Tore Frederiksen
Tore Frederiksen
The "annoyingly" encoded `notBefore` and `notAfter` times in attestations using GeneralizedTime is no longer needed, since we now use `notBeforeInt` and `notAfterInt` to store times in a away that is...
The JS part of issue #167. See section 2.2.1 in the Token-negotiator report. [See Jira issue 291.](https://smarttokenlabs.atlassian.net/browse/PR-291)
Update the Solidity code according to the refactoring done when handling issue #203 and #201
Currently the the crypto-verify service is based on Authenticator. However, attestation.jar is the primarily reference implementation of the construction and validation of cryptographic aspects. In particular since it is throughly...
Running a scan on the java/typescript found a couple of potential minor issues, and one security issues in relation to cross-site origin which should be handled. The results are available...
Currently a UN can be used multiple times within its validity. This is a feature that allows it to be used repeatedly in short sessions without needing the user to...
Per request from @colourful-land we need to construct a new object called Capability Attestation, which can be used by Token Negotiator to preemptively fetch a token for a specific site....
A couple of cryptographic enhancements to increase the cryptographic robustness of the system. Ideally this should make the system closer to being formally provable secure and harder to compromise in...
As pointed out by @colourful-land in PR #105 we are currently not completely following standards in relation to use of OID when singing using Keccak in Attestations (and perhaps other...
Currently the method `BigIntegerModulus.reduceModThis()` fails if the BigInteger it gets as input is more than the square of the modulus... However, no exception is thrown if this is the case....