1 | # Change Log
|
2 |
|
3 | All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
|
4 |
|
5 | # [1.27.0](https://github.com/panva/jose/compare/v1.26.1...v1.27.0) (2020-05-05)
|
6 |
|
7 |
|
8 | ### Features
|
9 |
|
10 | * add opt-in objects to verify using embedded JWS Header public keys ([7c1cab1](https://github.com/panva/jose/commit/7c1cab196edc409ec6cc4741bdf7e06c5aaf5dab))
|
11 |
|
12 |
|
13 |
|
14 | ## [1.26.1](https://github.com/panva/jose/compare/v1.26.0...v1.26.1) (2020-04-27)
|
15 |
|
16 |
|
17 | ### Bug Fixes
|
18 |
|
19 | * **typescript:** types of key generate functions without overloads ([7e60722](https://github.com/panva/jose/commit/7e60722ae7054f8acf833e015c22679d56fbc0ca)), closes [#80](https://github.com/panva/jose/issues/80)
|
20 | * "typ" content-type validation, case insensitive and handled prefix ([0691586](https://github.com/panva/jose/commit/06915861b32c0ae252dcc84791050bc3716ce102))
|
21 |
|
22 |
|
23 |
|
24 | # [1.26.0](https://github.com/panva/jose/compare/v1.25.2...v1.26.0) (2020-04-16)
|
25 |
|
26 |
|
27 | ### Features
|
28 |
|
29 | * update JWT Profile for OAuth 2.0 Access Tokens to latest draft ([8c0a8a9](https://github.com/panva/jose/commit/8c0a8a950e4503cb7a756589e307286fe1116b05))
|
30 |
|
31 |
|
32 | ### BREAKING CHANGES
|
33 |
|
34 | * `at+JWT` JWT draft profile - in the draft's Section 2.2
|
35 | the claims `iat` and `jti` are now REQUIRED (was RECOMMENDED).
|
36 |
|
37 |
|
38 |
|
39 | ## [1.25.2](https://github.com/panva/jose/compare/v1.25.1...v1.25.2) (2020-04-15)
|
40 |
|
41 |
|
42 | ### Bug Fixes
|
43 |
|
44 | * **build:** don't publish junk files ([6e98c1a](https://github.com/panva/jose/commit/6e98c1a5f994224b9412fc47c4065b468c89fe2c))
|
45 |
|
46 |
|
47 |
|
48 | ## [1.25.1](https://github.com/panva/jose/compare/v1.25.0...v1.25.1) (2020-04-15)
|
49 |
|
50 |
|
51 | ### Bug Fixes
|
52 |
|
53 | * use native openssl AES Key Wrap 🤦 ([dcf8d75](https://github.com/panva/jose/commit/dcf8d75a8aca4f05fe04df64fdd2ba50bbc75bc9))
|
54 |
|
55 |
|
56 |
|
57 | # [1.25.0](https://github.com/panva/jose/compare/v1.24.1...v1.25.0) (2020-03-11)
|
58 |
|
59 |
|
60 | ### Features
|
61 |
|
62 | * update JWT Profile for OAuth 2.0 Access Tokens to latest draft ([bc77a15](https://github.com/panva/jose/commit/bc77a15fab10f8a29561ef667a923b2f074fa9b3))
|
63 |
|
64 |
|
65 |
|
66 | ## [1.24.1](https://github.com/panva/jose/compare/v1.24.0...v1.24.1) (2020-03-05)
|
67 |
|
68 |
|
69 | ### Bug Fixes
|
70 |
|
71 | * allow importing simpler passphrases as `oct` keys ([f86bda3](https://github.com/panva/jose/commit/f86bda3bb709f29e4264fb8de45242f518128744))
|
72 |
|
73 |
|
74 |
|
75 | # [1.24.0](https://github.com/panva/jose/compare/v1.23.0...v1.24.0) (2020-02-25)
|
76 |
|
77 |
|
78 | ### Features
|
79 |
|
80 | * add JWT.verify "typ" option for checking JWT Type Header parameter ([fc08426](https://github.com/panva/jose/commit/fc08426466233709b442ba21232768ddeeb94e56))
|
81 |
|
82 |
|
83 |
|
84 | # [1.23.0](https://github.com/panva/jose/compare/v1.22.2...v1.23.0) (2020-02-18)
|
85 |
|
86 |
|
87 | ### Bug Fixes
|
88 |
|
89 | * **typescript:** add optional JWK.Key props and make them readonly ([b92079c](https://github.com/panva/jose/commit/b92079cb64216b8ea91082adc07ac03972dbbb0e)), closes [#67](https://github.com/panva/jose/issues/67)
|
90 |
|
91 |
|
92 | ### Features
|
93 |
|
