Issue
Sign In
StepCodex FeaturedStepCodex Reviews
Notion Docs

Convert pixels and REM units. Free online tool, no login, no sign-up.

LocalPersonal data security

Loading Tool Engine

Usage Guide & Tech FAQ

Usage Guide

  1. Paste the plaintext/ciphertext or keys.
  2. Choose algorithm/options (e.g., encoding).
  3. Click generate/verify and copy the result.
  4. Confirm casing, padding and encoding match the expectation.
  5. For symmetric crypto, confirm mode (CBC/GCM) and how IV/nonce is stored/transmitted.
  6. For RSA/EC, distinguish PKCS#1 v1.5 vs PSS/OAEP padding choices.
  7. For password storage, prefer dedicated KDFs (bcrypt/Argon2)—not raw SHA-256 alone.
  8. Compare hashes in a constant-time manner in production code to reduce timing leaks.
  9. Never share private keys or seeds via chat; clear inputs after use.
  10. For audits, log algorithm/parameters versions so results can be recomputed later.
  11. Read the title and description first to confirm this utility matches your task (avoid using the wrong tool and misinterpreting output).
  12. Paste or type input in the editor; if a sample/template is provided, load it first to learn the expected output shape.

Related Tech Knowledge

  • Crypto operations run locally in your browser.
  • Encoding differences (base64/hex/utf-8) produce different outputs.
  • MAC/signature needs the correct key and message order.
  • Large inputs increase computation time and browser load.
  • WebCrypto availability and algorithms vary by browser—test targets explicitly.
  • Use `crypto.getRandomValues` for key material—never `Math.random`.
  • Pure JS is weak against some timing attacks; use native/HSM for high-threat scenarios.
  • JWT servers must validate `alg` and keys to prevent `none`/algorithm confusion attacks.
  • This page is for dev/debug—not a formally verified cryptographic module.
  • Malicious extensions can exfiltrate clipboard/page input—use private windows when needed.
  • Core parsing and computation run in your browser; by default your raw business payload is not persisted to this site’s servers (see on-page privacy notes).
  • The pipeline is typically: read input → parse (lexical/syntactic/structured) → transform → render; failures aim to be diagnosable.