Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / veraison/go-cose issues and pull requests

#145 - Fix intermittent failures in headers tests

Pull Request - State: open - Opened by setrofim over 1 year ago - 1 comment

#144 - Make built-in types implement the new DigestSigner and DigestVerify interface

Pull Request - State: open - Opened by qmuntal over 1 year ago - 1 comment

#143 - Add untagged COSE_Sign1 support

Pull Request - State: open - Opened by setrofim over 1 year ago - 8 comments

#142 - Built In Functions for OPA

Issue - State: open - Opened by OR13 over 1 year ago - 1 comment
Labels: enhancement

#141 - Consider adding support for `RS256` algorithm identifier

Issue - State: open - Opened by hslatman over 1 year ago - 3 comments
Labels: enhancement

#140 - Add support for `RS256`, `COSEAlgorithmIdentifier -257`

Pull Request - State: open - Opened by hslatman over 1 year ago - 4 comments

#139 - Automated testing for > 4 GiB

Issue - State: open - Opened by SteveLasker over 1 year ago
Labels: test-coverage

#137 - Enhance individual UT in go-cose library to handle specific errors

Pull Request - State: closed - Opened by yogeshbdeshpande almost 2 years ago - 4 comments

#136 - Add precise error conditions to verifier unit tests

Pull Request - State: closed - Opened by yogeshbdeshpande almost 2 years ago - 1 comment

#135 - fix: deterministic encode cose_sign / cose_sign1 sig_signature

Pull Request - State: closed - Opened by shizhMSFT almost 2 years ago - 1 comment

#134 - Add Roy Williams as a maintainer

Pull Request - State: closed - Opened by SteveLasker almost 2 years ago - 1 comment

#133 - Add CODEOWNERS Fixes #131

Pull Request - State: closed - Opened by SteveLasker almost 2 years ago - 2 comments

#132 - Added issue templates

Pull Request - State: closed - Opened by toddysm almost 2 years ago - 1 comment

#131 - Add CODEOWNERS

Issue - State: closed - Opened by SteveLasker almost 2 years ago - 2 comments

#130 - Correct return error code when key cannot be decoded

Pull Request - State: closed - Opened by yogeshbdeshpande almost 2 years ago - 1 comment

#129 - Update references to v1.0.0

Pull Request - State: closed - Opened by lachie83 almost 2 years ago - 1 comment

#128 - Update Code of Conduct

Pull Request - State: closed - Opened by lachie83 almost 2 years ago - 1 comment

#127 - Add community info

Pull Request - State: closed - Opened by SteveLasker almost 2 years ago - 2 comments

#126 - Update stale version references

Issue - State: closed - Opened by lachie83 almost 2 years ago - 1 comment

#125 - Add issue templates for bugs and enhancements

Issue - State: closed - Opened by lachie83 almost 2 years ago - 2 comments
Labels: good first issue

#124 - Incorrect error code returned from go-cose Verifier instantiation

Issue - State: closed - Opened by yogeshbdeshpande almost 2 years ago - 1 comment

#123 - Add community info

Issue - State: closed - Opened by SteveLasker almost 2 years ago - 2 comments

#122 - Update code of conduct: mozilla references

Issue - State: closed - Opened by SteveLasker almost 2 years ago

#121 - Update current release to v1.0.0

Pull Request - State: closed - Opened by SteveLasker almost 2 years ago - 2 comments

#120 - Cannot sign/verify digests anymore (think Merkle tree, ledger, detached payload)

Issue - State: open - Opened by ivarprudnikov almost 2 years ago - 12 comments
Labels: enhancement

#119 - Sign1 messages with a non-minimal protected header length cannot be verified

Issue - State: closed - Opened by plietar almost 2 years ago - 1 comment

#118 - Unit Test in go-cose repository needs to check for precise error condition

Issue - State: closed - Opened by yogeshbdeshpande about 2 years ago - 2 comments

#117 - Create v1.0.0-rc.3 release

Issue - State: closed - Opened by SteveLasker about 2 years ago - 1 comment

#116 - Check EC point is on curve at Verifier instantiation

Pull Request - State: closed - Opened by thomas-fossati about 2 years ago - 2 comments

#115 - missing EC public key validation when creating a new Verifier

Issue - State: closed - Opened by thomas-fossati about 2 years ago - 5 comments

#114 - fix example in the readme

Pull Request - State: closed - Opened by thomas-fossati about 2 years ago - 1 comment