94 | * add ECDH-ES with X25519 and X448 OKP keys ([38369ea](https://github.com/panva/jose/commit/38369ea3d72812abe7ecebd6dc7da164b0a2e29d))
|
95 | * add RSA-OAEP-384 and RSA-OAEP-512 JWE Key Management Algorithms ([7477f08](https://github.com/panva/jose/commit/7477f0831b38765a9a916b35b1d40aaf11f0e6b8))
|
96 |
|
97 |
|
98 |
|
99 | ## [1.22.2](https://github.com/panva/jose/compare/v1.22.1...v1.22.2) (2020-02-06)
|
100 |
|
101 |
|
102 | ### Performance Improvements
|
103 |
|
104 | * various codepaths refactored ([3e3d7dd](https://github.com/panva/jose/commit/3e3d7dd38168159e188e54c48a9f83e3a02a8fe1))
|
105 |
|
106 |
|
107 |
|
108 | ## [1.22.1](https://github.com/panva/jose/compare/v1.22.0...v1.22.1) (2020-02-03)
|
109 |
|
110 |
|
111 | ### Bug Fixes
|
112 |
|
113 | * actually remove the base64url proper encoding check ([eae01b5](https://github.com/panva/jose/commit/eae01b57ab9f33e8c621ffcd2a77d513a51d22b2))
|
114 |
|
115 |
|
116 |
|
117 | # [1.22.0](https://github.com/panva/jose/compare/v1.21.1...v1.22.0) (2020-01-29)
|
118 |
|
119 |
|
120 | ### Features
|
121 |
|
122 | * keystore filtering by JWK Key thumbprint ([a9f6f71](https://github.com/panva/jose/commit/a9f6f7135005d6231d6f42d95c02414139a89d17))
|
123 |
|
124 |
|
125 | ### Performance Improvements
|
126 |
|
127 | * base64url decode, JWT.verify, JWK.Key instance re-use ([470b4c7](https://github.com/panva/jose/commit/470b4c73154e1fcf8b92726d521940e5e11c9d94))
|
128 |
|
129 |
|
130 |
|
131 | ## [1.21.1](https://github.com/panva/jose/compare/v1.21.0...v1.21.1) (2020-01-25)
|
132 |
|
133 |
|
134 | ### Bug Fixes
|
135 |
|
136 | * contactKDF iteration count fixed for key sizes larger than 256 bits ([70ff222](https://github.com/panva/jose/commit/70ff22227ad303e57228dc8351688531499a833a))
|
137 |
|
138 |
|
139 |
|
140 | # [1.21.0](https://github.com/panva/jose/compare/v1.20.0...v1.21.0) (2020-01-23)
|
141 |
|
142 |
|
143 | ### Bug Fixes
|
144 |
|
145 | * **typescript:** don't expose non existant classes, fix decode key ([0f8bf88](https://github.com/panva/jose/commit/0f8bf886da1b5d02cd0d968d0ec02a58673df258))
|
146 |
|
147 |
|
148 | ### Features
|
149 |
|
150 | * add opt-in support for Unsecured JWS algorithm "none" ([3a6d17f](https://github.com/panva/jose/commit/3a6d17fdd18d8bbd074c07c2dd08f0406c16a8f1))
|
151 |
|
152 |
|
153 |
|
154 | # [1.20.0](https://github.com/panva/jose/compare/v1.19.0...v1.20.0) (2020-01-16)
|
155 |
|
156 |
|
157 | ### Features
|
158 |
|
159 | * add JWTExpired error and JWTClaimInvalid claim and reason props ([a0c0c7a](https://github.com/panva/jose/commit/a0c0c7ad70f42d9b23b3e71de43599a8ac6fe1ff)), closes [#62](https://github.com/panva/jose/issues/62)
|
160 |
|
161 |
|
162 |
|
163 | # [1.19.0](https://github.com/panva/jose/compare/v1.18.2...v1.19.0) (2020-01-13)
|
164 |
|
165 |
|
166 | ### Features
|
167 |
|
168 | * exposed shorthands for JWT verification profiles ([b1864e3](https://github.com/panva/jose/commit/b1864e319d1a7a42eadfa0c4b0145952e7814726))
|
169 |
|
170 |
|
171 |
|
172 | ## [1.18.2](https://github.com/panva/jose/compare/v1.18.1...v1.18.2) (2020-01-08)
|
173 |
|
174 |
|
175 | ### Bug Fixes
|
176 |
|
177 | * ensure asn1.js version to remove Buffer deprecation notice ([13b1106](https://github.com/panva/jose/commit/13b1106048fdeae00b09d54f05245dded85b14a7))
|
178 | * expose JOSENotSupported key import errors on unsupported runtimes ([bc81e5d](https://github.com/panva/jose/commit/bc81e5dec2987f6ce6dc3fa5daa23dfe620c0a34))
