All Versions
37
Latest Version
Avg Release Cycle
88 days
Latest Release
987 days ago
Changelog History
Page 2
Changelog History
Page 2
-
v1.8.0 Changes
March 15, 2017โจ Enhancements
- ChaCha20/Poly1305 encryption and one-time message authentication functions are experimentally supported based on RFC 7539.
๐ Fixes
- Handling invalid token without raising Exception #22
JOSE.JWT.verify
uses CPU intensively when signed is nil #23
Examples of new functionality:
iex\> # Encryptiex\> jwe = %{"alg" =\> "dir", "enc" =\> "ChaCha20/Poly1305"} iex\> jwk = JOSE.JWE.generate\_key(jwe) |\> JOSE.JWK.to\_map |\> elem(1) %{"alg" =\> "dir", "enc" =\> "ChaCha20/Poly1305", "k" =\> "EffEuY2nbShIVtizmek8AuR7ftSuY2e8XRxGjMc8QAc", "kty" =\> "oct", "use" =\> "enc"} iex\> plain\_text = "message to encrypt"iex\> encrypted = JOSE.JWK.block\_encrypt(plain\_text, jwk) |\> JOSE.JWE.compact |\> elem(1)"eyJhbGciOiJkaXIiLCJlbmMiOiJDaGFDaGEyMC9Qb2x5MTMwNSJ9..lbsERynEgQS8CRXZ.D\_kt8ChsaYWX9gL9tJlJ2n0E.y0o\_TYjGlaB9sEEcA9o12A"iex\> # Decryptiex\> plain\_text == JOSE.JWK.block\_decrypt(encrypted, jwk) |\> elem(0)trueiex\> # Signiex\> jws = %{"alg" =\> "Poly1305"} iex\> jwk = JOSE.JWS.generate\_key(jws) |\> JOSE.JWK.to\_map |\> elem(1) %{"alg" =\> "Poly1305", "k" =\> "2X-OZVLA41Wy7mAjqWRaZyOw8FLyL3O3\_f8d16D\_-tQ", "kty" =\> "oct", "use" =\> "sig"} iex\> message = "message to sign"iex\> signed = JOSE.JWK.sign(message, jwk) |\> JOSE.JWS.compact |\> elem(1)"eyJhbGciOiJQb2x5MTMwNSIsIm5vbmNlIjoicGExU1dlQzJVQzhwZlQ1NCJ9.bWVzc2FnZSB0byBzaWdu.IUI-PvN5bh\_9jX-MeDtetw"iex\> # Verifyiex\> JOSE.JWK.verify\_strict(signed, ["Poly1305"], jwk) |\> elem(0)true
-
v1.7.9 Changes
July 13, 2016- ๐ Fixes
- Fixed JSON encoding bug in
jose_json_poison_compat_encoder
for projects using Poison as the JSON encoder where Erlang loads Elixir as a dependency.
- Fixed JSON encoding bug in
- ๐ Fixes
-
v1.7.8 Changes
July 08, 2016โจ Enhancements
- Updated EdDSA tests to comply with draft 04 of draft-ietf-jose-cfrg-curves-04.
๐ Fixes
- Fixed compression encoding bug for
{"zip":"DEF"}
operations (thanks to @amadden734 see potatosalad/ruby-jose#3)
- Fixed compression encoding bug for
-
v1.7.7 Changes
June 30, 2016- โจ Enhancements
- Improved handling of RSA private keys in SMF (Straightforward Method) form to CRT (Chinese Remainder Theorem) form, see #19 This is especially useful for keys produced by Java programs using the
RSAPrivateKeySpec
API as mentioned in Section 9.3 of RFC 7517. - Updated EdDSA operations to comply with draft 02 of draft-ietf-jose-cfrg-curves-02.
