1 | # Change Log
|
2 |
|
3 | All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
|
4 |
|
5 | ## [1.22.2](https://github.com/panva/jose/compare/v1.22.1...v1.22.2) (2020-02-06)
|
6 |
|
7 |
|
8 | ### Performance Improvements
|
9 |
|
10 | * various codepaths refactored ([3e3d7dd](https://github.com/panva/jose/commit/3e3d7dd38168159e188e54c48a9f83e3a02a8fe1))
|
11 |
|
12 |
|
13 |
|
14 | ## [1.22.1](https://github.com/panva/jose/compare/v1.22.0...v1.22.1) (2020-02-03)
|
15 |
|
16 |
|
17 | ### Bug Fixes
|
18 |
|
19 | * actually remove the base64url proper encoding check ([eae01b5](https://github.com/panva/jose/commit/eae01b57ab9f33e8c621ffcd2a77d513a51d22b2))
|
20 |
|
21 |
|
22 |
|
23 | # [1.22.0](https://github.com/panva/jose/compare/v1.21.1...v1.22.0) (2020-01-29)
|
24 |
|
25 |
|
26 | ### Features
|
27 |
|
28 | * keystore filtering by JWK Key thumbprint ([a9f6f71](https://github.com/panva/jose/commit/a9f6f7135005d6231d6f42d95c02414139a89d17))
|
29 |
|
30 |
|
31 | ### Performance Improvements
|
32 |
|
33 | * base64url decode, JWT.verify, JWK.Key instance re-use ([470b4c7](https://github.com/panva/jose/commit/470b4c73154e1fcf8b92726d521940e5e11c9d94))
|
34 |
|
35 |
|
36 |
|
37 | ## [1.21.1](https://github.com/panva/jose/compare/v1.21.0...v1.21.1) (2020-01-25)
|
38 |
|
39 |
|
40 | ### Bug Fixes
|
41 |
|
42 | * contactKDF iteration count fixed for key sizes larger than 256 bits ([70ff222](https://github.com/panva/jose/commit/70ff22227ad303e57228dc8351688531499a833a))
|
43 |
|
44 |
|
45 |
|
46 | # [1.21.0](https://github.com/panva/jose/compare/v1.20.0...v1.21.0) (2020-01-23)
|
47 |
|
48 |
|
49 | ### Bug Fixes
|
50 |
|
51 | * **typescript:** don't expose non existant classes, fix decode key ([0f8bf88](https://github.com/panva/jose/commit/0f8bf886da1b5d02cd0d968d0ec02a58673df258))
|
52 |
|
53 |
|
54 | ### Features
|
55 |
|
56 | * add opt-in support for Unsecured JWS algorithm "none" ([3a6d17f](https://github.com/panva/jose/commit/3a6d17fdd18d8bbd074c07c2dd08f0406c16a8f1))
|
57 |
|
58 |
|
59 |
|
60 | # [1.20.0](https://github.com/panva/jose/compare/v1.19.0...v1.20.0) (2020-01-16)
|
61 |
|
62 |
|
63 | ### Features
|
64 |
|
65 | * add JWTExpired error and JWTClaimInvalid claim and reason props ([a0c0c7a](https://github.com/panva/jose/commit/a0c0c7ad70f42d9b23b3e71de43599a8ac6fe1ff)), closes [#62](https://github.com/panva/jose/issues/62)
|
66 |
|
67 |
|
68 |
|
69 | # [1.19.0](https://github.com/panva/jose/compare/v1.18.2...v1.19.0) (2020-01-13)
|
70 |
|
71 |
|
72 | ### Features
|
73 |
|
74 | * exposed shorthands for JWT verification profiles ([b1864e3](https://github.com/panva/jose/commit/b1864e319d1a7a42eadfa0c4b0145952e7814726))
|
75 |
|
76 |
|
77 |
|
78 | ## [1.18.2](https://github.com/panva/jose/compare/v1.18.1...v1.18.2) (2020-01-08)
|
79 |
|
80 |
