-
Probably this study help to improve this project :)
https://medium.com/@frankvolkel/tracetogether-under-the-hood-7d5e509aeb5d
Are plans to implement crypt and temporary (anonymous) uid?
-
We have a use case where we have a 3rd party identity provider that generates our JWT tokens and we only want to be able to validate them but not generate them. However, joken requires that we provid…
-
I was thinking of some important security features that are lacking in Godot. When you have an online business it is necessary to protect the data of your users and avoid cheating. In the gaming indus…
-
On a suggestion from @paragonie-scott, there's a known vulnerability in the standard PKCS1 padding and he is recommending to use OPENSSL_PKCS1_OAEP_PADDING instead. However, this isn't a backwards-com…
-
Add a capability to the current Pepipost Java SDK to attach files to an email from an S3 bucket.
Example: A user might be generating all transactional receipts in PDF format in S3 and those need to…
-
The Derive Key example gives the following error and needs to be fixed.
`Error: CKR_MECHANISM_PARAM_INVALID:113`
-
It would be helpful for the documentation to show a few more examples on how to configure and use different signers. It is important for the examples to be complete: they should show the options set …
-
Current implementation of exchangeKey is insecure. I first designed it as a pragmatic approach to recycle persisted sessions on browser's localstorage. However you can't securely exchange symmetric ke…
-
-
Hi everyone,
In the get_objects() I have:
```
```
So, when I run:
```
try:
pub = encode_rsa_public_key(session.get…