-
Hi together,
I created a RSA-PSS (SHA256WITHRSAANDMGF1) self-signed certificate with BcRSAContentSignerBuilder.
But unfortunately the cert-signature is invalid and/or not intact!
I checked the c…
-
### **Expected Behavior**
The OTP autofill feature should detect and automatically populate the OTP code when it is received.
### **Actual Behavior**
The phone number is detected successfully, bu…
-
Each entity within wallet ecosystems may need to sign requests, responses, and more stringently, credentials, assertions, attestations, etc. Currently, OpenID4VCI does not include public keys for si…
-
- **Launcher Version:** N/A
- **Operating system:** Windows
- **Antivirus/Firewall (if any):** N/A
- **Wine/Mono Version (if any):** N/A
Hello, I've noticed that the launcher installs a custom R…
-
The currently implemented signature verification doesn't work for every tool, many use streaming payloads which this doesn't attempt to handle at the moment.
The overview and documentation may be fou…
-
CycloneDX SBOMs can be signed at the root bom level and can also be signed on a component level.
This enhancement request is to add support for applying signatures to the bom level or to a componen…
-
in-toto signature verifying API -- `verifylib.in_toto_verify()` and `Metablock.verify_signature()` -- expects a json/dict representation of a public key to be passed as argument. This is useful, if t…
-
I was testing PKCS#1 v1.5 signature verification as implemented in RSA package and noticed it rejects valid signature whose encoded message uses an implicit NULL parameter for hash algorithm (where di…
-
**Edit:** We've pared down the earlier version of this ticket with a simpler scope:
Create a new worst-case verification test that tests the verification time of the largest possible transaction that…
-
## summary
We've been thinking about how `gh at verify` works. We've realized that `gh at verify` is in effect used to evaluate policy – and that therefore we have to improve its user experience.
As…