|
81 | ### Bug Fixes
|
82 |
|
83 | * ensure asn1.js version to remove Buffer deprecation notice ([13b1106](https://github.com/panva/jose/commit/13b1106048fdeae00b09d54f05245dded85b14a7))
|
84 | * expose JOSENotSupported key import errors on unsupported runtimes ([bc81e5d](https://github.com/panva/jose/commit/bc81e5dec2987f6ce6dc3fa5daa23dfe620c0a34))
|
85 | * typo in JOSENotSupported error when x509 certs are not supported ([bb58c9c](https://github.com/panva/jose/commit/bb58c9ce52e807ca4cfad6bcbf1ab96b91778b1f))
|
86 |
|
87 |
|
88 |
|
89 | ## [1.18.1](https://github.com/panva/jose/compare/v1.18.0...v1.18.1) (2020-01-01)
|
90 |
|
91 |
|
92 | ### Bug Fixes
|
93 |
|
94 | * force iat past check when maxTokenAge option is used + JWT refactor ([828ad5a](https://github.com/panva/jose/commit/828ad5a33dc0cc0049923b69f43f97463295456e))
|
95 |
|
96 |
|
97 |
|
98 | # [1.18.0](https://github.com/panva/jose/compare/v1.17.2...v1.18.0) (2019-12-31)
|
99 |
|
100 |
|
101 | ### Features
|
102 |
|
103 | * add JWT validation profiles for Access Tokens and Logout Tokens ([7bb5c95](https://github.com/panva/jose/commit/7bb5c953a9c6d9bd915e8ebc0608bc0649427745))
|
104 |
|
105 |
|
106 |
|
107 | ## [1.17.2](https://github.com/panva/jose/compare/v1.17.1...v1.17.2) (2019-12-17)
|
108 |
|
109 |
|
110 | ### Bug Fixes
|
111 |
|
112 | * skip validating iat is in the past when exp is present ([0ed5025](https://github.com/panva/jose/commit/0ed5025de30a754de95ae2587ce0f4573909b006))
|
113 |
|
114 |
|
115 |
|
116 | ## [1.17.1](https://github.com/panva/jose/compare/v1.17.0...v1.17.1) (2019-12-10)
|
117 |
|
118 |
|
119 | ### Bug Fixes
|
120 |
|
121 | * properly fail to import unsupported openssh keys ([bee5744](https://github.com/panva/jose/commit/bee574457f29597ccab09d51ac61b85dd7a7146a))
|
122 |
|
123 |
|
124 |
|
125 | # [1.17.0](https://github.com/panva/jose/compare/v1.16.2...v1.17.0) (2019-12-10)
|
126 |
|
127 |
|
128 | ### Features
|
129 |
|
130 | * importing a certificate populates x5c and x5t thumbprints ([25a7a71](https://github.com/panva/jose/commit/25a7a71915c4f7514536cec9e7e162d0ad3b670c)), closes [#59](https://github.com/panva/jose/issues/59)
|
131 |
|
132 |
|
133 |
|
134 | ## [1.16.2](https://github.com/panva/jose/compare/v1.16.1...v1.16.2) (2019-12-05)
|
135 |
|
136 |
|
137 | ### Bug Fixes
|
138 |
|
139 | * handle Unencoded Payload (b64:false) with arbitrary buffer payloads ([daabedc](https://github.com/panva/jose/commit/daabedc776617f4fde427b3a5e79d8c176293132)), closes [#57](https://github.com/panva/jose/issues/57)
|
140 |
|
141 |
|
142 |
|
143 | ## [1.16.1](https://github.com/panva/jose/compare/v1.16.0...v1.16.1) (2019-12-05)
|
144 |
|
145 |
|
146 | ### Bug Fixes
|
147 |
|
148 | * allow PBES2 for the correct JWK `use` values ([f0d7194](https://github.com/panva/jose/commit/f0d719416ec9ca041ea88b8a983b5d899a6aa107))
