Matthew A. Miller

If `jws_get_plaintext()` is not setting `plaintext_len` to the right length, that is a bug we need to fix. Zeroing out all the memory, while a good idea, shouldn't be solving...

@mysticlife1111 thank you for the context. I'll admit I'm puzzled why `plaintext_len` is invalid for you but the tests pass. If you have a chance, please try `make test` and...

To be clear, there are two (or three) separate requests here: 1) support for x.509 2) support for JSON serializations 3) (or 2.b) support for multiple signatories/recipients There are no...

Well, people are entitled to their opinions, and other people are entitled to disagree with them. I strongly disagree, and I'm not sure if I'm offended and insulted on behalf...

I'm disagreeing with cjose validating based on trust anchors without accounting for revocation. It's false trust to say a cert chain is valid if there's been no check for revocation....

Apologies for the late response. It is possible to build cjose from source to use libressl. If libressl (or openssl) is installed in a custom location, you can specify the...

The referenced jwks file has embedded X.509 certificates. `node-jose` does not support creating X.509 certificates itself, but it is possible to get there. Unfortunately, it is very involved: 1. Generate...

There is currently no timeline for implementing JWS payload options.

The private members for an RSA key are discussed in [RFC 7518 § 6.3.2](https://tools.ietf.org/html/rfc7518#section-6.3.2), where "d" is REQUIRED, and the others SHOULD be present. This is probably a bug in...

The current expectation is that the API user calls the "export" methods then uses the result as input to whatever serialization strategy they want to use. The same (in reverse)...