Skip to content

Releases: a-sit-plus/signum

3.16.2 / 0.8.3 Supreme-Only Hotfix

13 Jun 16:39
Compare
Choose a tag to compare
  • Set minimum iOS version to 15
  • Fix Swift compat linker errors (closes #280)

3.6.2 (Supreme 0.8.2) Lower minSDK

02 Jun 09:05
Compare
Choose a tag to compare
  • Lower Android minSDK to 21 (5.0 Lollipop) for all modules Except Supreme
  • Update AGP to 8.6.1
  • Dependency Updates:
    • KmmResult 1.9.2 (for Android SDK 21 compat)

3.6.1 (Supreme 0.8.1) Hotfix

10 Apr 14:12
Compare
Choose a tag to compare
  • Generalized, proper COSE to MAC mapping, preventing unexpected behaviour for HS265_24

3.16.0 (Supreme 0.8.0)

09 Apr 19:22
Compare
Choose a tag to compare

Symmetric Encryption and Major Cleanups

  • Note: All debug-only kotlinx.serialization for cryptographic datatypes like certificates, public keys, etc. was removed!

    • We support robust ASN.1 encoding and mapping from/to JOSE and COSE datatypes and our ASN.1 structures support pretty printing.
    • -> There is no need for this misleading serialization support for debugging anymore.
    • @Serializable suggests deserialization from JSON, CBOR, etc. works, which was never universally true.
    • Getting native ASN.1 serialization for kotlinx-serialization is now a no-brainer given we support every primitive required.
    • Serializers like X509CertificateBase64UrlSerializer are here to stay because those are universally useful!
    • ObjectIdSerializer was renamed to ObjectIdentifierStringSerializer
  • HMAC Support

    • This finally cleans up the RSAorHMAC mess, which is a breaking change
    • Introduce umbrella DataIntegrityAlgorithms, which is the parent of SignatureAlgorithm and MessageAuthenticationCode
    • JwsAlgorithm and CoseAlgorithm are now abstract, having subclasses.
    • JwsAlgorithms and CoseAlgorithms are now available under .Signature and .MAC respectively. There are no toplevel constants of predefined algorithms anymore!
  • Symmetric Encryption

    • Supported Algorithms
      • AES
        • GCM
        • CBC-HMAC
        • CBC
        • ECB
        • KW
      • ChaCha-Poly1305
    • Add algorithm mappings to indispensable-josef This is a binary-incompatible change
      • ivLength and encryptionKeyLength now return BitLength instead of Int
      • text is now properly called identifier
  • Move HazardousMaterials annotation from supreme to indispensable This is a breaking change

  • Move SecretExposure annotation from supreme to indispensable This is a breaking change

  • Expose SecureRandom as API dependency in indispensable

  • Rename CoseAlgorithm.value -> CoseAlgorithm.coseValue

  • Fix COSE key parsing for unordered properties

  • Remove code elements deprecated in 3.15.0, related to OID4VCI and HAIP

3.15.2

27 Mar 15:35
Compare
Choose a tag to compare

Parse not-implemented EC curves as null, e.g. in Json Web Keys.

This release does not contain a new Supreme version, as it is unaffected by these changes

3.15.1 (Supreme 0.7.2)

24 Mar 17:39
Compare
Choose a tag to compare
  • Fix decoding did:key: key identifiers containing a #
  • Fix missing android artefact publishing for Supreme (thanks to @ephemient)
  • Kotlin 2.1.20

3.15.0 (Supreme 0.7.1)

