Prateek Kumar Nischal

@lhazlewood does this issue require to remove the implementation from [RsaSignatureValidator](https://github.com/jwtk/jjwt/blob/master/impl/src/main/java/io/jsonwebtoken/impl/crypto/RsaSignatureValidator.java) that allows computing the signature using the `this.SIGNER` when the key type in not of the type `PublicKey` ?...

Hi @osa1 , As @trevarj mentioned, irssi supports a lot of commands and that's why I had the thought of adding it to tiny, to enhance the UX for the...

The same, I am not able to verify if the serialization is the problem. However, that was the only place I changed the key. I saw some handlers which were...

I tried using this commit, no luck..! :( Mystery deepens. For some reason, it works just fine with the libfido2 implementation. Thank you for taking a look into this! I...

So, We finally ported the implementation to `libfido2` and it works with the webauthn server which is strange. To be honest I haven't been able to figure out the difference....

#### The payload generated from python-fido2 (doesn't work) ```json { "id": "pRzZEQAirW_1xuhzt6RBun_EG5288P8le9VznqinqG0o2ZGogqjTAREP-C4itXR9", "type": "public-key", "response": { "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiVmhzSGxHNlpleHJNa3QtOTlmamx3bUl2ZGFsdnU5amtXbHhybjJmZUNlQSIsIm9yaWdpbiI6Imh0dHBzOi8vbWlkd2F5LWF1dGguYW1hem9uLmNvbSIsImNyb3NzT3JpZ2luIjpmYWxzZX0", "authenticatorData": "rM9dRu45NrZlVVA9BUip_LY5AfXutTVHx9xZzyoxyqwBAAABLQ", "signature": "MEUCIQCvLeReAYgtOudr8tXtS3ulOO2EYzQcc-Lq-qU7IlSssAIgKIJfLxi306jZ8exZ4iv1RbpaBedSjK9WTI326okTUZY", "userHandle": "" } } ``` The source that...

These payload dumps are right before the client (`curl` vs `libcurl`) encodes them to `application/x-www-form-urlencoded` and sends it to the server, so I doubt there would be any modifications to...

Finally found the issue, it's not related to the python-fido2 library. The server was selecting the incorrect challenge to verify. The old client has the same incorrect challenge selection, so...

Please check https://github.com/prateeknischal/webtail/issues/5

@alokmenghrajani that's a good point. The direction from where I am coming is, this tools only scans for x509 certificates right now. If we let the PEM parser decide what...