Encrytion Decryption Toolkit

Available ActionsEach successful request consumes credits as outlined below.

generate^5crhash^5crhmac^5crsign^5crencrypt^5crdecrypt^5cr

Details

This function supports six core actions: generate for creating secure random values in ASCII, BASE64, HEX, or UUID formats with configurable lengths from 4 to 256 characters; hash for computing cryptographic digests using MD5, SHA256, SHA384, SHA512, and SHA3 family algorithms; hmac for generating keyed-hash message authentication codes with a secret key; sign for creating digital signatures using RSA (RS256, RS512) or ECDSA (ES256, ES384, ES512) algorithms with PEM-encoded private keys; and encrypt/decrypt for AES-256-GCM authenticated encryption with support for initialization vectors and optional additional authenticated data. Users can provide input as plain text or base64-encoded binary data, and all cryptographic outputs can be encoded in either hexadecimal or base64 format for flexibility across different system integrations. The toolkit handles the underlying cryptographic complexity while exposing a straightforward interface, making it ideal for agent workflows that require secure token generation, data integrity verification, or sensitive information protection.

Use Cases

Generating secure API keys or access tokens for authentication systems, creating unique UUIDs for database record identifiers, computing file checksums to verify data integrity during transfers, validating webhook payloads by computing and comparing HMAC signatures, signing JWT tokens for stateless authentication in API workflows, encrypting sensitive configuration values or credentials before storage, decrypting stored secrets at runtime for secure credential injection, generating session tokens or one-time codes for user verification flows, creating content hashes for deduplication or caching key generation, signing API requests to third-party services that require cryptographic authentication

Connect Your Agent In 5 Min

Watch the setup guide for your platform

Or Install Locally

STDIO connector for Claude Code, Codex, Cursor, Zed, and other LLMs that require STDIO or custom connections. This lightweight connector routes requests to https://api.agentpmt.com/mcp. All tool execution happens in the cloud and the server cannot edit any files on your computer.

npm install -g @agentpmt/mcp-routeragentpmt-setup

curl -X POST "https://api.agentpmt.com/products/purchase" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer ********" \
  -d '{
    "product_id": "695c374f767df5adfd9bc871",
    "parameters": {
      "action": "generate",
      "property_name": "example_property_name",
      "generation_type": "ASCII",
      "length": 32
    }
  }'

import requests
import json

url = "https://api.agentpmt.com/products/purchase"

headers = {
    "Content-Type": "application/json",
    "Authorization": "Bearer ********"
}

data = {
    "product_id": "695c374f767df5adfd9bc871",
    "parameters": {
        "action": "generate",
        "property_name": "example_property_name",
        "generation_type": "ASCII",
        "length": 32
    }
}

response = requests.post(url, headers=headers, json=data)
print(response.status_code)
print(response.json())

const url = "https://api.agentpmt.com/products/purchase";

const headers = {
  "Content-Type": "application/json",
  "Authorization": "Bearer ********"
};

const data = {
  product_id: "695c374f767df5adfd9bc871",
  parameters: {
    "action": "generate",
    "property_name": "example_property_name",
    "generation_type": "ASCII",
    "length": 32
  }
};

fetch(url, {
  method: "POST",
  headers,
  body: JSON.stringify(data)
})
  .then(response => response.json())
  .then(data => console.log(data))
  .catch(error => console.error("Error:", error));

const axios = require('axios');

const url = "https://api.agentpmt.com/products/purchase";

const headers = {
  "Content-Type": "application/json",
  "Authorization": "Bearer ********"
};

const data = {
  product_id: "695c374f767df5adfd9bc871",
  parameters: {
    "action": "generate",
    "property_name": "example_property_name",
    "generation_type": "ASCII",
    "length": 32
  }
};

axios.post(url, data, { headers })
  .then(response => {
    console.log(response.status);
    console.log(response.data);
  })
  .catch(error => {
    console.error("Error:", error.message);
  });

Login to view your API and budget keys. The example above uses placeholder values. Sign in to see personalized code with your bearer token.

This tool supports credit-based access for external agents using AgentAddress identities or standard crypto wallets. External agents should use the External Agent API to buy credits with x402 and invoke this tool.

1. Buy Credits

Purchase credits via x402 payment (500 credit minimum, 100 credits = $1).