|
149 |
|
150 |
|
151 |
|
152 | # [1.16.0](https://github.com/panva/jose/compare/v1.15.1...v1.16.0) (2019-12-04)
|
153 |
|
154 |
|
155 | ### Features
|
156 |
|
157 | * two official jose plugins/extensions for those living on the edge ([5b27c97](https://github.com/panva/jose/commit/5b27c97ac8836ffa9f3880e009c8db5afbfbaa2c)), closes [#56](https://github.com/panva/jose/issues/56)
|
158 |
|
159 |
|
160 |
|
161 | ## [1.15.1](https://github.com/panva/jose/compare/v1.15.0...v1.15.1) (2019-11-30)
|
162 |
|
163 |
|
164 | ### Bug Fixes
|
165 |
|
166 | * **typescript:** export Key Input types ([0277fcd](https://github.com/panva/jose/commit/0277fcd1896af497e79190212b0719f7e62366c1))
|
167 |
|
168 |
|
169 |
|
170 | # [1.15.0](https://github.com/panva/jose/compare/v1.14.0...v1.15.0) (2019-11-27)
|
171 |
|
172 |
|
173 | ### Bug Fixes
|
174 |
|
175 | * default JWT.sign `kid` option value is false for HMAC signatures ([ce77388](https://github.com/panva/jose/commit/ce7738825403f8cdb8f99cb51c096baf0dfa3af7))
|
176 |
|
177 |
|
178 | ### Features
|
179 |
|
180 | * allow JWK.asKey inputs for sign/verify/encrypt/decrypt operations ([5e1009a](https://github.com/panva/jose/commit/5e1009a63e4bc829009cc46d6295c00f8431024c))
|
181 |
|
182 |
|
183 |
|
184 | # [1.14.0](https://github.com/panva/jose/compare/v1.13.0...v1.14.0) (2019-11-26)
|
185 |
|
186 |
|
187 | ### Features
|
188 |
|
189 | * allow JWKS.KeyStore .all and .get to filter for key curves ([ea60338](https://github.com/panva/jose/commit/ea60338ca6f58f2626992a38da76812477ce4540))
|
190 |
|
191 |
|
192 |
|
193 | # [1.13.0](https://github.com/panva/jose/compare/v1.12.1...v1.13.0) (2019-11-23)
|
194 |
|
195 |
|
196 | ### Features
|
197 |
|
198 | * return the CEK from JWE.decrypt operation with { complete: true } ([c3eb845](https://github.com/panva/jose/commit/c3eb8450b98b2f5ecc127d69afe85a7ae2cc5aaa))
|
199 |
|
200 |
|
201 |
|
202 | ## [1.12.1](https://github.com/panva/jose/compare/v1.12.0...v1.12.1) (2019-11-14)
|
203 |
|
204 |
|
205 |
|
206 | # [1.12.0](https://github.com/panva/jose/compare/v1.11.0...v1.12.0) (2019-11-05)
|
207 |
|
208 |
|
209 | ### Features
|
210 |
|
211 | * add JWS.verify encoding and parsing options ([6bb66d4](https://github.com/panva/jose/commit/6bb66d4f0b4c96f2da8ac5f14fda6bc4f53f2994))
|
212 |
|
213 |
|
214 |
|
215 | # [1.11.0](https://github.com/panva/jose/compare/v1.10.2...v1.11.0) (2019-11-03)
|
216 |
|
217 |
|
218 | ### Features
|
219 |
|
220 | * expose crypto.KeyObject instances in supported runtimes ([8ea9683](https://github.com/panva/jose/commit/8ea968312e97ed0f992fab909a20e7993159ec45))
|
221 |
|
222 |
|
223 |
|
224 | ## [1.10.2](https://github.com/panva/jose/compare/v1.10.1...v1.10.2) (2019-10-29)
|
225 |
|
226 |
|
227 | ### Bug Fixes