|
179 | * typo in JOSENotSupported error when x509 certs are not supported ([bb58c9c](https://github.com/panva/jose/commit/bb58c9ce52e807ca4cfad6bcbf1ab96b91778b1f))
|
180 |
|
181 |
|
182 |
|
183 | ## [1.18.1](https://github.com/panva/jose/compare/v1.18.0...v1.18.1) (2020-01-01)
|
184 |
|
185 |
|
186 | ### Bug Fixes
|
187 |
|
188 | * force iat past check when maxTokenAge option is used + JWT refactor ([828ad5a](https://github.com/panva/jose/commit/828ad5a33dc0cc0049923b69f43f97463295456e))
|
189 |
|
190 |
|
191 |
|
192 | # [1.18.0](https://github.com/panva/jose/compare/v1.17.2...v1.18.0) (2019-12-31)
|
193 |
|
194 |
|
195 | ### Features
|
196 |
|
197 | * add JWT validation profiles for Access Tokens and Logout Tokens ([7bb5c95](https://github.com/panva/jose/commit/7bb5c953a9c6d9bd915e8ebc0608bc0649427745))
|
198 |
|
199 |
|
200 |
|
201 | ## [1.17.2](https://github.com/panva/jose/compare/v1.17.1...v1.17.2) (2019-12-17)
|
202 |
|
203 |
|
204 | ### Bug Fixes
|
205 |
|
206 | * skip validating iat is in the past when exp is present ([0ed5025](https://github.com/panva/jose/commit/0ed5025de30a754de95ae2587ce0f4573909b006))
|
207 |
|
208 |
|
209 |
|
210 | ## [1.17.1](https://github.com/panva/jose/compare/v1.17.0...v1.17.1) (2019-12-10)
|
211 |
|
212 |
|
213 | ### Bug Fixes
|
214 |
|
215 | * properly fail to import unsupported openssh keys ([bee5744](https://github.com/panva/jose/commit/bee574457f29597ccab09d51ac61b85dd7a7146a))
|
216 |
|
217 |
|
218 |
|
219 | # [1.17.0](https://github.com/panva/jose/compare/v1.16.2...v1.17.0) (2019-12-10)
|
220 |
|
221 |
|
222 | ### Features
|
223 |
|
224 | * importing a certificate populates x5c and x5t thumbprints ([25a7a71](https://github.com/panva/jose/commit/25a7a71915c4f7514536cec9e7e162d0ad3b670c)), closes [#59](https://github.com/panva/jose/issues/59)
|
225 |
|
226 |
|
227 |
|
228 | ## [1.16.2](https://github.com/panva/jose/compare/v1.16.1...v1.16.2) (2019-12-05)
|
229 |
|
230 |
|
231 | ### Bug Fixes
|
232 |
|
233 | * handle Unencoded Payload (b64:false) with arbitrary buffer payloads ([daabedc](https://github.com/panva/jose/commit/daabedc776617f4fde427b3a5e79d8c176293132)), closes [#57](https://github.com/panva/jose/issues/57)
|
234 |
|
235 |
|
236 |
|
237 | ## [1.16.1](https://github.com/panva/jose/compare/v1.16.0...v1.16.1) (2019-12-05)
|
238 |
|
239 |
|
240 | ### Bug Fixes
|
241 |
|
242 | * allow PBES2 for the correct JWK `use` values ([f0d7194](https://github.com/panva/jose/commit/f0d719416ec9ca041ea88b8a983b5d899a6aa107))
|
243 |
|
244 |
|
245 |
|
246 | # [1.16.0](https://github.com/panva/jose/compare/v1.15.1...v1.16.0) (2019-12-04)
|
247 |
|
248 |
|
249 | ### Features
|
250 |
|
251 | * two official jose plugins/extensions for those living on the edge ([5b27c97](https://github.com/panva/jose/commit/5b27c97ac8836ffa9f3880e009c8db5afbfbaa2c)), closes [#56](https://github.com/panva/jose/issues/56)
|
252 |
|
253 |
|
254 |
|
255 | ## [1.15.1](https://github.com/panva/jose/compare/v1.15.0...v1.15.1) (2019-11-30)
|
256 |
|
257 |
|
258 | ### Bug Fixes
|
259 |
|
260 | * **typescript:** export Key Input types ([0277fcd](https://github.com/panva/jose/commit/0277fcd1896af497e79190212b0719f7e62366c1))
|
261 |
|
262 |
|
263 |
|
264 | # [1.15.0](https://github.com/panva/jose/compare/v1.14.0...v1.15.0) (2019-11-27)
|
265 |
|
266 |
|