# Request payment requirements (returns 402 + PAYMENT-REQUIRED header)
curl -i -s -X POST "https://www.agentpmt.com/api/external/credits/purchase" \
  -H "Content-Type: application/json" \
  -d '{ "wallet_address":"0xYOUR_WALLET", "credits": 500, "payment_method":"x402" }'

# Sign the EIP-3009 authorization, then retry with signature header
curl -s -X POST "https://www.agentpmt.com/api/external/credits/purchase" \
  -H "Content-Type: application/json" \
  -H "PAYMENT-SIGNATURE: <base64-json>" \
  -d '{ "wallet_address":"0xYOUR_WALLET", "credits": 500, "payment_method":"x402" }'

2. Create a Session Nonce (nonce used in signed balance/invoke)

curl -s -X POST "https://www.agentpmt.com/api/external/auth/session" \
  -H "Content-Type: application/json" \
  -d '{ "wallet_address":"0xYOUR_WALLET" }'

3. Invoke This Tool

Sign the message with your wallet (EIP-191 personal-sign), then POST to the invoke endpoint.

# Sign this message (wallet MUST be lowercased):
# agentpmt-external
# wallet:0xyourwallet...
# session:<session_nonce>
# request:<request_id>
# action:invoke
# product:695c374f767df5adfd9bc871
# payload:<sha256(canonical_json(parameters))>

curl -s -X POST "https://www.agentpmt.com/api/external/tools/695c374f767df5adfd9bc871/invoke" \
  -H "Content-Type: application/json" \
  -d '{
    "wallet_address": "0xYOUR_WALLET",
    "session_nonce": "<session_nonce>",
    "request_id": "invoke-uuid",
    "signature": "0x<signature>",
    "parameters": {
      "action": "your_action",
      "your_param": "value"
    }
  }'

Actions(6)

generate^5cr3 params(2 required)

Generate a cryptographically secure random value in ASCII, BASE64, HEX, or UUID format.

property_namerequiredstring

Name of the property to write the output to.

generation_typerequiredstring

Type of value to generate: ASCII, BASE64, HEX, or UUID.

Values:

ASCIIBASE64HEXUUID

lengthinteger

Length of the generated value (ignored for UUID). Default: 32.

Default: 32

Range: 4 - 256

hash^5cr7 params(1 required)

Compute a cryptographic hash of text or binary data using MD5, SHA, or SHA3 algorithms.

hash_algorithmrequiredstring

Hash algorithm to use.

Values:

MD5SHA256SHA384SHA512SHA3-256SHA3-384SHA3-512

valuestring

Plain text input to hash. Required unless binary_file is true.

property_namestring

Output property name. Defaults to hash_result.

encodingstring

Output encoding format.

Values:

hexbase64

Default: hex

binary_fileboolean

Set to true to hash binary data from binary_value_base64 instead of text.

Default: false

binary_value_base64string

Base64-encoded binary data to hash. Required when binary_file is true.

binary_property_namestring

Metadata label for the binary input.

hmac^5cr7 params(2 required)

Compute a keyed-hash message authentication code (HMAC) using a secret key.

hash_algorithmrequiredstring

Hash algorithm to use for HMAC.

Values:

MD5SHA256SHA384SHA512SHA3-256SHA3-384SHA3-512

secretrequiredstring

Secret key for HMAC computation.

valuestring

Plain text input. Required unless binary_file is true.

property_namestring

Output property name. Defaults to hmac_result.

encodingstring

Output encoding format.

Values:

hexbase64

Default: hex

binary_fileboolean

Set to true to use binary data from binary_value_base64.

Default: false

binary_value_base64string

Base64-encoded binary data. Required when binary_file is true.

sign^5cr5 params(3 required)

Create a digital signature using RSA or ECDSA with a PEM-encoded private key.

valuerequiredstring

The text data to sign.

algorithmrequiredstring

Signing algorithm to use.

Values:

RS256RS512ES256ES384ES512

private_keyrequiredstring

PEM-encoded private key for signing.

property_namestring

Output property name. Defaults to signature.

encodingstring

Output encoding format.

