-
## Summary
RSA (Rivest-Shamir-Adleman) remains one of the most widely recognized and utilized asymmetric cryptographic algorithms, despite the emergence of more advanced schemes like ECDSA, EdDSA, …
-
Fulcio's API specifies that [RSA-PSS](https://github.com/sigstore/fulcio/blob/main/fulcio.proto#L210) is a supported algorithm. However, the `algorithm` field in the API is not used when parsing the p…
-
**Describe the bug**
* If service provider is missing permission for signing (Key Vault Crypto User role) but have permission to read certificate (Key Vault Certificate User role) signing finishes suc…
-
RSA_Sign() expects a buffer containing the data to sign. It isn't clear this is the message digest and not the message itself. Inputting the message and not the message digest could cause information …
-
Dear Philip, IsoApplet Team,
First of all Thankyou for this excellent piece of work, it seems people will continue to benefit from this applet for a while.
I have a J3R200 Javacard which I under…
-
**Description**
We are hosting our own Sigstore and have deployed both Rekor and Fulcio with RSA keys hosted in AWS. We are not signing container images but exclusively blobs through e.g.
```
c…
-
# Your system information
* Operating system used: windows 11
* PyKCS11 version: 1.5.17
* Python version: 3.13.0
* PKCS#11 library used:
# Please describe your issue in as much detail as poss…
-
-
What happened to your signing key? The update yesterday was rejected as it no longer matched:
```
Binary files /web/ftp/repo/fdroid/repo/lol.janjic.splitcat_2017.apk and /web/ftp/repo/fdroid/repo/…
-
In the current proposal M' is starting with the OID. My suggestion is to prefix a "magic" constant of length of 16 or 32 bytes to the OID.
The reason is the following: In the case that a signature …