267 | ### Bug Fixes
|
268 |
|
269 | * default JWT.sign `kid` option value is false for HMAC signatures ([ce77388](https://github.com/panva/jose/commit/ce7738825403f8cdb8f99cb51c096baf0dfa3af7))
|
270 |
|
271 |
|
272 | ### Features
|
273 |
|
274 | * allow JWK.asKey inputs for sign/verify/encrypt/decrypt operations ([5e1009a](https://github.com/panva/jose/commit/5e1009a63e4bc829009cc46d6295c00f8431024c))
|
275 |
|
276 |
|
277 |
|
278 | # [1.14.0](https://github.com/panva/jose/compare/v1.13.0...v1.14.0) (2019-11-26)
|
279 |
|
280 |
|
281 | ### Features
|
282 |
|
283 | * allow JWKS.KeyStore .all and .get to filter for key curves ([ea60338](https://github.com/panva/jose/commit/ea60338ca6f58f2626992a38da76812477ce4540))
|
284 |
|
285 |
|
286 |
|
287 | # [1.13.0](https://github.com/panva/jose/compare/v1.12.1...v1.13.0) (2019-11-23)
|
288 |
|
289 |
|
290 | ### Features
|
291 |
|
292 | * return the CEK from JWE.decrypt operation with { complete: true } ([c3eb845](https://github.com/panva/jose/commit/c3eb8450b98b2f5ecc127d69afe85a7ae2cc5aaa))
|
293 |
|
294 |
|
295 |
|
296 | ## [1.12.1](https://github.com/panva/jose/compare/v1.12.0...v1.12.1) (2019-11-14)
|
297 |
|
298 |
|
299 |
|
300 | # [1.12.0](https://github.com/panva/jose/compare/v1.11.0...v1.12.0) (2019-11-05)
|
301 |
|
302 |
|
303 | ### Features
|
304 |
|
305 | * add JWS.verify encoding and parsing options ([6bb66d4](https://github.com/panva/jose/commit/6bb66d4f0b4c96f2da8ac5f14fda6bc4f53f2994))
|
306 |
|
307 |
|
308 |
|
309 | # [1.11.0](https://github.com/panva/jose/compare/v1.10.2...v1.11.0) (2019-11-03)
|
310 |
|
311 |
|
312 | ### Features
|
313 |
|
314 | * expose crypto.KeyObject instances in supported runtimes ([8ea9683](https://github.com/panva/jose/commit/8ea968312e97ed0f992fab909a20e7993159ec45))
|
315 |
|
316 |
|
317 |
|
318 | ## [1.10.2](https://github.com/panva/jose/compare/v1.10.1...v1.10.2) (2019-10-29)
|
319 |
|
320 |
|
321 | ### Bug Fixes
|
322 |
|
323 | * only use secp256k1 keys for signing/verification ([9588223](https://github.com/panva/jose/commit/95882232d6d409a321b6a8c168f5b78ebbdabf95))
|
324 |
|
325 |
|
326 |
|
327 | ## [1.10.1](https://github.com/panva/jose/compare/v1.10.0...v1.10.1) (2019-10-04)
|
328 |
|
329 |
|
330 | ### Bug Fixes
|
331 |
|
332 | * throw proper error when runtime doesn't support OKP ([0a16efb](https://github.com/panva/jose/commit/0a16efb)), closes [#48](https://github.com/panva/jose/issues/48)
|
333 |
|
334 |
|
335 |
|
336 | # [1.10.0](https://github.com/panva/jose/compare/v1.9.2...v1.10.0) (2019-10-01)
|
337 |
|
338 |
|
339 | ### Features
|
340 |
|
341 | * rename package ([26f4cf2](https://github.com/panva/jose/commit/26f4cf2))
|
342 |
|
343 |
|
344 |
|
345 | ## [1.9.2](https://github.com/panva/jose/compare/v1.9.1...v1.9.2) (2019-09-16)
|
346 |
|
347 |
|
348 | ### Bug Fixes
|
349 |
|
350 | * keystore.toJWKS(true) does not throw on public keys ([81abdfa](https://github.com/panva/jose/commit/81abdfa)), closes [#42](https://github.com/panva/jose/issues/42)
|
351 |
|
352 |
|
353 |
|
354 | ## [1.9.1](https://github.com/panva/jose/compare/v1.9.0...v1.9.1) (2019-09-10)
|
355 |
|
356 |
|
357 |
|
358 | # [1.9.0](https://github.com/panva/jose/compare/v1.8.0...v1.9.0) (2019-08-24)
|
359 |
|
360 |
|
361 | ### Features
|
362 |
|
363 | * allow JWKS.asKeyStore to swallow errors ([78398d3](https://github.com/panva/jose/commit/78398d3))
|
364 |
|
365 |
