Tags
#php
#kotlin
#bash
#go
#sql
#rust
#typescript
#html
#java
#python
#files
#utils
#strings
#http
#concurrency
#async
#json
#arrays
#security
#types
#crypto
#database
#dates
#format
Bash
Generate UUID
Several portable ways to mint a v4 UUID from the shell — useful for request IDs, idempotency keys, temporary filenames.
@admin
Go
Crypto-Random Bytes + Hex/Base64
`crypto/rand` is the cryptographic CSPRNG. Use it for tokens, session IDs, API keys, password salts — anywhere `math/rand` would be a security bug.
Bash
Generate SSH Keypair Non-Interactively
ssh-keygen normally prompts. Pass -N "" for empty passphrase, -f for the path, -t ed25519 for modern key type. Idempotent — skip if a key already exists.
Go
SHA-256 Hash of File or String
`crypto/sha256` is the canonical hash. Use the streaming `Hash` interface for files — never load multi-GB content into memory just to hash it.
Bash
HMAC-SHA256 with openssl
Sign a payload with a shared secret for webhook verification (Stripe, GitHub, etc.). openssl reads the input from stdin or -in.
PHP
Encrypt / Decrypt with libsodium
Symmetric AEAD encryption using the libsodium "secretbox" (XSalsa20-Poly1305). Built into PHP since 7.2 — no extension needed. Returns base64 ciphertext with the nonce prepended.
PHP
Generate Secure API Key
Mint an API key with a recognizable prefix ("sk_live_…") and 32 bytes of crypto-random entropy encoded as URL-safe base64. Stripe-style readable IDs.
Python
Password Hashing with hashlib.scrypt
Hash a password with the stdlib scrypt (memory-hard, slow by design — resistant to GPU/ASIC attacks). Stores salt + parameters inline so verification doesn't need a separate config.
Bash
Hash File (SHA-256)
Compute and verify file checksums for downloads, backups, and integrity audits. sha256sum on Linux; shasum -a 256 on macOS.
Bash
Encrypt / Decrypt File with openssl
Symmetric AES-256-GCM encryption of arbitrary files. Use PBKDF2 + a password (good for backups) or pass an explicit key.
PHP
Random Readable Token
Generate a short, human-readable random token using an alphabet that omits look-alike characters (0/O, 1/l/I). Useful for invite codes, short-lived signin tokens, password reset codes — anything a human might type.
TypeScript
Crypto-Strong Random Password
Generate a strong random password in browser or modern Node. Uses crypto.getRandomValues with rejection sampling for an unbiased distribution.
PHP
Build & Sign a JWT (HS256)
Generate a JWT manually using only base64-url and hash_hmac — no library required. Demonstrates header/payload/signature concatenation and the exp claim.
Python
Generate Strong Random Password
Build a password using the `secrets` module (CSPRNG) with rejection sampling for unbiased distribution. Use this — NOT random.choice, which is seeded predictably.
PHP
Verify a JWT (HS256)
Pair to jwtSign: verify the signature, check the exp claim, and return the decoded payload — or null on any failure. Uses hash_equals for constant-time signature comparison.
Python
AES-GCM Encrypt / Decrypt (cryptography)
Authenticated symmetric encryption using AES-256-GCM from the `cryptography` package. Stores nonce + ciphertext + tag together as base64 so storage is a single column.
PHP
TOTP Code Generate + Verify
Generate and verify a 6-digit time-based one-time password (RFC 6238) compatible with Google Authenticator / Authy. Uses a base32-encoded secret and 30-second time steps.