Simo Sorce
Simo Sorce
> PKCS#11 does not need UI at open time. If request is to load certificate UI prompt is not required. This information is public. The same for public key if...
@levitte although I did not touch this aspect in the code in this PR, there is another deficiency in the store API that affects usability, and I guess it may...
@beldmit the openssl API is not exactly the problem, technically the application can simply not set callbacks, and pkcs11-provider will simply not have a pin and will try to continue...
> One of the issues with the store is that it is opaque in term of intentions towards the provider. I need to correct myself here, we have the expected...
Sorry was looking at different results for another PR and mixed the streams, that is why I deleted the comment.
2 cents: - the argon2 RFC is not finalized yet, I would wait until that's the case. - embedding would avoid a dependency, but, as long as libargon2 could be...
This code is extremely dangerous as is. The verification part is fine, but I urge you to make it extremely difficult to compile and have working signature generation code in...
> How are developers supposed to do testing on XMSS/LMS without a software implementation of signing? Using test vectors. > There is certainly an argument to be made for having...
> @simo5, > Thanks for the comments, we agree with you that key management is paramount to security of stateful schemes. > These points were discussed at the onset. The...