|
366 |
|
367 | # [1.8.0](https://github.com/panva/jose/compare/v1.7.0...v1.8.0) (2019-08-22)
|
368 |
|
369 |
|
370 | ### Features
|
371 |
|
372 | * added Node.js lts/dubnium support for runtime supported features ([67a8601](https://github.com/panva/jose/commit/67a8601))
|
373 |
|
374 |
|
375 |
|
376 | # [1.7.0](https://github.com/panva/jose/compare/v1.6.1...v1.7.0) (2019-08-20)
|
377 |
|
378 |
|
379 | ### Features
|
380 |
|
381 | * add RSA-OAEP-256 support (when a node version supports it) ([28d7cf8](https://github.com/panva/jose/commit/28d7cf8)), closes [#29](https://github.com/panva/jose/issues/29)
|
382 |
|
383 |
|
384 |
|
385 | ## [1.6.1](https://github.com/panva/jose/compare/v1.6.0...v1.6.1) (2019-07-29)
|
386 |
|
387 |
|
388 | ### Bug Fixes
|
389 |
|
390 | * properly pad calculated RSA primes ([dd121ce](https://github.com/panva/jose/commit/dd121ce))
|
391 |
|
392 |
|
393 |
|
394 | # [1.6.0](https://github.com/panva/jose/compare/v1.5.2...v1.6.0) (2019-07-27)
|
395 |
|
396 |
|
397 | ### Bug Fixes
|
398 |
|
399 | * use the correct ECPrivateKey version when importing EC JWK ([24acd20](https://github.com/panva/jose/commit/24acd20))
|
400 |
|
401 |
|
402 | ### Features
|
403 |
|
404 | * electron v6.x support ([e7ad82c](https://github.com/panva/jose/commit/e7ad82c))
|
405 |
|
406 |
|
407 |
|
408 | ## [1.5.2](https://github.com/panva/jose/compare/v1.5.1...v1.5.2) (2019-07-27)
|
409 |
|
410 |
|
411 | ### Bug Fixes
|
412 |
|
413 | * importing x5c in electron requires the input split ([181fd09](https://github.com/panva/jose/commit/181fd09))
|
414 |
|
415 |
|
416 |
|
417 | ## [1.5.1](https://github.com/panva/jose/compare/v1.5.0...v1.5.1) (2019-07-27)
|
418 |
|
419 |
|
420 | ### Bug Fixes
|
421 |
|
422 | * correctly pad integers when importing RSA JWK ([1dc7f35](https://github.com/panva/jose/commit/1dc7f35))
|
423 |
|
424 |
|
425 |
|
426 | # [1.5.0](https://github.com/panva/jose/compare/v1.4.1...v1.5.0) (2019-07-23)
|
427 |
|
428 |
|
429 | ### Features
|
430 |
|
431 | * validate JWTs according to a JWT profile - ID Token ([6c98b61](https://github.com/panva/jose/commit/6c98b61))
|
432 |
|
433 |
|
434 |
|
435 | ## [1.4.1](https://github.com/panva/jose/compare/v1.4.0...v1.4.1) (2019-07-14)
|
436 |
|
437 |
|
438 | ### Bug Fixes
|
439 |
|
440 | * honour the JWT.sign `jti` option ([36c9ce2](https://github.com/panva/jose/commit/36c9ce2)), closes [#33](https://github.com/panva/jose/issues/33)
|
441 |
|
442 |
|
443 |
|
444 | # [1.4.0](https://github.com/panva/jose/compare/v1.3.0...v1.4.0) (2019-07-08)
|
445 |
|
446 |
|
447 | ### Features
|
448 |
|
449 | * add secp256k1 EC Key curve and ES256K ([211d7af](https://github.com/panva/jose/commit/211d7af))
|
450 |
|
451 |
|
452 |
|
453 | # [1.3.0](https://github.com/panva/jose/compare/v1.0.2...c51dc28) (2019-06-21)
|
454 |
|
455 |
|
456 | ### Features
|
457 |
|
458 | * compute private RSA key p, q, dp, dq, qi when omitted ([6e3d6fd](https://github.com/panva/jose/commit/6e3d6fd)), closes [#26](https://github.com/panva/jose/issues/26)
|
459 | * add support for JWK x5c, x5t and x5t#S256 ([9d46c48](https://github.com/panva/jose/commit/9d46c48))
|
460 | * instances of JWKS.KeyStore are now iterable (e.g. for ... of) ([2eae293](https://github.com/panva/jose/commit/2eae293))
|
461 |
|
462 | ### Bug Fixes
|
463 |
|
464 | * limit calculation of missing RSA private components ([5b53cb0](https://github.com/panva/jose/commit/5b53cb0))