|
228 |
|
229 | * only use secp256k1 keys for signing/verification ([9588223](https://github.com/panva/jose/commit/95882232d6d409a321b6a8c168f5b78ebbdabf95))
|
230 |
|
231 |
|
232 |
|
233 | ## [1.10.1](https://github.com/panva/jose/compare/v1.10.0...v1.10.1) (2019-10-04)
|
234 |
|
235 |
|
236 | ### Bug Fixes
|
237 |
|
238 | * throw proper error when runtime doesn't support OKP ([0a16efb](https://github.com/panva/jose/commit/0a16efb)), closes [#48](https://github.com/panva/jose/issues/48)
|
239 |
|
240 |
|
241 |
|
242 | # [1.10.0](https://github.com/panva/jose/compare/v1.9.2...v1.10.0) (2019-10-01)
|
243 |
|
244 |
|
245 | ### Features
|
246 |
|
247 | * rename package ([26f4cf2](https://github.com/panva/jose/commit/26f4cf2))
|
248 |
|
249 |
|
250 |
|
251 | ## [1.9.2](https://github.com/panva/jose/compare/v1.9.1...v1.9.2) (2019-09-16)
|
252 |
|
253 |
|
254 | ### Bug Fixes
|
255 |
|
256 | * keystore.toJWKS(true) does not throw on public keys ([81abdfa](https://github.com/panva/jose/commit/81abdfa)), closes [#42](https://github.com/panva/jose/issues/42)
|
257 |
|
258 |
|
259 |
|
260 | ## [1.9.1](https://github.com/panva/jose/compare/v1.9.0...v1.9.1) (2019-09-10)
|
261 |
|
262 |
|
263 |
|
264 | # [1.9.0](https://github.com/panva/jose/compare/v1.8.0...v1.9.0) (2019-08-24)
|
265 |
|
266 |
|
267 | ### Features
|
268 |
|
269 | * allow JWKS.asKeyStore to swallow errors ([78398d3](https://github.com/panva/jose/commit/78398d3))
|
270 |
|
271 |
|
272 |
|
273 | # [1.8.0](https://github.com/panva/jose/compare/v1.7.0...v1.8.0) (2019-08-22)
|
274 |
|
275 |
|
276 | ### Features
|
277 |
|
278 | * added Node.js lts/dubnium support for runtime supported features ([67a8601](https://github.com/panva/jose/commit/67a8601))
|
279 |
|
280 |
|
281 |
|
282 | # [1.7.0](https://github.com/panva/jose/compare/v1.6.1...v1.7.0) (2019-08-20)
|
283 |
|
284 |
|
285 | ### Features
|
286 |
|
287 | * add RSA-OAEP-256 support (when a node version supports it) ([28d7cf8](https://github.com/panva/jose/commit/28d7cf8)), closes [#29](https://github.com/panva/jose/issues/29)
|
288 |
|
289 |
|
290 |
|
291 | ## [1.6.1](https://github.com/panva/jose/compare/v1.6.0...v1.6.1) (2019-07-29)
|
292 |
|
293 |
|
294 | ### Bug Fixes
|
295 |
|
296 | * properly pad calculated RSA primes ([dd121ce](https://github.com/panva/jose/commit/dd121ce))
|
297 |
|
298 |
|
299 |
|
300 | # [1.6.0](https://github.com/panva/jose/compare/v1.5.2...v1.6.0) (2019-07-27)
|
301 |
|
302 |
|
303 | ### Bug Fixes
|
304 |
|
305 | * use the correct ECPrivateKey version when importing EC JWK ([24acd20](https://github.com/panva/jose/commit/24acd20))
|
306 |
|
307 |
|
308 | ### Features
|
309 |
|
310 | * electron v6.x support ([e7ad82c](https://github.com/panva/jose/commit/e7ad82c))
|
311 |
|
312 |
|
313 |
|
