-
### Description
Token validated ok at jwt.io. Received error with `.verify`
Error:
```
code:'ERR_OSSL_PEM_BAD_BASE64_DECODE'
function:'PEM_read_bio_ex'
library:'PEM routines'
reason:'bad base…
-
We are going to extend the `evp_test`, a test tool for various implementations of crypto algorithms.
The `evp_test` should check the correctness of output in various circumstances. This will allow …
-
```
I have a key that I regularly use with GnuPG-1.4.x & TB & Enigmail, and with
Gpg4Win-2.x & TB & Enigmail (on 2 different systems) and gpg on linux.
APG is 1.0.9. It happily imported the key, I…
-
Description of the project:
Cryptoeconomics, as in the real world, requires specialists of various functions, from NFT designers to smart contract engineer (including but not limited to: oracles, e…
deni5 updated
2 years ago
-
_Note: this issue is only meant to document the current situation, provide historical context and elucidate any operational aid that exists for this particular situation._
## What's Happening?
F…
-
After a security review meeting with Larry Joy (Microsoft) some recommendations were made:
Recommended as ‘best practices’ when doing crypto in the browser:
Use the Web Crypto API when avai…
-
## Description
While this is certainly needed, there is no good way to report signature or encryption as weak for now, or to disable certain hashes and ciphers (like MD5, IDEA).
However, we stil…
-
should signatures span the whole DeviceKeys object or just a single keys field? You can guess from context that it is just a single keys field, but would be better to be clearer
-
Using Fulcio, it is possible to request different key (and digest) configuration. ECDSA256 with SHA256, but also ECDSA384 with SHA384 (among others).
However, in Rekor it seems that it is only poss…
-
Not sure if this are already been ruled out because it might need a dep on `libfido2` but if not... fido2 resident keys are pretty neato
Generate a key that lives on the actual fido2 device with:
…