|
465 | * reject rsa keys without all factors and exponents with a specific message ([b0ff436](https://github.com/panva/jose/commit/b0ff436))
|
466 |
|
467 | ### Deprecations
|
468 |
|
469 | - this deprecates the use of `JWK.importKey` in favor of
|
470 | `JWK.asKey`
|
471 | - this deprecates the use of `JWKS.KeyStore.fromJWKS` in favor of
|
472 | `JWKS.asKeyStore`
|
473 |
|
474 | Both `JWK.importKey` and `JWKS.KeyStore.fromJWKS` could have resulted
|
475 | in the process getting blocked when large bitsize RSA private keys
|
476 | were missing their components and could also result in an endless
|
477 | calculation loop when the private key's private exponent was outright
|
478 | invalid or tampered with.
|
479 |
|
480 | The new methods still allow to import private RSA keys with these
|
481 | optimization key parameters missing but it is disabled by default and one
|
482 | should choose to enable it when working with keys from trusted sources
|
483 |
|
484 | It is recommended not to use `jose` versions with this feature in
|
485 | its original on-by-default form - v1.1.0 and v1.2.0
|
486 |
|
487 |
|
488 |
|
489 | ## [1.0.2](https://github.com/panva/jose/compare/v1.0.1...v1.0.2) (2019-05-13)
|
490 |
|
491 |
|
492 | ### Bug Fixes
|
493 |
|
494 | * add missing keystore.toJWKS() .d.ts definition ([c7a8606](https://github.com/panva/jose/commit/c7a8606)), closes [#25](https://github.com/panva/jose/issues/25)
|
495 |
|
496 |
|
497 |
|
498 | ## [1.0.1](https://github.com/panva/jose/compare/v1.0.0...v1.0.1) (2019-04-27)
|
499 |
|
500 |
|
501 | ### Bug Fixes
|
502 |
|
503 | * oct key ts "k" type fix ([0750d2c](https://github.com/panva/jose/commit/0750d2c))
|
504 |
|
505 |
|
506 |
|
507 | <a name="1.0.0"></a>
|
508 | # [1.0.0](https://github.com/panva/jose/compare/v0.12.0...v1.0.0) (2019-04-23)
|
509 |
|
510 |
|
511 | ### Bug Fixes
|
512 |
|
513 | * fail to import invalid PEM formatted strings and buffers ([857dc2b](https://github.com/panva/jose/commit/857dc2b))
|
514 |
|
515 |
|
516 | ### Features
|
517 |
|
518 | * add JWK key_ops support, fix .algorithms() op returns ([23b874c](https://github.com/panva/jose/commit/23b874c))
|
519 | * add key.toPEM() export function with optional encryption ([1159b0d](https://github.com/panva/jose/commit/1159b0d))
|
520 | * add OKP Key and EdDSA sign/verify support ([2dbd3ed](https://github.com/panva/jose/commit/2dbd3ed)), closes [#12](https://github.com/panva/jose/issues/12)
|
521 |
|
522 |
|
523 | ### BREAKING CHANGES
|
524 |
|
525 | * key.algorithms(op) un+wrapKey was split into correct
|
526 | wrapKey/unwrapKey/deriveKey returns
|
527 | * keystore.all and keystore.get `operation` option was
|
528 | removed, `key_ops: string[]` supersedes it
|
529 | * Node.js minimal version is now v12.0.0 due to its
|
530 | added EdDSA support (crypto.sign, crypto.verify and eddsa key objects)
|
531 |
|
532 |
|
533 |
|
534 | <a name="0.12.0"></a>
|
535 | # [0.12.0](https://github.com/panva/jose/compare/v0.11.5...v0.12.0) (2019-04-07)
|
536 |
|
537 |
|
538 | ### Reverts
|
539 |
|
540 | * add EC P-256K JWK and ES256K sign/verify support ([e21fea1](https://github.com/panva/jose/commit/e21fea1))
|
541 |
|
542 |
|
543 | ### BREAKING CHANGES
|
544 |
|
545 | * removing ES256K alg and EC P-256K crv support until the
|
546 | IETF WG decides on what the final names will be.
