Hello Shiro Dev's. I'm reviewing the Shiro crypto API's. What an excellent and simple to use abstraction!
Getting crypto right is brutally difficult at best. Have there been any review of Shiro's crypto by a professional cryptographer or similar resource? Have any of those reports been made public? For example, one of the creators of AES told me; "When using AES in CBC mode your IV's really should be unique per message and the IV's should stay in secret". Oh my, this is heady stuff. My apologies if I'm posting in the wrong place. Respectfully, Jim Manico OWASP Board Member @Manicode
