- FIX: try all keys when kid is absent. (8fd48600)
- FIX: parse jws from json with multiple signatures (#57). (87215b78)
- FIX: key_ops JWK field according to the RFC (pull request #62 from sgt). (331df9ff)
- FIX: improved key resolution in JsonWebKeyStore. (b07799aa)
- FEAT: Support latest
package:http(#50)
- FIX: allow double values when converting to DateTime and Duration (pull request #33 from PixelToast). (3b204b10)
- FIX: type mismatch error on keyOperations getter (pull request #37 from samataro). (8afde0fd)
- FIX: add missing keyId when constructing a JWK with EcPublicKey (pull request #38 from tallinn1960). (b8d11f32)
- FIX: use 12 byte iv with AESGCM (pull request #39 from tallinn1960). (5b7e24da)
- FIX: make unprotected header in JWE optional (pull request #43 from heacare). (aefeeb04)
- FEAT: add support for es256k algorithm. (a2d046a3)
- Compatible with version
0.3.0ofcrypto_keys
- JsonWebKey.parsePem handles CERTIFICATE
DefaultJsonWebKeySetLoader: if possible, use HTTP headers to determine cache expiration.
- Migrate null safety
- Bump
asn1libto 0.8.1.
- Fix docs
- Added JsonWebKey constructors for creating EC and RSA keys
- Added factory constructor for creating a JsonWebKey from crypto keys
- Added factory constructor for creating a JsonWebKey from a pem string
- Support for P-256K curve
- Support RSAES-OAEP
- Allow x509 parameters in JWK
- JsonWebAlgorithm class
- Generating random non-symmetric keys
- cryptoKeyPair getter on JsonWebKey returning a
KeyPairfromcrypto_keyspackage - Breaking Change: loading jwk set from
packageorfileurl no longer supported by default. The new classJsonWebKeySetLoadercan be used to override this behavior or manage the way jwk sets are loaded from an url.
- Add
allowedAlgorithmsargument also in JWT
- Fix security issue: JWS with algorithm
nonewas previously verified, now you can specify which algorithms are allowed and by defaultnoneis not allowed.
- Initial version