|
547 |
|
548 |
|
549 |
|
550 | <a name="0.11.5"></a>
|
551 | ## [0.11.5](https://github.com/panva/jose/compare/v0.11.4...v0.11.5) (2019-04-04)
|
552 |
|
553 |
|
554 | ### Features
|
555 |
|
556 | * add key.secret<boolean> and key.type<string> for completeness ([2dd7053](https://github.com/panva/jose/commit/2dd7053))
|
557 | * add key.thumbprint always returning the JWK Thumbprint (RFC7638) ([65db7e0](https://github.com/panva/jose/commit/65db7e0))
|
558 |
|
559 |
|
560 |
|
561 | <a name="0.11.4"></a>
|
562 | ## [0.11.4](https://github.com/panva/jose/compare/v0.11.3...v0.11.4) (2019-03-28)
|
563 |
|
564 |
|
565 | ### Bug Fixes
|
566 |
|
567 | * properly restrict EC curves in generate(Sync) ([764b863](https://github.com/panva/jose/commit/764b863))
|
568 | * remove unintended exposure of private material via enumerables ([946d9df](https://github.com/panva/jose/commit/946d9df))
|
569 |
|
570 |
|
571 |
|
572 | <a name="0.11.3"></a>
|
573 | ## [0.11.3](https://github.com/panva/jose/compare/v0.11.2...v0.11.3) (2019-03-27)
|
574 |
|
575 |
|
576 | ### Bug Fixes
|
577 |
|
578 | * throw on unsupported EC curves ([cfa4222](https://github.com/panva/jose/commit/cfa4222))
|
579 |
|
580 |
|
581 | ### Features
|
582 |
|
583 | * add EC P-256K JWK and ES256K sign/verify support ([2e33e1c](https://github.com/panva/jose/commit/2e33e1c))
|
584 |
|
585 |
|
586 |
|
587 | <a name="0.11.2"></a>
|
588 | ## [0.11.2](https://github.com/panva/jose/compare/v0.11.1...v0.11.2) (2019-03-19)
|
589 |
|
590 |
|
591 | ### Bug Fixes
|
592 |
|
593 | * internal symbol method is now really a symbol ([925d47c](https://github.com/panva/jose/commit/925d47c))
|
594 | * key.toJWK() fixed on windows ([57f1692](https://github.com/panva/jose/commit/57f1692)), closes [#17](https://github.com/panva/jose/issues/17)
|
595 |
|
596 |
|
597 | ## [0.11.1](https://github.com/panva/jose/compare/v0.11.0...v0.11.1) (2019-03-17)
|
598 |
|
599 |
|
600 | ### Bug Fixes
|
601 |
|
602 | * restrict RS key algorithms by the key's bit size ([9af295b](https://github.com/panva/jose/commit/9af295b))
|
603 |
|
604 |
|
605 | # [0.11.0](https://github.com/panva/jose/compare/v0.10.0...v0.11.0) (2019-03-16)
|
606 |
|
607 |
|
608 | ### Bug Fixes
|
609 |
|
610 | * all JWA defined RSA operations require key of 2048 or more ([cc70c5d](https://github.com/panva/jose/commit/cc70c5d))
|
611 | * use correct salt length for RSASSA-PSS ([e936d54](https://github.com/panva/jose/commit/e936d54))
|
612 |
|
613 |
|
614 | ### BREAKING CHANGES
|
615 |
|
616 | * all [JWA](https://tools.ietf.org/html/rfc7518) defined
|
617 | RSA based operations require key size of 2048 bits or more.
