Go Jose Versions Save

This release contains a small change to emit pre-computed values on RSA keys when serializing to a JWK, see pull request #203. This fixes issue #202.

This release adds support for PBES2 algorithms (#190).

New Features

• Added new cryptosigner sub-package to sign using crypto.Signer implementations (#179).
• Added new OpaqueSigner (et al) interfaces for implementing custom, opaque signers (#179).

This release also contains several minor bug fixes and makes unit tests pass in Go 1.11.

This release contains several minor bug fixes and makes unit tests pass in Go 1.10 and 1.11.

This release adds support for parsing certificate chains from x5c headers in messages, and expose a function to verify & read them through a new jose.Header#Certificates(opts x509.VerifyOptions) function (see #178).

This release adds DetachedVerify and DetachedVerifyMulti methods on JSONWebSignature to verify detached signatures, i.e. JWS objects where the payload has been stripped and is handled separately from the signature (#175).

Fixes a build issue with Go 1.10 and updates an incorrect error message. This makes the v1 branch compatible with the latest version of Go, but if you haven't already you should probably update to the v2 branch!

Notable changes

• Fix build issue with Go 1.10 (#173)
• Use consistent types for ed25519 keys (#165)
• Added JSONWebKey.Public() to derive public key from private key (#166)
• Added jwk-keygen tool contributed by @darkk (#166)
• Expose protected/unprotected headers separately (#164)

Notable changes

• Add basic support for ED25519 signing via golang.org/x/crypto/ed25519 (issue #68, PR #154)
• Fix panic when creating signer with JWK and setting EmbedJWK to true (issue #157, PR #161)
• Fix an issue that would cause a panic when encountering null values in headers (PR #159)

Fix a bug with audience claims in the jwt submodule (bug #151, fixed in #152).