durable Objects let me do this
```js
export class Worker {
constructor(state, env) {
// hell yea constructors
this.state = state
this.env = env
}
async fetch(req) {
re…
-
Feels a little slow.
- [ ] Need a performance target
- [ ] Using SHA-1 for HMAC instead of SHA-256 is probably an easy win.
- [X] ~~Does BF key size affect performance? I think it is just used to make…
-
Reference result for SHA hashes of the empty, zero-length string:
```
SHA-1: 0xda39a3ee5e6b4b0d3255bfef95601890afd80709
SHA-256: 0xe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8…
Fang- updated
5 years ago
-
### Problem Statement
This item is to track the removal of SHA-1 as a cryptographic signature (HMAC) option from SSH.NET. Nist formally deprecated SHA-1 in 2011 ([source](https://en.wikipedia.org/w…
-
I don't believe that the rankings should take points off for a site implementing SHA-1 HMAC as a collision attack isn't really applicable in that situation. Many secure sites, including banks, use SHA…