|
618 |
|
619 |
|
620 |
|
621 | # [0.10.0](https://github.com/panva/jose/compare/v0.9.2...v0.10.0) (2019-03-12)
|
622 |
|
623 |
|
624 | ### Bug Fixes
|
625 |
|
626 | * do not list "dir" under wrap/unwrapKey operations ([17b37d3](https://github.com/panva/jose/commit/17b37d3))
|
627 |
|
628 |
|
629 | ### Features
|
630 |
|
631 | * keystore .all and .get operation option ([d349ba9](https://github.com/panva/jose/commit/d349ba9))
|
632 |
|
633 |
|
634 | ### BREAKING CHANGES
|
635 |
|
636 | * "dir" is no longer returned as wrap/unwrapKey key
|
637 | operation
|
638 |
|
639 |
|
640 |
|
641 | ## [0.9.2](https://github.com/panva/jose/compare/v0.9.1...v0.9.2) (2019-03-05)
|
642 |
|
643 |
|
644 | ### Bug Fixes
|
645 |
|
646 | * "dir" is only available on keys with correct lengths ([6854860](https://github.com/panva/jose/commit/6854860))
|
647 | * do not 'in' operator when importing keys as string ([be3f4e4](https://github.com/panva/jose/commit/be3f4e4))
|
648 |
|
649 |
|
650 |
|
651 | ## [0.9.1](https://github.com/panva/jose/compare/v0.9.0...v0.9.1) (2019-03-02)
|
652 |
|
653 |
|
654 | ### Bug Fixes
|
655 |
|
656 | * only import RSA, EC and oct successfully ([e5e02fc](https://github.com/panva/jose/commit/e5e02fc))
|
657 |
|
658 |
|
659 | # 0.9.0 (2019-03-02)
|
660 |
|
661 | Initial release
|
662 |
|
663 | ### Implemented Features
|
664 |
|
665 | - JSON Web Signature (JWS) - [RFC7515][spec-jws]
|
666 | - JSON Web Encryption (JWE) - [RFC7516][spec-jwe]
|
667 | - JSON Web Key (JWK) - [RFC7517][spec-jwk]
|
668 | - JSON Web Algorithms (JWA) - [RFC7518][spec-jwa]
|
669 | - JSON Web Token (JWT) - [RFC7519][spec-jwt]
|
670 | - JSON Web Key (JWK) Thumbprint - [RFC7638][spec-thumbprint]
|
671 | - JWS Unencoded Payload Option - [RFC7797][spec-b64]
|
672 |
|
673 | | JWK Key Types | Supported ||
|
674 | | -- | -- | -- |
|
675 | | RSA | ✓ | RSA |
|
676 | | Elliptic Curve | ✓ | EC |
|
677 | | Octet sequence | ✓ | oct |
|
678 |
|
679 | | Serialization | JWS Sign | JWS Verify | JWE Encrypt | JWE Decrypt |
|
680 | | -- | -- | -- | -- | -- |
|
681 | | Compact | ✓ | ✓ | ✓ | ✓ |
|
682 | | General JSON | ✓ | ✓ | ✓ | ✓ |
|
683 | | Flattened JSON | ✓ | ✓ | ✓ | ✓ |
|
684 |
|
685 | | JWS Algorithms | Supported ||
|
686 | | -- | -- | -- |
|
687 | | RSASSA-PKCS1-v1_5 | ✓ | RS256, RS384, RS512 |
|
688 | | RSASSA-PSS | ✓ | PS256, PS384, PS512 |
|
689 | | ECDSA | ✓ | ES256, ES384, ES512 |
|
690 | | HMAC with SHA-2 | ✓ | HS256, HS384, HS512 |
|
691 |
|
692 | | JWE Key Management Algorithms | Supported ||
|
693 | | -- | -- | -- |
|
694 | | AES | ✓ | A128KW, A192KW, A256KW |
|
695 | | AES GCM | ✓ | A128GCMKW, A192GCMKW, A256GCMKW |
|
696 | | Direct Key Agreement | ✓ | dir |
|
697 | | RSAES OAEP | ✓<sup>*</sup> | RSA-OAEP <sub>(<sup>*</sup>RSA-OAEP-256 is not supported due to its lack of support in Node.js)</sub> |
|
698 | | RSAES-PKCS1-v1_5 | ✓ | RSA1_5 |
|
699 | | PBES2 | ✓ | PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW |
|
700 | | ECDH-ES | ✓ | ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW |
|
701 |
|
702 | | JWE Content Encryption Algorithms | Supported ||
|
703 | | -- | -- | -- |
|
704 | | AES GCM | ✓ | A128GCM, A192GCM, A256GCM |
|
705 | | AES_CBC_HMAC_SHA2 | ✓ | A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 |
|
706 |
|
707 | [spec-b64]: https://tools.ietf.org/html/rfc7797
|
708 | [spec-jwa]: https://tools.ietf.org/html/rfc7518
|
709 | [spec-jwe]: https://tools.ietf.org/html/rfc7516
|
710 | [spec-jwk]: https://tools.ietf.org/html/rfc7517
|
711 | [spec-jws]: https://tools.ietf.org/html/rfc7515
|
712 | [spec-jwt]: https://tools.ietf.org/html/rfc7519
|
713 | [spec-thumbprint]: https://tools.ietf.org/html/rfc7638
|