10 Mar 22:25
Compare
Choose a tag to compare
  • Note: We are deprecating and will soon be removing the debug-only serialization for cryptographic datatypes like certificates, public keys, etc.
    • We support robust ASN.1 encoding and mapping from/to JOSE and COSE datatypes and our ASN.1 structures support pretty printing.
    • -> There is no need for this misleading serialization support for debugging anymore
    • @Serializable suggests deserialization from JSON, CBOR, etc. works, which was never universally true
    • Getting native ASN.1 serialization for kotlinx-serialization is now a no-brainer given we support every primitive required.
    • This note will be prepended to the changelog entries until the @Serialization annotations have been removed.
      • This will happen by Indispensable 4.0.0 / Supreme 1.0.0, if not before then.
  • Introduce support for ASN.1 REAL
  • Add built-in ASN.1 ENUMERATED support
  • Rename ObjectIdentifier.parse -> ObjectIdentifier.decodeFromAsn1ContentBytes in accordance with other similar functions
  • Update data classes for Wallet Attestation from OpenID4VC HAIP and OpenID4VCI:
    • Deprecate authenticationLevel (aal) in JsonWebToken, removed from standards
    • Deprecate key_type, user_authentication in ConfirmationClaim, removed from standards
    • Deprecate types WalletAttestationUserAuthentication, WalletAttestationKeyType, removed from standards
    • Add wallet_name, wallet_link, status to JsonWebToken, used in Key Attestation JWT
    • Add KeyAttestationJwt from OpenID4VCI
  • Add dedicated Android targets (SDK 30 / JDK 1.8) to all modules
  • Fix internal deprecations
  • Raise deprecation level to ERROR for deprecated functions:
    • Asn1Element.Companion.parseAll
    • Asn1Element.Companion.parse
    • Asn1Element.Companion.decodeFromDerHexString
    • Asn1Element.asPrimitiveOctetString
    • CryptoPublicKey.fromJcaPublicKey
    • CryptoPublicKey.RSA.fromJcaPublicKey
    • CryptoPublicKey.EC.fromJcaPublicKey
    • CryptoSignature.invoke
    • CryptoPublicKey.RSA(n: ByteArray, e: ByteArray)
    • CryptoPublicKey.EC(curve: ECCurve, x: ByteArray, usePositiveY: Boolean)
    • CryptoPublicKey.EC(curve: ECCurve, x: ByteArray, y: ByteArray)
    • ECCurve.keyLengthBits
    • ECCurve.coordinateLengthBytes
    • ECCurve.signatureLengthBytes

3.14.0 (Supreme 0.7.0)

12 Feb 17:44
Compare
Choose a tag to compare
  • Key Agreement Support
    • ECDH
  • Certificate Improvements:
    • Parse X.509 certificates in V1 too
    • Change UniqueIDs from BitSet to Asn1BitString, enabling correct encoding of borked bit strings
  • Change variance of generic on Asn1Encodable and Asn1Decodable

3.13.0 (Supreme 0.6.4)

11 Feb 13:41
Compare
Choose a tag to compare
  • Fix COSE key serialization
  • Refactor Asn1Integer to use UByteArray internally instead of a list
  • Fix ASN.1 decoding flaw for a very specific length encoding
  • Performance optimization: Instantiate fewer KmmResults
  • Move PemEncodable/PemDecodable from indispensable to indispensable-asn1 module.
  • More comprehensive PEM encoding/decoding support:
    • CryptoPublicKey
      • Note that PKCS1 encoding of RSA keys is not supported as it is discouraged (decoding is supported)
      • ANSI encoding and decoding is also unsupported, because decoding requires context and encoding this way is incomplete
    • X509Certificate
    • CSR (Pkcs10CertificationRequest)
  • Change CoseHeader.certificateChain (CBOR element 33 x5chain) from a single byte array to a list of byte arrays, acc. to specification
  • Remove CoseHeader.coseKey, which has been an unofficial addition from OID4VCI, but has been removed since

3.12.1 (Supreme 0.6.3)

16 Jan 15:44
7bfea78
Compare
Choose a tag to compare

This is a point release. Version numbers are all incremented to keep components aligned.

New Features:

  • Add COSE object creation with detached payload, i.e. setting a null payload in CoseSigned, and clients are responsible to transport the payload separately.

If you don't require this feature, no need to update!