314 | ## [1.5.2](https://github.com/panva/jose/compare/v1.5.1...v1.5.2) (2019-07-27)
|
315 |
|
316 |
|
317 | ### Bug Fixes
|
318 |
|
319 | * importing x5c in electron requires the input split ([181fd09](https://github.com/panva/jose/commit/181fd09))
|
320 |
|
321 |
|
322 |
|
323 | ## [1.5.1](https://github.com/panva/jose/compare/v1.5.0...v1.5.1) (2019-07-27)
|
324 |
|
325 |
|
326 | ### Bug Fixes
|
327 |
|
328 | * correctly pad integers when importing RSA JWK ([1dc7f35](https://github.com/panva/jose/commit/1dc7f35))
|
329 |
|
330 |
|
331 |
|
332 | # [1.5.0](https://github.com/panva/jose/compare/v1.4.1...v1.5.0) (2019-07-23)
|
333 |
|
334 |
|
335 | ### Features
|
336 |
|
337 | * validate JWTs according to a JWT profile - ID Token ([6c98b61](https://github.com/panva/jose/commit/6c98b61))
|
338 |
|
339 |
|
340 |
|
341 | ## [1.4.1](https://github.com/panva/jose/compare/v1.4.0...v1.4.1) (2019-07-14)
|
342 |
|
343 |
|
344 | ### Bug Fixes
|
345 |
|
346 | * honour the JWT.sign `jti` option ([36c9ce2](https://github.com/panva/jose/commit/36c9ce2)), closes [#33](https://github.com/panva/jose/issues/33)
|
347 |
|
348 |
|
349 |
|
350 | # [1.4.0](https://github.com/panva/jose/compare/v1.3.0...v1.4.0) (2019-07-08)
|
351 |
|
352 |
|
353 | ### Features
|
354 |
|
355 | * add secp256k1 EC Key curve and ES256K ([211d7af](https://github.com/panva/jose/commit/211d7af))
|
356 |
|
357 |
|
358 |
|
359 | # [1.3.0](https://github.com/panva/jose/compare/v1.0.2...c51dc28) (2019-06-21)
|
360 |
|
361 |
|
362 | ### Features
|
363 |
|
364 | * compute private RSA key p, q, dp, dq, qi when omitted ([6e3d6fd](https://github.com/panva/jose/commit/6e3d6fd)), closes [#26](https://github.com/panva/jose/issues/26)
|
365 | * add support for JWK x5c, x5t and x5t#S256 ([9d46c48](https://github.com/panva/jose/commit/9d46c48))
|
366 | * instances of JWKS.KeyStore are now iterable (e.g. for ... of) ([2eae293](https://github.com/panva/jose/commit/2eae293))
|
367 |
|
368 | ### Bug Fixes
|
369 |
|
370 | * limit calculation of missing RSA private components ([5b53cb0](https://github.com/panva/jose/commit/5b53cb0))
|
371 | * reject rsa keys without all factors and exponents with a specific message ([b0ff436](https://github.com/panva/jose/commit/b0ff436))
|
372 |
|
373 | ### Deprecations
|
374 |
|
375 | - this deprecates the use of `JWK.importKey` in favor of
|
376 | `JWK.asKey`
|
377 | - this deprecates the use of `JWKS.KeyStore.fromJWKS` in favor of
|
378 | `JWKS.asKeyStore`
|
379 |
|
380 | Both `JWK.importKey` and `JWKS.KeyStore.fromJWKS` could have resulted
|
381 | in the process getting blocked when large bitsize RSA private keys
|
382 | were missing their components and could also result in an endless
|
383 | calculation loop when the private key's private exponent was outright
|
384 | invalid or tampered with.
