|
|
|
|
|
|
by candiddevmike
609 days ago
|
|
|
FWIW sha256 isn't broken, it's just you need to be careful when you're using it to generate HMAC. This follows what other comments are saying where you shouldn't use crypto primitives directly and use abstractions that take care of the rough edges. |
|
|
(Note that I disagree that "HMAC-SHA256" qualifies as an abstraction. It's just more character soup)