Questions tagged [cryptoapi]

The Cryptographic Application Programming Interface is an application programming interface included with Microsoft Windows operating systems that provides services to enable developers to secure Windows-based applications using cryptography.

CryptoAPI supports both public-key and symmetric key cryptography, though persistent symmetric keys are not supported. It includes functionality for encrypting and decrypting data and for authentication using digital certificates. It also includes a cryptographically secure pseudorandom number generator function CryptGenRandom.

Please note

Programming questions are off-topic even if you are writing or debugging cryptographic code. Unless your question is specifically about how the cryptographic algorithm or protocol works, you should look into asking on Stack Overflow instead.

11 questions

votes

1 answer

HMAC-SHA256 vs HMAC-SHA512 for JWT API authentication

Which algorithm is recommended to use when encoding / decoding JWT web application tokens? Is using HMAC-SHA256 enough or would using HMAC-SHA512 provide more security? And on 64bit machines, is it true that HMAC-SHA512 is faster than HMAC-SHA256?

asked Dec 09 '17 at 17:12

W.M.

votes

1 answer

How to decrypt file on one machine which is encrypted on other machine?

I have a doubt related to CryptExportKey and CryptImportKey. I will try my best to define my problem by explaining the scenario that I want to implement. I have two machines. On First machine, I create a Key-pair using CryptGenKey with…

encryption rsa public-key key-exchange cryptoapi

asked Mar 03 '17 at 07:10

Sudhanshu Dubey

votes

2 answers

Can data be preprocessed when using EdDSA with a hash (SHA or SHAKE)?

According to this comment on a GitHub request for a streaming implementation for digests, ciphers and signature algorithms it is seemingly not possible to start hashing the data before the signature can be generated. Is it possible to preprocess…

implementation eddsa cryptoapi shake

asked Aug 20 '24 at 11:20

Maarten Bodewes

96,351
14
169
323

votes

1 answer

Digital signature with private key on exchange

I think I understand how asymmetric cryptography works. However I don't really understand why some exchanges use the signature generated by hashing the payload with the private key. From my understanding, if a public/private key pair is generated…

public-key signature cryptoapi

asked Jun 21 '23 at 16:00

Arkaik

votes

1 answer

What key exchange do OpenSSL and CryptoAPI prefer by default?

Here is what I know. When I connect to a brand-new Linux Web server with Chrome and click the "lock" icon, the key exchange algorithm is described as "ECDHE_RSA". (Yes I know what that is.) When I connect with Internet Explorer 8 on Windows 7, the…

key-exchange openssl cryptoapi

asked Sep 06 '13 at 16:16

Nemo

1,377
1
14
18

vote

1 answer

Can you derive a 128 bit AES encryption key using PBKDF2 with SHA-256

I got confused about key derivation functions. For my project, I need to derive a 128 bits AES encryption key in CTR mode. To do so, I'm using a PBKDF2 to derive this encryption key using an initial information like a password. PBKDF2 allows me to…

aes key-derivation pbkdf-2 cryptoapi

asked Jul 09 '19 at 13:54

Ahmet Eroğlu

vote

1 answer

Why is SubtleCrypto API generating different signature for same data?

I am trying to generate key pairs using SubtleCrypto API in javascript and then using the same to sign some data using ECDSA algorithm. Documentation for the same can be found at this link.…

cryptoapi

asked Jul 04 '18 at 13:07

Nikhil Yadav

vote

0 answers

Examples of Web Crypto API on IE11

I am trying to import RSA and AES-GCM keys in jwk format using Web Crypto API on Internet Explorer 11. Can anyone give me examples of how to do it? The reason why I am asking is according to this msdn page, the keyData parameter must be an…

cryptoapi

asked May 31 '17 at 23:25

Thanh Bui

vote

1 answer

Meaning of Signature hash algorithm field in certificate

I'd like to understand what is the meaning of this field, especially considering that when calling a crypto library to sign data the digest method is specified by the caller. For example, this simple C# code: RSACryptoServiceProvider rcsp =…

hash certificates cryptoapi

asked Apr 14 '15 at 00:15

Dandan

votes

1 answer

Which P-256 is in Web Crypto?

Web Crypto API allows creating ECC keys with some known curves: https://developer.mozilla.org/en-US/docs/Web/API/EcKeyGenParams Those are P-256, P-384, P-521. However as answered at this answer https://crypto.stackexchange.com/a/30273/99862 There…

elliptic-curves secp256k1 cryptoapi

asked Nov 15 '22 at 10:43

Dan D

-1

votes

1 answer

Need CryptDeriveKey AES implementation in C#

I am integrating with 3rd party software that uses AES 128 encryption. I know this is not ideal, but the choice of encryption is up to the 3rd party software. I am using C#. My problem is in deriving the key from the password. The third party has…

pbkdf cryptoapi

asked Feb 08 '16 at 20:43

spectacularbob