|
385 |
|
386 | The new methods still allow to import private RSA keys with these
|
387 | optimization key parameters missing but it is disabled by default and one
|
388 | should choose to enable it when working with keys from trusted sources
|
389 |
|
390 | It is recommended not to use `jose` versions with this feature in
|
391 | its original on-by-default form - v1.1.0 and v1.2.0
|
392 |
|
393 |
|
394 |
|
395 | ## [1.0.2](https://github.com/panva/jose/compare/v1.0.1...v1.0.2) (2019-05-13)
|
396 |
|
397 |
|
398 | ### Bug Fixes
|
399 |
|
400 | * add missing keystore.toJWKS() .d.ts definition ([c7a8606](https://github.com/panva/jose/commit/c7a8606)), closes [#25](https://github.com/panva/jose/issues/25)
|
401 |
|
402 |
|
403 |
|
404 | ## [1.0.1](https://github.com/panva/jose/compare/v1.0.0...v1.0.1) (2019-04-27)
|
405 |
|
406 |
|
407 | ### Bug Fixes
|
408 |
|
409 | * oct key ts "k" type fix ([0750d2c](https://github.com/panva/jose/commit/0750d2c))
|
410 |
|
411 |
|
412 |
|
413 | <a name="1.0.0"></a>
|
414 | # [1.0.0](https://github.com/panva/jose/compare/v0.12.0...v1.0.0) (2019-04-23)
|
415 |
|
416 |
|
417 | ### Bug Fixes
|
418 |
|
419 | * fail to import invalid PEM formatted strings and buffers ([857dc2b](https://github.com/panva/jose/commit/857dc2b))
|
420 |
|
421 |
|
422 | ### Features
|
423 |
|
424 | * add JWK key_ops support, fix .algorithms() op returns ([23b874c](https://github.com/panva/jose/commit/23b874c))
|
425 | * add key.toPEM() export function with optional encryption ([1159b0d](https://github.com/panva/jose/commit/1159b0d))
|
426 | * add OKP Key and EdDSA sign/verify support ([2dbd3ed](https://github.com/panva/jose/commit/2dbd3ed)), closes [#12](https://github.com/panva/jose/issues/12)
|
427 |
|
428 |
|
429 | ### BREAKING CHANGES
|
430 |
|
431 | * key.algorithms(op) un+wrapKey was split into correct
|
432 | wrapKey/unwrapKey/deriveKey returns
|
433 | * keystore.all and keystore.get `operation` option was
|
434 | removed, `key_ops: string[]` supersedes it
|
435 | * Node.js minimal version is now v12.0.0 due to its
|
436 | added EdDSA support (crypto.sign, crypto.verify and eddsa key objects)
|
437 |
|
438 |
|
439 |
|
440 | <a name="0.12.0"></a>
|
441 | # [0.12.0](https://github.com/panva/jose/compare/v0.11.5...v0.12.0) (2019-04-07)
|
442 |
|
443 |
|
444 | ### Reverts
|
445 |
|
446 | * add EC P-256K JWK and ES256K sign/verify support ([e21fea1](https://github.com/panva/jose/commit/e21fea1))
|
447 |
|
448 |
|
449 | ### BREAKING CHANGES
|
450 |
|
451 | * removing ES256K alg and EC P-256K crv support until the
|
452 | IETF WG decides on what the final names will be.
