Changelog

1.2.0 (2024-01-08)

  • Enhancements

    • Add support for C20P and C20PKW (see 61fb00b and 2f38f78).
    • Add support for XC20P and XC20PKW (see 29d0942).
    • Relicense library under MIT license (thanks to @jessieay in #14).

  • Fixes

    • Use RSA PSS salt length of hash/digest length instead of max length (thanks to @abhiuppala for reporting in #12, see 646bdde)
    • Full Ruby 3 and OpenSSL 3 compatibility (thanks to @beanieboi, see #25).

1.1.3 (2018-09-20)

1.1.2 (2016-07-07)

  • Enhancements

  • Fixes

    • Fixed compression encoding bug for {"zip":"DEF"} operations (thanks to @amadden734 see #3)

1.1.1 (2016-05-27)

  • Enhancements

    • Support for JOSE::JWK::Set for key sets.

  • Fixes

    • Many of the file writing operations for JOSE::JWK have been fixed.

1.1.0 (2016-05-10)

  • Enhancements

    • Test coverage is now slightly above 90%.
    • Removed legacy support for 32-byte Ed448 and Ed448ph secret keys.
    • Improved behavior of ECDH-ES encryption.

  • Fixes

    • X25519 uses RbNaCl when available.
    • Various argument order fixes.

1.0.0 (2016-05-07)

  • Enhancements
    • Documentation! Many thanks to @soumyaray for the motivation to improve documentation.
    • Support for OpenSSH octet key pairs (for Ed25519).
    • Better key management behavior associated with ECDH-ES algorithms.

0.3.1 (2016-05-05)

  • Fixes
    • Fix bug with PBES2 based encryption.

0.3.0 (2016-05-05)

  • Enhancements
    • Added merge functions:
    • JOSE::JWE#merge
    • JOSE::JWK#merge
    • JOSE::JWS#merge
    • JOSE::JWT#merge
    • Added block_encryptor and signer functions:
    • JOSE::JWK#block_encryptor
    • JOSE::JWK#signer
    • Support for "alg", "enc", and "use" on keys.

Examples of new functionality:

# Let's generate a 64 byte octet key
jwk = JOSE::JWK.generate_key([:oct, 64])
# => {"k"=>"FXSy7PufOayusvfyKQzdxCegm7yWIMp1b0LD13v57Nq2wF_B-fcr7LDOkufDikmFFsVYWLgrA2zEB--_qqDn3g", "kty"=>"oct"}

# Based on the key's size and type, a default signer (JWS) can be determined
jwk.signer
# => {"alg"=>"HS512"}

# Based on the key's size and type, a default encryptor (JWE) can be determined
jwk.block_encryptor
# => {"alg"=>"dir", "enc"=>"A256CBC-HS512"}

# Keys can be generated based on the signing algorithm (JWS)
JOSE::JWS.generate_key({'alg' => 'HS256'})
# => {"alg"=>"HS256", "k"=>"UuP3Tw2xbGV5N3BGh34cJNzzC2R1zU7i4rOnF9A8nqY", "kty"=>"oct", "use"=>"sig"}

# Keys can be generated based on the encryption algorithm (JWE)
JOSE::JWE.generate_key({'alg' => 'dir', 'enc' => 'A128GCM'})
# => {"alg"=>"dir", "enc"=>"A128GCM", "k"=>"8WNdBjXXwg6QTwrrOnvEPw", "kty"=>"oct", "use"=>"enc"}

# Example of merging a map into an existing JWS (also works with JWE, JWK, and JWT)
jws = JOSE::JWS.from({'alg' => 'HS256'})
jws.merge({'typ' => 'JWT'})
# => {"alg"=>"HS256", "typ"=>"JWT"}

0.2.0 (2016-02-25)

  • Enhancements
    • Add JOSE.__crypto_fallback__ which can be set directly or with the JOSE_CRYPTO_FALLBACK environment variable. EdDSA and EdDH algorithms not natively supported are disabled by default.
    • Support OKP key type with the following curves:
    • Ed25519 (external RbNaCl or fallback supported)
    • Ed25519ph (external RbNaCl or fallback supported)
    • X25519 (external RbNaCl or fallback supported)
    • Ed448 (no external, but fallback supported)
    • Ed448ph (no external, but fallback supported)
    • X448 (no external, but fallback supported)
    • Support SHA-3 functions for use with Ed448 and Ed448ph.
    • Add JOSE::JWK#shared_secret for computing the shared secret between two EC or OKP keys.

0.1.0 (2015-11-24)

  • Initial Release

  • Algorithm Support