Welcome to pkitools.net/

Telegram: https://t.me/+dv3KLXmkmjM3MDdl

GitHub: https://github.com/hn63wospuvy/pkitools

Contact: via Email

Warning: should not use any secret material from this site in your production. If so, use at your own risk

Functions and services

Cryptographic Primitive
Encoding

Support common encoding types such as UTF-8, Hex, Decimal, Base32, Base64, Base45, Base58, QR, Byte Array (programming friendly) and many more.

Hashing

Support various hashing algorithms family such as SHA1, SHA2, SHA3, MD, RIPEMD, Blake, Keccak, Shabal, Tiger, KangarooTwelve, SM3, GOST, Whirlpool, FSB, Streebog, Grøstl ...

Symmetric Encryption

Allow to adjust the parameters of symmetric encryption algorithms (Key, IV/Nonce, Padding, Addition Data (AEAD)), support a variety of algorithms both block cipher and stream cipher according to Internet standards such as AES, ChaCha, Salsa, DES, 3DES, RC2, RC4, CAST5, GOST 28147-89 (Kuznyechik, Magma), SM4, Serpent, IDEA, ... and modes like CBC, CTR, OFB, CFB, GCM , SIV, GCM-SIV, CCM...
Allow to adjust encoding algorithm for input and output.
Support obtaining the secret key from KDF with the corresponding configuration, and from Keystore file and . Some KDF algorithms: PBKDF2, HKDF, Scrypt, Argon2.

Asymmetric Encryption

Support creating keypair, obtaining the key pair from various formats, and Keystore file.
Encryption scheme currently supported: RSAES-PKCS1-v1.5, RSAES-OEAP, RSA Naked (RFC 3447 compliance).

Signature

Support creating keypair, obtaining the key pair from various formats, and Keystore file.
Signature scheme currently supported: RSASSA-PKCS1-v1.5, RSASSA-PSS, ECDSA, EdDSA (Ed25519 and Ed448).

MAC

Support MAC algorithms such as HMAC, AES-CMAC, KMAC, Poly1305.

Advance

Experience Paring-based cryptography algorithms (BLS Signature, some ABE schemes) and Post-Quantum cryptography algorithms (Planned).

Certificate Tools and Services
CA Simulator

Generate X509 certificates with the most detailed configuration possible, support a variety of extensions, certificate templates like TLS/SS , Code Signing, TSA certificate...
Allow copying of certificate attributes from an existing or custom certificate.
Provide corresponding free OCSP, CRL services and certificate revocation.

Certificate Reader

Obtain and analyses X509 certificates from file or URL with formats like DER, SPC, PkiPath, PKCS#7..., convert to other format, assemble to chain
Verify certificate chain, checks revocation.

Clone certificate chain

Create new certificate chain based on another, include key pair.

CSR Reader

Extract CSR data and export public key.

OCSP Helper

Generate OCSP query with the most detailed configuration possible, excutes OCSP query, analys OCSP response.

CRL Reader

Extract CRL data, support verifying CRL with public key or certificate.

CRL Generator

Generate CRL file with the most detailed configuration possible.

ASN.1 Reader

Extract general ASN.1 encoded data, converts to XML and JSON format.

Key Tools
Keystore Generator

Generate Keystore file from scratch, support various keystore formats.

Keystore Reader

Extract private key and certificates from Keystore file, convert to other format.

Key Pair Analyzer

Read, analyze, key pair, convert to other format. Support private key encryption/decryption.
Currently supported format: PKCS8, JWK, MsPVK, OpenSSH, OpenPGP, OpenSSL.

Timestamp Tools and Services
TSA Generator

Create and configure your own TSA service with the most detailed configuration possible.

Timestamp Query Generator

Create and configure timestamp query.

Timestamp Query Reader

Parse and execute timestamp query.

Timestamp Response Reader

Parse and verify timestamp response.

Document Signing
XML Signing

Sign XML document. Currently supported scheme: XMLDSig, XAdES.

CMS Signing

Sign CMS document. Currently supported scheme: CMS (RFC 5652 compliance), CAdES.

PDF Signing

Sign PDF document. Currently supported scheme: PDF ISO 32000, PAdES.

Office Signing

Sign Office document. Currently supported format: Docx, Xlsx, Pptx.

JSON Signing

Sign JSON document. Currently supported scheme: JWS, JCT, JAdES.

CBOR Signing

Sign CBOR document. Currently supported scheme: COSE (RFC 8152 compliance).

Microsoft Authenticode Signing

Sign Microsoft file. Currently supported format: PE (.exe, .dll, .sys, ...), MSI, PowerShell, VB, Windows script.

JAR Signing

Sign JAR file.

Document Validator
XML Validator

Verify and retrieve original XML document.

CMS Validator

Verify and retrieve original CMS document.

PDF Validator

Verify and retrieve original PDF document.

Office Validator

Verify and retrieve original Office document.

JSON Validator

Verify and retrieve original JSON document.

CBOR Validator

Verify and retrieve original CBOR document.

Microsoft Authenticode Validator

Verify and retrieve original Microsoft authenticode file.

JAR Validator

Verify and retrieve original JAR file.

Document Encryption
XML Encryption

Encrypt and decrypt XML file.

CMS Encryption

Encrypt and decrypt as CMS format.

JSON Encryption

Encrypt and decrypt data as JSON format.

PDF Encryption

Encrypt and decrypt PDF file.

Office Encryption

Encrypt and decrypt OOXML file.

CBOR Encryption

Encrypt and decrypt data as CBOR format.

Miscellaneous
TweetNaCl

Experience some high level APIs of TweetNaCl library.

Sodium

Experience some high level APIs of Sodium library.

OpenPGP

Experience some high level APIs of OpenPGP library.