#113 - Use cbor.SortCoreDeterministic for CBOR encoding

Pull Request - State: closed - Opened by qmuntal about 2 years ago - 4 comments

#112 - Create v1.0.0-rc.2 release

Issue - State: closed - Opened by SteveLasker about 2 years ago - 11 comments

#111 - Improve README.md examples

Pull Request - State: closed - Opened by qmuntal about 2 years ago - 4 comments

#109 - Update cose-spec from draft to RFC 9052

Pull Request - State: closed - Opened by fxamacker about 2 years ago - 3 comments

#108 - Update cose-spec from draft to RFC 9052

Issue - State: closed - Opened by fxamacker about 2 years ago

#107 - No ability to import an existing key to use with signer

Issue - State: open - Opened by OR13 about 2 years ago - 7 comments

#106 - Update Readme Examples

Issue - State: closed - Opened by OR13 about 2 years ago - 3 comments

#105 - Where is the `cty` tag registered

Issue - State: closed - Opened by OR13 about 2 years ago - 2 comments

#104 - Reduce FuzzSign1 memory consumption

Pull Request - State: closed - Opened by qmuntal about 2 years ago - 2 comments

#103 - chore: upgrade ci to go 1.18 and go 1.19

Pull Request - State: closed - Opened by shizhMSFT about 2 years ago - 1 comment

#102 - Shift Go Support Window to [1.18, 1.19]

Issue - State: closed - Opened by shizhMSFT over 2 years ago - 1 comment

#101 - refactor!: accept message content instead of digest for sign and verify

Pull Request - State: closed - Opened by shizhMSFT over 2 years ago - 4 comments

#100 - Add ability to swap crypto implementation

Issue - State: closed - Opened by shizhMSFT over 2 years ago
Labels: enhancement

#98 - Create 1.0.0 Release

Issue - State: closed - Opened by SteveLasker over 2 years ago - 10 comments

#97 - Add Trail of Bits Security Assessment

Pull Request - State: closed - Opened by yogeshbdeshpande over 2 years ago - 3 comments

#96 - Add Trail of Bits Security Review

Pull Request - State: closed - Opened by SteveLasker over 2 years ago - 2 comments

#95 - WIP: Some of the types in Verify seemed to be incorrect

Pull Request - State: closed - Opened by dreemkiller over 2 years ago - 2 comments

#94 - Upload the Trail of Bits public security assessment report

Pull Request - State: closed - Opened by ESultanik over 2 years ago - 4 comments

#93 - Enhance reports folder README.md and also top level README.md

Pull Request - State: closed - Opened by yogeshbdeshpande over 2 years ago - 1 comment

#92 - Update readme's for security reviews

Issue - State: closed - Opened by SteveLasker over 2 years ago - 1 comment

#91 - Update README.md and SECURITY.md from alpha.1 to rc.1

Pull Request - State: closed - Opened by FeynmanZhou over 2 years ago - 1 comment

#90 - Update README.md and SECURITY.md from alpha.1 to rc.1

Pull Request - State: closed - Opened by FeynmanZhou over 2 years ago

#89 - Increase headers type validation coverage

Pull Request - State: closed - Opened by qmuntal over 2 years ago - 1 comment

#88 - Create v1.0.0-rc.1 release

Issue - State: closed - Opened by SteveLasker over 2 years ago - 12 comments

#87 - Validate generic headers

Pull Request - State: closed - Opened by qmuntal over 2 years ago

#86 - add Mac0 support

Issue - State: open - Opened by thomas-fossati over 2 years ago - 2 comments
Labels: enhancement

#85 - Improve Sign1Message.Sign1() docs

Pull Request - State: closed - Opened by qmuntal over 2 years ago

#84 - upload coverage to codecov.io

Pull Request - State: closed - Opened by qmuntal over 2 years ago - 1 comment

#83 - Future

Issue - State: closed - Opened by SteveLasker over 2 years ago

#82 - Header types are not validated

Issue - State: closed - Opened by tjade273 over 2 years ago - 1 comment

#81 - Error if unprotected header contains crit param

Pull Request - State: closed - Opened by qmuntal over 2 years ago - 1 comment

#80 - “crit” label is permitted in unprotected headers

Issue - State: closed - Opened by tjade273 over 2 years ago

#79 - suspicious conversion

Issue - State: closed - Opened by thomas-fossati over 2 years ago - 1 comment

#78 - Ensure critical header contains valid labels

Pull Request - State: closed - Opened by qmuntal over 2 years ago - 9 comments

#77 - Upload NCC Public Report

Pull Request - State: closed - Opened by kevin-henry-ncc over 2 years ago - 2 comments

