- fix memory allocation check (typo) in jwk.c (https://github.com/OpenIDC/cjose/security/code-scanning/2)
v0.6.2.3 (2024-04-24)
- disable RSA PKCS 1.5 by default ((#22); thanks @thalman
- avoid using empty prototypes; support Clang 15 and XCode 14.3
- build shared library on Cygwin by adding -no-undefined to LDFLAGS (#20); thanks @fd00
v0.6.2.2 (2023-07-12)
- use fixed authentication tag length of 16 octets in AES GCM decryption (cisco#125)
- avoid use of assert (cisco#123) ; thanks @groovyfeng
- fix make on srcdir != builddir (#17) ; thanks @fd00
v0.6.2.1 (2022-10-24)
- preserve key order in cjose_header_get_raw as well (#16)
- fix a memory leak in cjose_jws_import() for invalid JWS (#14)
- don't use STACK_ALLOC in cjose_concatkdf_derive (#15)
v0.6.2 (2022-04-14)
- add support for A128GCM and A192GCM encryption (#4)
- extract cjose_jwe_encrypt_iv to allow explicit IV (#9) ; thanks @rnapier
- allow compilation against OpenSSL 3 with "#define OPENSSL_API_COMPAT 0x10000000L"
- cleanup some warnings about \param lines in header files (#1) ; thanks @jogu
- preserve key order in order to be able to compare serialized JWTs (#2)
- minor updates for conformance (#3) ; thanks @ajishna
- check that JWE object has any CEK at all, return error if it doesn't (#5) ; thanks @veselov
- fix double free on decrypt ek rsa padding failure (#6)
- replace calls to free with cjose_get_dealloc() in _cjose_jws_build_hdr (#7) ; thanks @zachmann
- fix buffer overflow in test_cjose_jwe_multiple_recipients (#10) ; thanks @mpsun
- use fixed size of IV size of 16Byte for AES-CBC (#11) ; thanks @securedimensions
- fix memory leak already addressed in _cjose_jws_build_dig_sha when a jws is reused for a validation (#12) ; thanks @traeak
- compile against older versions of check (cisco#91) ; thanks @treydock
- rename free() to free_func() in struct key_fntable for memory leak detectors (cisco#109) ; thanks @marcstern
- check result of cek = cjose_get_alloc()(cek_len) in jwe.c (cisco#110) ; thanks @marcstern
0.6.1 (2018-04-12)
- Better support for AES-CBC-HMAC with other key management algs (602555ff3fbd34e875bf0e7b88f4d94dc6000e8b)
- Explicit defined() usage for CJOSE_OPENSSL_11X (b6665deae2aec3b68d88edb293b1f6c137e624ce)
- Bad JWE crashes _cjose_jwe_set_cek_a256gcm (fb24d6f264fd83d0228a65c2f06e27dba2495ceb)
0.6.0 (2018-02-06)
- support ECDH-ES (1250eff10fa178937aea1924887d114c8ba943c2)
- compile with LibreSSL (8693c22aabf31313a4002838e124e93879bbb50b)
- Support multiple recipients and JSON serialization for JWE (e569ee824fd5af8654fb0054952f6c7b9d038ce6)
0.5.1 (2017-05-24)
- Crash on non string "alg" (b5daeb66ad603d40da8c7250d9121ef4cc8060c2)
0.5.0 (2017-05-05)
- Unexpected release of JWS resources on failure but not success (ed3cb39cf2fdaf401fbba9b93fd44e6a50b97f62)
- Bad casting of pointers (5b7ac9a6dfd08aead145dcef7a46bbc52ffb68de)
- Support for clang-format (7d0f5566dff5258f4babb1e843715fcec3b03cbe)
- Improve alloc/realloc/dealloc tests (f02e19c99de9e7b2621c56f6a88cb2b9eb91e954)
0.4.1 (2016-08-04)
- Compiler warning/error fixes for multiple platforms (011612e72698dd02249f578fb4ec0145c624c0e0)
0.4.0 (2016-08-02)
- Support OpenSSL 1.1.x (9bc8a801a5160952787d4ed2fdc225eb57d471a5)
- Support AES KeyWrap and AES-CBC-HMAC-SHA2 (b7518799842e1b411d7b900ef8879f51c65584ee)
- Support Elliptic Curve JWS Algorithms (ES256 / ES384 / ES512) (8206eebb1c69521a90601a3f37f8f1693fb4ec4f)
- Support RSAES-PKCS1-v1_5 key encryption (76ae28a299cf207d4373cfd95cd299b6af0cc248)
- Support symmetric HMAC "signatures" (f43f17dd0ff6b513d02db075c728f08031051e43)
- Support unsecured JWS (IMPORT ONLY) (8512cf3a45bea90bbbba2d55c083d3f08ccd25f6)
- Support older versions of Jansson (d9d3d43df91264a59e94eaefd0f7068e2249cbde)
- RS256 verify always returned true (c177b707a4877406bf93f35171bdc8d7f0b74d33)
- Replace free() with dealloc() (8361f3827622232b1d8fa944b4bc3a3938bb9fd6)
- Remove the use of strdup (e968f21e6d1ae4bf499e0dd4e8fd628efcada607)
- Use CJOSE_VERSION everywhere (2c58aa1de96f883c23626b05527754c0c7590079)
- Use cjose_err.code instead of errno (5f40fef38725d375f204a16a79beae754d58fc76)
0.3.0 (2016-05-26)
- expose more key information (16cf34901bbff6791c20aa831c34660e510cc9ee)
- missing 'util.h' in superheader (02593fb83991651570ec50dd35d89fb4e747ec71)
0.2.0 (2016-05-06)
- Expose protected header from imported/created JWE and JWS (6d1d1be838b546cb73f8d24c42a681a0a0e1ec03)
- incorrect repo in doc (642e5896798ac84e7035cd489dd12273b914f829)
- friendlier dist (fdff0a6b1f2d94f896b6416471b7f159d143ce06)
- Use RFC6090 Fundamental EC if present (436264fd83adb536e827f633a47fc023760b27d1)
Initial public release