Comments (7)
@g-k great! I think @fxamacker would be interested in opening a PR to handle the CBOR aspect.
I have an idea for another PR, I'll open a ticket.
from go-cose.
I've been reading COSE RFC 8152 (the parts used by go-cose) and so far so good.
from go-cose.
The security comparison table was updated today to show the entire fatal error message. It was previously showing the error text from the Sep 2019 data instead of Mar 2020 data.
from go-cose.
Hey @x448, thanks for bringing this up! Seems like something that GH should've published an advisory for.
I'll try to get to this by the end of April. I'm open to PRs swapping in the new CBOR encoder/decoder in the meantime.
👍 keyasint
and toarray
look like they'll help simplify things and getting something properly fuzzed that doesn't use unsafe
would be big wins too.
from go-cose.
Hi @g-k, I would love to open a PR and contribute to go-cose!
I can begin work on go-cose right after wrapping up a task due Monday.
from go-cose.
from go-cose.
@g-k I've been working on go-cose and will try to open a PR soon.
from go-cose.
Related Issues (20)
- encode / decode benchmark tests HOT 1
- figure out why ECDSA bitlens don't match HOT 1
- Unmarshal into with standard (data []byte, v interface{}) error fn signature
- clean up commented out cose rust test cases HOT 1
- make I2OSP more constant time HOT 4
- RFC8152 Section 7 COSE_Key public key serialization? HOT 4
- CODE_OF_CONDUCT.md file missing
- CI broken
- Fix exact bit level checks leading to flakey tests HOT 1
- Fix badge in readme to reflect migration from Travis CI to Circle CI
- Pass io.Reader as payload for signature HOT 1
- CI failing on TestI2OSPTiming
- update golang versions in CI
- Use a "linter aggregator" for static analysis in pull requests HOT 5
- get lint job passing in CI and require it to land PRs HOT 2
- tests that modify a single byte of signature or payload can fail intermittently
- drop golang 1.13 support; add 1.15
- make sure COSE wg examples are up to date HOT 2
- Question: Is this library still maintained? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from go-cose.