#76 - Untrusted input passed to CBOR Unmarshal() without bounds checking

Issue - State: closed - Opened by tolginator over 2 years ago - 2 comments

#75 - Missing hash function validation in RSA-PSS signatures

Issue - State: closed - Opened by tolginator over 2 years ago

#74 - Missing ed448 with EdDSA

Issue - State: open - Opened by tolginator over 2 years ago - 6 comments

#73 - Deterministic ECDSA

Issue - State: open - Opened by shizhMSFT over 2 years ago - 6 comments

#72 - Fail-safe check on RSA

Pull Request - State: closed - Opened by shizhMSFT over 2 years ago

#70 - Create Reports folder under go-cose

Pull Request - State: closed - Opened by yogeshbdeshpande over 2 years ago

#69 - Correct README to reflect the defork from mozilla/go-cose

Pull Request - State: closed - Opened by yogeshbdeshpande over 2 years ago - 3 comments

#68 - Consider Interface simplicity and safer usage of Sign1

Issue - State: closed - Opened by yogeshbdeshpande over 2 years ago - 2 comments
Labels: documentation

#67 - Remove cose.Verify1 and update cose.Sign1

Pull Request - State: closed - Opened by qmuntal over 2 years ago

#66 - Ensure IV and Partial IV are not both present

Pull Request - State: closed - Opened by qmuntal over 2 years ago - 6 comments

#65 - Update readme with release info

Pull Request - State: closed - Opened by SteveLasker over 2 years ago - 4 comments

#64 - Make Sign1 and Verify1 difficult to misuse

Issue - State: closed - Opened by qmuntal over 2 years ago - 5 comments

#63 - Fix integer range rendering

Pull Request - State: closed - Opened by qmuntal over 2 years ago

#62 - Guard against race conditions in RegisterAlgorithm

Pull Request - State: closed - Opened by qmuntal over 2 years ago - 2 comments

#61 - Documentation cleanup

Pull Request - State: closed - Opened by qmuntal over 2 years ago

#60 - Use curve modulo instead of field size to calculate ECDSA signature length

Pull Request - State: closed - Opened by qmuntal over 2 years ago - 4 comments

#59 - Field/order size confusion in ECDSA signature length

Issue - State: closed - Opened by pornin over 2 years ago - 1 comment

#58 - Mark COSE Sign as experimental

Pull Request - State: closed - Opened by thomas-fossati over 2 years ago - 2 comments

#57 - Remove design.md as remote signing has merged

Pull Request - State: closed - Opened by SteveLasker over 2 years ago

#56 - Remove design.md

Issue - State: closed - Opened by SteveLasker over 2 years ago - 1 comment

#55 - Document `sign` as experimental

Issue - State: closed - Opened by SteveLasker over 2 years ago

#54 - add Sign1Message benchmarks

Pull Request - State: closed - Opened by qmuntal over 2 years ago - 2 comments

#53 - Add Sign1Message benchmarks

Pull Request - State: closed - Opened by qmuntal over 2 years ago

#52 - Performance review

Issue - State: closed - Opened by qmuntal over 2 years ago - 4 comments

#51 - Remote Signing

Pull Request - State: closed - Opened by shizhMSFT over 2 years ago - 15 comments

#50 - Integrate with codecov.io

Issue - State: closed - Opened by qmuntal over 2 years ago - 11 comments
Labels: good first issue, help wanted

#37 - Merge Remote Signing Branch into Main

Issue - State: closed - Opened by SteveLasker over 2 years ago - 2 comments

#36 - Algorithm Test Coverage

Issue - State: closed - Opened by SteveLasker over 2 years ago - 2 comments

#22 - negative tests

Issue - State: closed - Opened by thomas-fossati over 2 years ago - 2 comments

#12 - Cut an v1.0.0-alpha.1 release

Issue - State: closed - Opened by SteveLasker over 2 years ago - 10 comments

#5 - Missing processes for reporting security vulnerabilities

Issue - State: closed - Opened by shizhMSFT almost 3 years ago - 2 comments