forked from franko-org/jsrsasign
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ChangeLog_jws322.txt
executable file
·104 lines (86 loc) · 3.72 KB
/
ChangeLog_jws322.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
ChangeLog for jsjws
* 3.2.2 Release (2015-Apr-26)
- isSafeJSONString undefined bugfix
- readSafeJSONString undefined bugfix
- sample codes bugfix
* 3.2.0 Release (2015-Apr-19)
- JWS.verify method updated to mitigate signature replacement
attacks:
- add optional acceptAlgs argument to specify accepted
signature algorithms to verify.
- strict key type checking
remove alg=none signature validation support.
- jsjws will be merged into jsrsasign near in the future.
* 3.1.0 Release (2015-Apr-03)
- remove alg=none signature validation support.
- jsjws will be merged into jsrsasign near in the future.
* 3.0.2 Release (2013-Sep-24)
- add HS384 support with jsrsasign 4.1.4 or later.
Please use
'http://kjur.github.io/jsrsasign/ext/cryptojs-312-core-fix.js' or
'http://kjur.github.io/jsrsasign/ext/cryptojs-312-core-fix-min.js' or
'http://kjur.github.io/jsrsasign/jsrsasign-4.1.4-all-min.js'
instead of orignal 'core.js' of CryptoJS.
* 3.0.1 Release (2013-Aug-28)
- jws 3.0.0 to 3.0.1
- new KJUR.jws.IntDate class for time format of JWT
- new online tool "tool_jwt.html" to generate and verify signed JWT
* 3.0.0 Release (2013-Aug-27)
- easy and powerful sign and verify methods available
- now supports HS{256,512},RS{256,384,512},ES{256,384},PS{256,384,512},none
(i.e. supports all algorithms except HS384 and ES512.)
- other existing signing and verfying methods are deprecated.
- now supports signing by following keys:
- PEM plain RSA PKCS#5 private key (NEW)
- PEM encrypted RSA PKCS#5 private key (NEW)
- PEM plain RSA/ECC PKCS#8 private key (NEW)
- PEM encrypted RSA/ECC PKCS#8 private key (NEW)
- RSAKey object of private key
- KJUR.crypto.ECDSA object of private key (NEW)
- now supports verifying by following keys:
- PEM RSA/ECC PKCS#8 public key (NEW)
- PEM RSA/ECC X.509 certificate
- RSAKey object of public key
- KJUR.crypto.ECDSA object of public key (NEW)
- now supports following asymmetoric key algorithms
- RSA
- ECDSA (NEW)
- RSAPSS
- QUnit unit tests added.
* 2.0.2 Release (2013-Jul-30)
- jws-2.0.js 2.0.2 to 2.0.3
- support for rsasign 1.2.5 (verifyStringPSS arg bi to hex change)
* 2.0.2 Release [Jul 29, 2013]
- small fix for jws-2.0.js (2.0.1 -> 2.0.2)
* 2.0.1 Release [Jul 23, 2013]
- fix RSAPSS by David (github.com/davedoesdev)
(jws-2.0.js, sample_{generate,verify}3.html)
* 2.0.0 Release [Jul 21, 2013]
- merge David Halls's contribution. (https://github.com/davedoesdev, Thanks! Dave.)
- class implementation was chagned
- supports PS{256,512} signature algorithm
NOTE: however still having issue on PS{256,512} support
- jsrsasign codes are not included from this release
* 1.2.1 Release [May 7, 2013]
- merge David Halls's contribution. (https://github.com/davedoesdev, Thanks! Dave.)
- rsa.js: update for PKCS#1 OAEP support
- rsa2.js: update for PKCS#1 OAEP support
- rsasign-1.2.js: add PSS support
- jsbn.js: small fix
- jsbn2.js: update for probable prime fix, bnSquare
- base64.js: small fix
- base64x-1.1.js: small update on utf8tob64u, b64utoutf8
* 1.2 Release [Mar 19, 2012]
- 'JWSJS' class is now available for JSON Web Signature JSON Serialization
(JWS-JS) which is a kind of parallel signature.
- 'readSafeJSONString' method added to 'JWS' class.
- utf8/Base64, utf8/Hex converting functions are added to 'base64x.js'.
- New online tools for converting Base64URL added.
* 1.1 Relasse [Mar 07, 2012]
- following features are added.
- UTF-8 string support in JWS Header and Payload
- sign JWS with PEM formatted PKCS# RSA private key without passcode
- verify JWS with PEM formatted X.509 certificate
* 1.0.1 Relasse [Mar 06, 2012]
- API document is added.
* 1.0 Initial Relasse [Mar 04, 2012]