Values:

hexbase64

Default: hex

encrypt^5cr5 params(3 required)

Encrypt plaintext using AES-256-GCM authenticated encryption.

valuerequiredstring

Plaintext to encrypt.

keyrequiredstring

32-byte AES encryption key, encoded as hex or base64.

ivrequiredstring

12-byte initialization vector/nonce, encoded as hex or base64.

encodingstring

Encoding for key, iv, and output ciphertext.

Values:

hexbase64

Default: hex

aadstring

Additional authenticated data (verified during decryption but not encrypted).

decrypt^5cr5 params(3 required)

Decrypt AES-256-GCM ciphertext back to plaintext.

valuerequiredstring

Ciphertext to decrypt (hex or base64 encoded).

keyrequiredstring

32-byte AES encryption key (same encoding used during encryption).

ivrequiredstring

12-byte initialization vector/nonce (same value used during encryption).

encodingstring

Encoding for key, iv, and ciphertext.

Values:

hexbase64

Default: hex

aadstring

Additional authenticated data (must match what was used during encryption).

Usage Instructions

Usage guidance provided directly by the developer for this product.

Encryption Decryption Toolkit

Name: Encrytion Decryption Toolkit
Brand: Apoth3osis
SKU: 695c374f767df5adfd9bc871
Price: 0.05 USD
Availability: InStock

Cryptographic utility for generating random values, hashing data, computing HMACs, creating digital signatures, and performing AES-256-GCM encryption/decryption.

Actions

generate

Generate a cryptographically secure random value.

Required fields:

generation_type (string) — Type of value to generate: ASCII, BASE64, HEX, or UUID
property_name (string) — Name for the output property containing the generated value

Optional fields:

length (integer, 4-256, default 32) — Length of the generated value (ignored for UUID)

Example — Generate a hex API key:

{
  "action": "generate",
  "property_name": "api_key",
  "generation_type": "HEX",
  "length": 64
}

Example — Generate a UUID:

{
  "action": "generate",
  "property_name": "session_id",
  "generation_type": "UUID"
}

Example — Generate a base64 token:

{
  "action": "generate",
  "property_name": "refresh_token",
  "generation_type": "BASE64",
  "length": 48
}

hash

Compute a cryptographic hash of text or binary data.

Required fields:

hash_algorithm (string) — Hash algorithm: MD5, SHA256, SHA384, SHA512, SHA3-256, SHA3-384, or SHA3-512
value (string) — Text to hash (required unless binary_file is true)

Optional fields:

property_name (string) — Output property name (defaults to hash_result)
encoding (string) — Output encoding: hex (default) or base64
binary_file (boolean, default false) — Set to true to hash binary data instead of text
binary_value_base64 (string) — Base64-encoded binary data (required when binary_file is true)
binary_property_name (string) — Metadata label for the binary input

Example — SHA-256 hash of text:

{
  "action": "hash",
  "hash_algorithm": "SHA256",
  "value": "hello world"
}

Example — Hash binary data with base64 output:

{
  "action": "hash",
  "hash_algorithm": "SHA512",
  "binary_file": true,
  "binary_value_base64": "SGVsbG8gV29ybGQ=",
  "encoding": "base64"
}

Example — MD5 hash with custom property name:

{
  "action": "hash",
  "hash_algorithm": "MD5",
  "value": "check this content",
  "property_name": "content_checksum"
}

hmac

Compute a keyed-hash message authentication code.

Required fields:

hash_algorithm (string) — Hash algorithm: MD5, SHA256, SHA384, SHA512, SHA3-256, SHA3-384, or SHA3-512
secret (string) — The secret key for HMAC computation
value (string) — Text to authenticate (required unless binary_file is true)

Optional fields:

property_name (string) — Output property name (defaults to hmac_result)
encoding (string) — Output encoding: hex (default) or base64
binary_file (boolean, default false) — Set to true to use binary data as input
binary_value_base64 (string) — Base64-encoded binary data (required when binary_file is true)

Example — HMAC-SHA256:

{
  "action": "hmac",
  "hash_algorithm": "SHA256",
  "value": "message to authenticate",
  "secret": "my-secret-key"
}

Example — HMAC-SHA512 with base64 output:

{
  "action": "hmac",
  "hash_algorithm": "SHA512",
  "value": "webhook payload content",
  "secret": "webhook-signing-secret",
  "encoding": "base64"
}

sign

Create a digital signature using a private key.