|
453 |
|
454 |
|
455 |
|
456 | <a name="0.11.5"></a>
|
457 | ## [0.11.5](https://github.com/panva/jose/compare/v0.11.4...v0.11.5) (2019-04-04)
|
458 |
|
459 |
|
460 | ### Features
|
461 |
|
462 | * add key.secret<boolean> and key.type<string> for completeness ([2dd7053](https://github.com/panva/jose/commit/2dd7053))
|
463 | * add key.thumbprint always returning the JWK Thumbprint (RFC7638) ([65db7e0](https://github.com/panva/jose/commit/65db7e0))
|
464 |
|
465 |
|
466 |
|
467 | <a name="0.11.4"></a>
|
468 | ## [0.11.4](https://github.com/panva/jose/compare/v0.11.3...v0.11.4) (2019-03-28)
|
469 |
|
470 |
|
471 | ### Bug Fixes
|
472 |
|
473 | * properly restrict EC curves in generate(Sync) ([764b863](https://github.com/panva/jose/commit/764b863))
|
474 | * remove unintended exposure of private material via enumerables ([946d9df](https://github.com/panva/jose/commit/946d9df))
|
475 |
|
476 |
|
477 |
|
478 | <a name="0.11.3"></a>
|
479 | ## [0.11.3](https://github.com/panva/jose/compare/v0.11.2...v0.11.3) (2019-03-27)
|
480 |
|
481 |
|
482 | ### Bug Fixes
|
483 |
|
484 | * throw on unsupported EC curves ([cfa4222](https://github.com/panva/jose/commit/cfa4222))
|
485 |
|
486 |
|
487 | ### Features
|
488 |
|
489 | * add EC P-256K JWK and ES256K sign/verify support ([2e33e1c](https://github.com/panva/jose/commit/2e33e1c))
|
490 |
|
491 |
|
492 |
|
493 | <a name="0.11.2"></a>
|
494 | ## [0.11.2](https://github.com/panva/jose/compare/v0.11.1...v0.11.2) (2019-03-19)
|
495 |
|
496 |
|
497 | ### Bug Fixes
|
498 |
|
499 | * internal symbol method is now really a symbol ([925d47c](https://github.com/panva/jose/commit/925d47c))
|
500 | * key.toJWK() fixed on windows ([57f1692](https://github.com/panva/jose/commit/57f1692)), closes [#17](https://github.com/panva/jose/issues/17)
|
501 |
|
502 |
|
503 | ## [0.11.1](https://github.com/panva/jose/compare/v0.11.0...v0.11.1) (2019-03-17)
|
504 |
|
505 |
|
506 | ### Bug Fixes
|
507 |
|
508 | * restrict RS key algorithms by the key's bit size ([9af295b](https://github.com/panva/jose/commit/9af295b))
|
509 |
|
510 |
|
511 | # [0.11.0](https://github.com/panva/jose/compare/v0.10.0...v0.11.0) (2019-03-16)
|
512 |
|
513 |
|
514 | ### Bug Fixes
|
515 |
|
516 | * all JWA defined RSA operations require key of 2048 or more ([cc70c5d](https://github.com/panva/jose/commit/cc70c5d))
|
517 | * use correct salt length for RSASSA-PSS ([e936d54](https://github.com/panva/jose/commit/e936d54))
|
518 |
|
519 |
|
520 | ### BREAKING CHANGES
|
521 |
|
522 | * all [JWA](https://tools.ietf.org/html/rfc7518) defined
|
523 | RSA based operations require key size of 2048 bits or more.
|
524 |
|
525 |
|
526 |
|
527 | # [0.10.0](https://github.com/panva/jose/compare/v0.9.2...v0.10.0) (2019-03-12)
|
528 |
|
529 |
|
530 | ### Bug Fixes
|
531 |
|
532 | * do not list "dir" under wrap/unwrapKey operations ([17b37d3](https://github.com/panva/jose/commit/17b37d3))
|
533 |
|
534 |
|
535 | ### Features
|
536 |
|
537 | * keystore .all and .get operation option ([d349ba9](https://github.com/panva/jose/commit/d349ba9))
|
538 |
|
539 |
|
540 | ### BREAKING CHANGES
|
541 |
|
542 | * "dir" is no longer returned as wrap/unwrapKey key
