Erlang Jose Versions Save

• Fixes
  • Regression fix from 1.8.2 for OTP-17 (thanks to @alexandrejbr, see #35 and #36)

• Enhancements

  • ChaCha20/Poly1305 encryption and one-time message authentication functions are experimentally supported based on RFC 7539.

• Fixes

  • Handling invalid token without raising Exception #22
  • JOSE.JWT.verify uses CPU intensively when signed is nil #23

Examples of new functionality:

iex> # Encrypt
iex> jwe = %{"alg" => "dir", "enc" => "ChaCha20/Poly1305"}
iex> jwk = JOSE.JWE.generate_key(jwe) |> JOSE.JWK.to_map |> elem(1)
%{"alg" => "dir", "enc" => "ChaCha20/Poly1305", "k" => "EffEuY2nbShIVtizmek8AuR7ftSuY2e8XRxGjMc8QAc", "kty" => "oct", "use" => "enc"}
iex> plain_text = "message to encrypt"
iex> encrypted = JOSE.JWK.block_encrypt(plain_text, jwk) |> JOSE.JWE.compact |> elem(1)
"eyJhbGciOiJkaXIiLCJlbmMiOiJDaGFDaGEyMC9Qb2x5MTMwNSJ9..lbsERynEgQS8CRXZ.D_kt8ChsaYWX9gL9tJlJ2n0E.y0o_TYjGlaB9sEEcA9o12A"

iex> # Decrypt
iex> plain_text == JOSE.JWK.block_decrypt(encrypted, jwk) |> elem(0)
true

iex> # Sign
iex> jws = %{"alg" => "Poly1305"}
iex> jwk = JOSE.JWS.generate_key(jws) |> JOSE.JWK.to_map |> elem(1)
%{"alg" => "Poly1305", "k" => "2X-OZVLA41Wy7mAjqWRaZyOw8FLyL3O3_f8d16D_-tQ", "kty" => "oct", "use" => "sig"}
iex> message = "message to sign"
iex> signed = JOSE.JWK.sign(message, jwk) |> JOSE.JWS.compact |> elem(1)
"eyJhbGciOiJQb2x5MTMwNSIsIm5vbmNlIjoicGExU1dlQzJVQzhwZlQ1NCJ9.bWVzc2FnZSB0byBzaWdu.IUI-PvN5bh_9jX-MeDtetw"

iex> # Verify
iex> JOSE.JWK.verify_strict(signed, ["Poly1305"], jwk) |> elem(0)
true

• Fixes
  • Parentheses to remove ambiguity on Elixir 1.4 #26, thanks @alexandrubagu

• Enhancements

  • Add support for decoding firebase certificate public keys (thanks to @noizu, see #30)

• Fixes

  • Fix cross-platform issues with EC signatures (specifically S and R sizes, thanks to @alexandrejbr, see #32)
  • Typo in documentation for JOSE.encode/1 (thanks to @DaveLampton, see #31)

• Tests

  • Tested against OTP 19.3, Elixir 1.4.x, and Poison 3.x