-
### Context
Lix becomes more valuable for auditing & security related use cases if the change graph is cryptographically sound.
### Proposal
Invest 1 day to figure out:
1. How could we implement…
-
### Context
As part of SSDLC - Cryptographic documenation epic, we need to provide documentation for it in CKF docs
### What needs to get done
Write and publish documentation
Get approval from Sec…
-
## FIPS Validated Cryptographic Modules and FedRAMP Compliance
### Problem
As FusionAuth does not use FIPS validated cryptographic modules, the software is not compliant with the requirements for …
-
https://security.snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303
-
This issue outlines gaps in testing of various cryptographic capabilities. Tasks _may_ have partial test coverage today (linked if true). If sufficient test coverage already exists, please close the t…
-
**Description of the false positive**
This flags every single use of MD5 as a cryptography problem.
MD5 exists for a reason an it's entirely inappropriate to flag any and every usage of it as a cr…
-
### Description:
In the "DeDRM_tools/DeDRM_plugin/adobekey.py", "DeDRM_tools/DeDRM_plugin/androidkindlekey.py", "DeDRM_tools/DeDRM_plugin/ignobleepub.py" and "DeDRM_tools/DeDRM_plugin/ignoblepdf.py…
-
**Motivation**
It appears @require does not require or allow any sort of cryptographic verification of any external scripts or even a simple integrity check, akin to Subresource Integrity.
**Pro…
-
(see my PR against NIP-39)
- grab already provided signature hashes
- give instructions in terminal to provide
- signed message
- `keytool -importkeystore -srckeystore example.keys…
-
### Is there an existing issue?
- [X] I have searched the existing issues
### Motivation
`Felt` is not zeroized on drop which might leak sensitive information into RAM, notably private keys u…