Required fields:

value (string) — The text to sign
algorithm (string) — Signing algorithm: RS256, RS512 (RSA), or ES256, ES384, ES512 (ECDSA)
private_key (string) — PEM-encoded private key

Optional fields:

property_name (string) — Output property name (defaults to signature)
encoding (string) — Output encoding: hex (default) or base64

Example — RSA SHA-256 signature:

{
  "action": "sign",
  "value": "data to sign",
  "algorithm": "RS256",
  "private_key": "-----BEGIN RSA PRIVATE KEY-----\n...\n-----END RSA PRIVATE KEY-----",
  "encoding": "base64"
}

Example — ECDSA signature:

{
  "action": "sign",
  "value": "data to sign",
  "algorithm": "ES256",
  "private_key": "-----BEGIN EC PRIVATE KEY-----\n...\n-----END EC PRIVATE KEY-----"
}

encrypt

Encrypt plaintext using AES-256-GCM authenticated encryption.

Required fields:

value (string) — Plaintext to encrypt
key (string) — 32-byte AES key, encoded as hex or base64
iv (string) — 12-byte nonce/initialization vector, encoded as hex or base64

Optional fields:

encoding (string) — Encoding for key, iv, and output: hex (default) or base64
aad (string) — Additional authenticated data (verified during decryption but not encrypted)

Example — Encrypt with hex-encoded key and IV:

{
  "action": "encrypt",
  "value": "secret message",
  "key": "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
  "iv": "0123456789abcdef01234567"
}

Example — Encrypt with AAD:

{
  "action": "encrypt",
  "value": "confidential data",
  "key": "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
  "iv": "0123456789abcdef01234567",
  "aad": "user-id:12345"
}

decrypt

Decrypt AES-256-GCM ciphertext back to plaintext.

Required fields:

value (string) — Ciphertext to decrypt (hex or base64 encoded)
key (string) — 32-byte AES key (same encoding used during encryption)
iv (string) — 12-byte nonce (same value used during encryption)

Optional fields:

encoding (string) — Encoding for key, iv, and ciphertext: hex (default) or base64
aad (string) — Additional authenticated data (must match what was used during encryption)

Example — Decrypt hex-encoded ciphertext:

{
  "action": "decrypt",
  "value": "a1b2c3d4e5f6...",
  "key": "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
  "iv": "0123456789abcdef01234567"
}

Common Workflows

Generate a key, encrypt, then decrypt

Use generate with generation_type: "HEX" and length: 64 to create a 32-byte key
Use generate with generation_type: "HEX" and length: 24 to create a 12-byte IV
Use encrypt with the generated key, IV, and your plaintext
Use decrypt with the same key, IV, and the returned ciphertext

Verify data integrity with HMAC

Sender computes hmac on the message with a shared secret
Receiver computes hmac on the received message with the same secret
Compare the two HMAC values — if they match, the message is authentic and unaltered

Hash a file for checksums

Base64-encode the file contents
Use hash with binary_file: true and binary_value_base64 set to the encoded content

Important Notes

Encoding consistency: The encoding parameter applies to both input decoding (key, iv, ciphertext) and output encoding. Use the same encoding for encrypt and decrypt operations.
Key sizes: AES-256-GCM requires exactly a 32-byte key (64 hex characters or 44 base64 characters).
IV/nonce: Must be 12 bytes (24 hex characters). Never reuse an IV with the same key.
Hash algorithms: SHA384 is supported directly (legacy SHA385 alias also accepted internally).
UUID generation: The length parameter is ignored when generation_type is UUID; standard UUIDs are always returned.
property_name: Controls the key name in the response JSON where the result appears. Useful for chaining outputs in workflows.

About The Developer

Apoth3osis

★15 stars

Joined Agent Payment: August 14, 2025

We build tools that enable AI agents to excel in the mathematical realm.

Our small team develops experimental and unique solutions in the AI arena, with a strong focus on modular computing for agentic applications and custom model deployment. We have handled projects for a variety of applications across many sectors, from algorithmic trading and financial analysis, to molecular simulations and predictions, to habitat and biodiversity monitoring and wildlife conservation.

Encrytion Decryption Toolkit

Description