|
543 | operation
|
544 |
|
545 |
|
546 |
|
547 | ## [0.9.2](https://github.com/panva/jose/compare/v0.9.1...v0.9.2) (2019-03-05)
|
548 |
|
549 |
|
550 | ### Bug Fixes
|
551 |
|
552 | * "dir" is only available on keys with correct lengths ([6854860](https://github.com/panva/jose/commit/6854860))
|
553 | * do not 'in' operator when importing keys as string ([be3f4e4](https://github.com/panva/jose/commit/be3f4e4))
|
554 |
|
555 |
|
556 |
|
557 | ## [0.9.1](https://github.com/panva/jose/compare/v0.9.0...v0.9.1) (2019-03-02)
|
558 |
|
559 |
|
560 | ### Bug Fixes
|
561 |
|
562 | * only import RSA, EC and oct successfully ([e5e02fc](https://github.com/panva/jose/commit/e5e02fc))
|
563 |
|
564 |
|
565 | # 0.9.0 (2019-03-02)
|
566 |
|
567 | Initial release
|
568 |
|
569 | ### Implemented Features
|
570 |
|
571 | - JSON Web Signature (JWS) - [RFC7515][spec-jws]
|
572 | - JSON Web Encryption (JWE) - [RFC7516][spec-jwe]
|
573 | - JSON Web Key (JWK) - [RFC7517][spec-jwk]
|
574 | - JSON Web Algorithms (JWA) - [RFC7518][spec-jwa]
|
575 | - JSON Web Token (JWT) - [RFC7519][spec-jwt]
|
576 | - JSON Web Key (JWK) Thumbprint - [RFC7638][spec-thumbprint]
|
577 | - JWS Unencoded Payload Option - [RFC7797][spec-b64]
|
578 |
|
579 | | JWK Key Types | Supported ||
|
580 | | -- | -- | -- |
|
581 | | RSA | ✓ | RSA |
|
582 | | Elliptic Curve | ✓ | EC |
|
583 | | Octet sequence | ✓ | oct |
|
584 |
|
585 | | Serialization | JWS Sign | JWS Verify | JWE Encrypt | JWE Decrypt |
|
586 | | -- | -- | -- | -- | -- |
|
587 | | Compact | ✓ | ✓ | ✓ | ✓ |
|
588 | | General JSON | ✓ | ✓ | ✓ | ✓ |
|
589 | | Flattened JSON | ✓ | ✓ | ✓ | ✓ |
|
590 |
|
591 | | JWS Algorithms | Supported ||
|
592 | | -- | -- | -- |
|
593 | | RSASSA-PKCS1-v1_5 | ✓ | RS256, RS384, RS512 |
|
594 | | RSASSA-PSS | ✓ | PS256, PS384, PS512 |
|
595 | | ECDSA | ✓ | ES256, ES384, ES512 |
|
596 | | HMAC with SHA-2 | ✓ | HS256, HS384, HS512 |
|
597 |
|
598 | | JWE Key Management Algorithms | Supported ||
|
599 | | -- | -- | -- |
|
600 | | AES | ✓ | A128KW, A192KW, A256KW |
|
601 | | AES GCM | ✓ | A128GCMKW, A192GCMKW, A256GCMKW |
|
602 | | Direct Key Agreement | ✓ | dir |
|
603 | | RSAES OAEP | ✓<sup>*</sup> | RSA-OAEP <sub>(<sup>*</sup>RSA-OAEP-256 is not supported due to its lack of support in Node.js)</sub> |
|
604 | | RSAES-PKCS1-v1_5 | ✓ | RSA1_5 |
|
605 | | PBES2 | ✓ | PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW |
|
606 | | ECDH-ES | ✓ | ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW |
|
607 |
|
608 | | JWE Content Encryption Algorithms | Supported ||
|
609 | | -- | -- | -- |
|
610 | | AES GCM | ✓ | A128GCM, A192GCM, A256GCM |
|
611 | | AES_CBC_HMAC_SHA2 | ✓ | A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 |
|
612 |
|
613 | [spec-b64]: https://tools.ietf.org/html/rfc7797
|
614 | [spec-jwa]: https://tools.ietf.org/html/rfc7518
|
615 | [spec-jwe]: https://tools.ietf.org/html/rfc7516
|
616 | [spec-jwk]: https://tools.ietf.org/html/rfc7517
|
617 | [spec-jws]: https://tools.ietf.org/html/rfc7515
|
618 | [spec-jwt]: https://tools.ietf.org/html/rfc7519
|
619 | [spec-thumbprint]: https://tools.ietf.org/html/rfc7638
|