- Improved handling of RSA private keys in SMF (Straightforward Method) form to CRT (Chinese Remainder Theorem) form, see #19 This is especially useful for keys produced by Java programs using the
Example RSA SMF to CRT usage:
%% The following map of an RSA secret key is in SMF (Straightforward Method) form. %% Notice that we only have d, e, and n for this secret key. JWK = jose_jwk:from(#{ <<"d">> => <<"WSAGFGM7fSyYn5NyBL0dp3kjHjQ3djjhQoOAFasoyeE">>, <<"e">> => <<"AQAB">>, <<"kty">> => <<"RSA">>, <<"n">> => <<"0PM6Aooi_KYkDA1r-S24SauFpfTRc5kiPLF3a1EhuY8">> }). %% If we convert it back to a map, it is now in CRT (Chinese Remainder Theorem) form. %% Notice that the dp, dq, p, q, and qi have been restored. element(2, jose_jwk:to_map(JWK)) =:= #{ <<"d">> => <<"WSAGFGM7fSyYn5NyBL0dp3kjHjQ3djjhQoOAFasoyeE">>, <<"dp">> => <<"G00J545ym1bqC9hnFDo3aQ">>, <<"dq">> => <<"tt0FvEZgKli6IL4rVKx3cw">>, <<"e">> => <<"AQAB">>, <<"kty">> => <<"RSA">>, <<"n">> => <<"0PM6Aooi_KYkDA1r-S24SauFpfTRc5kiPLF3a1EhuY8">>, <<"p">> => <<"9O5YQ0w6PIpDl6c6yqwyKQ">>, <<"q">> => <<"2mScgy86M3q6b301UAU09w">>, <<"qi">> => <<"Wrp0SgcGgTT5WmeuHD6Sqw">> }.
- โจ Enhancements
-
v1.7.6 Changes
June 29, 2016- ๐ Fixes
- Compatibility fixes for OTP 19 and Elixir 1.3
- ๐ Fixes
-
v1.7.5 Changes
May 13, 2016- ๐ Fixes
- Removed leftover development file accidentally included in last release.
- ๐ Fixes
-
v1.7.4 Changes
May 13, 2016โจ Enhancements
- More detailed documentation on key generation.
๐ Fixes
-
v1.7.3 Changes
March 17, 2016- ๐ Fixes
JOSE.JWT.encrypt/2
now usesJOSE.JWK.block_encryptor/1
properly.
- ๐ Fixes
-
v1.7.2 Changes
March 16, 2016- โจ Enhancements
- Better support for lists of terms.
- Added merge functions:
JOSE.JWE.merge/2
JOSE.JWK.merge/2
JOSE.JWS.merge/2
JOSE.JWT.merge/2
- Added signer, verifier, and block_encryptor functions:
JOSE.JWK.signer/1
JOSE.JWK.verifier/1
JOSE.JWK.block_encryptor/1
- Support for
"alg"
,"enc"
, and"use"
on keys.
Examples of new functionality:
iex> # Let's generate a 64 byte octet key iex> jwk = JOSE.JWK.generate_key({:oct, 64}) |> JOSE.JWK.to_map |> elem(1) %{"k" => "FXSy7PufOayusvfyKQzdxCegm7yWIMp1b0LD13v57Nq2wF_B-fcr7LDOkufDikmFFsVYWLgrA2zEB--_qqDn3g", "kty" => "oct"} iex> # Based on the key's size and type, a default signer (JWS) can be determined iex> JOSE.JWK.signer(jwk) %{"alg" => "HS512"} iex> # A list of algorithms for which this key type can be verified against can also be determined iex> JOSE.JWK.verifier(jwk) ["HS256", "HS384", "HS512"] iex> # Based on the key's size and type, a default enctypro (JWE) can be determined iex> JOSE.JWK.block_encryptor(jwk) %{"alg" => "dir", "enc" => "A256CBC-HS512"} iex> # Keys can be generated based on the signing algorithm (JWS) iex> JOSE.JWS.generate_key(%{"alg" => "HS256"}) |> JOSE.JWK.to_map |> elem(1) %{"alg" => "HS256", "k" => "UuP3Tw2xbGV5N3BGh34cJNzzC2R1zU7i4rOnF9A8nqY", "kty" => "oct", "use" => "sig"} iex> # Keys can be generated based on the encryption algorithm (JWE) iex> JOSE.JWE.generate_key(%{"alg" => "dir", "enc" => "A128GCM"}) |> JOSE.JWK.to_map |> elem(1) %{"alg" => "dir", "enc" => "A128GCM", "k" => "8WNdBjXXwg6QTwrrOnvEPw", "kty" => "oct", "use" => "enc"} iex> # Example of merging a map into an existing JWS (also works with JWE, JWK, and JWT) iex> jws = JOSE.JWS.from(%{"alg" => "HS256"}) iex> JOSE.JWS.merge(jws, %{"typ" => "JWT"}) |> JOSE.JWS.to_map |> elem(1) %{"alg" => "HS256", "typ" => "JWT"}
- โจ Enhancements
-
v1.7.1 Changes
March 08, 2016- โจ Enhancements
- New Edwards-curve Digital Signature Algorithm (EdDSA) version 04 is out, update test vectors and remove support for 32 byte secrets for Ed448 and Ed448ph.
- โจ Enhancements