Rhonabwy Versions Save

Javascript Object Signing and Encryption (JOSE) library - JWK, JWKS, JWS, JWE and JWT

v1.1.13

6 months ago
  • rnbyc: Serialize alg in JWK mode when using existing keys (Thanks @sjoerdsimons)
  • rnbyc: check the validity of enc and alg parameters
  • Set arbitrary download limit to 4MB
  • Fix r_jwt_validate_claims when claim aud is an array of strings (Thanks @spaceone)
  • Add claim R_JWT_CLAIM_AMR
  • cmake: split package build options in 3 (tar.gz, deb and rpm), and set all packages build to off by default

v1.1.12

8 months ago
  • Fix the K for enc=AxxxCBC with alg=ECDH-ES for jwe (#28)
  • cmake: remove DownloadProject feature, now dependencies must be previously installed
  • Improve cmake script

v1.1.11

1 year ago
  • Check payload length is a multiple of block size before decrypting a jwe to avoid issues with old GnuTLS version (#24)

v1.1.10

1 year ago
  • Build with flag -Wconversion
  • Small refactor

v1.1.9

1 year ago
  • Minor bugfixes
  • Add test cases

v1.1.8

1 year ago
  • Fix build for 32 bits architectures
  • Remove EC P-521 support for JWE ECDH-ES key management

v1.1.7

1 year ago
  • Do not ignore whitespaces when parsing tokens
  • Enforce key verification
  • Security: Fix RSA-OAEP decryption key length check (CVE-2022-38493)
  • Add examples

v1.1.6

1 year ago
  • Fix pkg-config file with absolute path for CMAKE_INSTALL_{INCLUDE,LIB}DIR
  • Fix CMAKE_MODULE_PATH who was used as single value
  • Security: Fix possible buffer overflow on Key unwrapping with JWE AES GCM (CVE-2022-32096)

v1.1.5

2 years ago
  • Improve jws and jwe parsing

v1.1.4

2 years ago
  • Bugfixes
  • Add -S --self-signed option to rnbyc to verify signatures when the public key is in included the header