Releases: a-sit-plus/signum
3.16.2 / 0.8.3 Supreme-Only Hotfix
- Set minimum iOS version to 15
- Fix Swift compat linker errors (closes #280)
3.6.2 (Supreme 0.8.2) Lower minSDK
- Lower Android
minSDK
to 21 (5.0 Lollipop) for all modules Except Supreme - Update AGP to 8.6.1
- Dependency Updates:
- KmmResult 1.9.2 (for Android SDK 21 compat)
3.6.1 (Supreme 0.8.1) Hotfix
- Generalized, proper COSE to MAC mapping, preventing unexpected behaviour for
HS265_24
3.16.0 (Supreme 0.8.0)
Symmetric Encryption and Major Cleanups
-
Note: All debug-only kotlinx.serialization for cryptographic datatypes like certificates, public keys, etc. was removed!
- We support robust ASN.1 encoding and mapping from/to JOSE and COSE datatypes and our ASN.1 structures support pretty printing.
- -> There is no need for this misleading serialization support for debugging anymore.
@Serializable
suggests deserialization from JSON, CBOR, etc. works, which was never universally true.- Getting native ASN.1 serialization for kotlinx-serialization is now a no-brainer given we support every primitive required.
- Serializers like
X509CertificateBase64UrlSerializer
are here to stay because those are universally useful! ObjectIdSerializer
was renamed toObjectIdentifierStringSerializer
-
HMAC Support
- This finally cleans up the
RSAorHMAC
mess, which is a breaking change - Introduce umbrella
DataIntegrityAlgorithms
, which is the parent ofSignatureAlgorithm
andMessageAuthenticationCode
JwsAlgorithm
andCoseAlgorithm
are now abstract, having subclasses.JwsAlgorithm
s andCoseAlgorithm
s are now available under.Signature
and.MAC
respectively. There are no toplevel constants of predefined algorithms anymore!
- This finally cleans up the
-
Symmetric Encryption
- Supported Algorithms
- AES
- GCM
- CBC-HMAC
- CBC
- ECB
- KW
- ChaCha-Poly1305
- AES
- Add algorithm mappings to indispensable-josef This is a binary-incompatible change
ivLength
andencryptionKeyLength
now returnBitLength
instead ofInt
text
is now properly calledidentifier
- Supported Algorithms
-
Move
HazardousMaterials
annotation fromsupreme
toindispensable
This is a breaking change -
Move
SecretExposure
annotation fromsupreme
toindispensable
This is a breaking change -
Expose
SecureRandom
as API dependency inindispensable
-
Rename
CoseAlgorithm.value
->CoseAlgorithm.coseValue
-
Fix COSE key parsing for unordered properties
-
Remove code elements deprecated in 3.15.0, related to OID4VCI and HAIP
3.15.2
Parse not-implemented EC curves as null
, e.g. in Json Web Keys.
This release does not contain a new Supreme version, as it is unaffected by these changes
3.15.1 (Supreme 0.7.2)
- Fix decoding
did:key:
key identifiers containing a#
- Fix missing android artefact publishing for Supreme (thanks to @ephemient)
- Kotlin 2.1.20
3.15.0 (Supreme 0.7.1)
- Note: We are deprecating and will soon be removing the debug-only serialization for cryptographic datatypes like certificates, public keys, etc.
- We support robust ASN.1 encoding and mapping from/to JOSE and COSE datatypes and our ASN.1 structures support pretty printing.
- -> There is no need for this misleading serialization support for debugging anymore
@Serializable
suggests deserialization from JSON, CBOR, etc. works, which was never universally true- Getting native ASN.1 serialization for kotlinx-serialization is now a no-brainer given we support every primitive required.
- This note will be prepended to the changelog entries until the
@Serialization
annotations have been removed.- This will happen by Indispensable 4.0.0 / Supreme 1.0.0, if not before then.
- Introduce support for ASN.1 REAL
- Add built-in ASN.1 ENUMERATED support
- Rename
ObjectIdentifier.parse
->ObjectIdentifier.decodeFromAsn1ContentBytes
in accordance with other similar functions - Update data classes for Wallet Attestation from OpenID4VC HAIP and OpenID4VCI:
- Deprecate
authenticationLevel
(aal
) inJsonWebToken
, removed from standards - Deprecate
key_type
,user_authentication
inConfirmationClaim
, removed from standards - Deprecate types
WalletAttestationUserAuthentication
,WalletAttestationKeyType
, removed from standards - Add
wallet_name
,wallet_link
,status
toJsonWebToken
, used in Key Attestation JWT - Add
KeyAttestationJwt
from OpenID4VCI
- Deprecate
- Add dedicated Android targets (SDK 30 / JDK 1.8) to all modules
- Fix internal deprecations
- Raise deprecation level to ERROR for deprecated functions:
Asn1Element.Companion.parseAll
Asn1Element.Companion.parse
Asn1Element.Companion.decodeFromDerHexString
Asn1Element.asPrimitiveOctetString
CryptoPublicKey.fromJcaPublicKey
CryptoPublicKey.RSA.fromJcaPublicKey
CryptoPublicKey.EC.fromJcaPublicKey
CryptoSignature.invoke
CryptoPublicKey.RSA(n: ByteArray, e: ByteArray)
CryptoPublicKey.EC(curve: ECCurve, x: ByteArray, usePositiveY: Boolean)
CryptoPublicKey.EC(curve: ECCurve, x: ByteArray, y: ByteArray)
ECCurve.keyLengthBits
ECCurve.coordinateLengthBytes
ECCurve.signatureLengthBytes
3.14.0 (Supreme 0.7.0)
- Key Agreement Support
- ECDH
- Certificate Improvements:
- Parse X.509 certificates in V1 too
- Change UniqueIDs from BitSet to
Asn1BitString
, enabling correct encoding of borked bit strings
- Change variance of generic on
Asn1Encodable
andAsn1Decodable
3.13.0 (Supreme 0.6.4)
- Fix COSE key serialization
- Refactor
Asn1Integer
to useUByteArray
internally instead of a list - Fix ASN.1 decoding flaw for a very specific length encoding
- Performance optimization: Instantiate fewer
KmmResults
- Move
PemEncodable
/PemDecodable
from indispensable to indispensable-asn1 module. - More comprehensive PEM encoding/decoding support:
CryptoPublicKey
- Note that PKCS1 encoding of RSA keys is not supported as it is discouraged (decoding is supported)
- ANSI encoding and decoding is also unsupported, because decoding requires context and encoding this way is incomplete
X509Certificate
- CSR (
Pkcs10CertificationRequest
)
- Change
CoseHeader.certificateChain
(CBOR element 33x5chain
) from a single byte array to a list of byte arrays, acc. to specification - Remove
CoseHeader.coseKey
, which has been an unofficial addition from OID4VCI, but has been removed since
3.12.1 (Supreme 0.6.3)
This is a point release. Version numbers are all incremented to keep components aligned.
New Features:
- Add COSE object creation with detached payload, i.e. setting a
null
payload inCoseSigned
, and clients are responsible to transport the payload separately.
If you don't require this feature, no need to update!