:closed_lock_with_key: JSON Object Signing and Encryption Framework (JWT, JWS, JWE, JWA, JWK, JWKSet and more)
This new version fixes a bug when key sets using JKU or X5U were used on some frameworks (Symfony...).
It also adds a new option for JWKFactory for those key sets: you can now allow connections that uses the HTTP scheme. THis option is not recommended unless you know exactly what you are doing or when tests are performed.
This new major release adds the following features:
This new version introduces the Storable and Rotatable Key Sets.
Fixes #122 (see #123): Missing createNoneKey method.
Now the library can be installed when composer is used with the --prefer-lowest option.
This new version fixes bugs when trying to convert RSA keys into PEM if primes p and q are not set.
Some examples have been fixed
To fix bug #111 the RSA PSS and OAEP algorithms where modified to use only n, e and d values of the RSA key.
The problem with that approach is that the algorithms are not optimized.
Now when dQ, dP and qInv are not available, they are calculated and the Chinese Remainder Theorem is used.
The algorithms are approx. 1.5x time faster than before.
This release fixes a bug when an RSA keys without all exponents is used.
The bug is fixed for all RSxxx algorithms, but not for other RSA based algorithms (signature or encryption).
This new minor release fixes a bug due to an incorrect input used to verify the JWS signatures. It appeared only if the JWT was created by another libraries.