Hi guys, I am actually coding a authenticity check for my package manager, where I will check a package signature.
What do you suggest me about it? What parameter should I use to generate a very secure private key ?
Dont most package managers just use SHA256 hashes? This would be sufficient to ensure a package hasn’t been tampered with.