- Compatible with version
0.3.0
ofcrypto_keys
- JsonWebKey.parsePem handles CERTIFICATE
DefaultJsonWebKeySetLoader
: if possible, use HTTP headers to determine cache expiration.
- Migrate null safety
- Bump
asn1lib
to 0.8.1.
- Fix docs
- Added JsonWebKey constructors for creating EC and RSA keys
- Added factory constructor for creating a JsonWebKey from crypto keys
- Added factory constructor for creating a JsonWebKey from a pem string
- Support for P-256K curve
- Support RSAES-OAEP
- Allow x509 parameters in JWK
- JsonWebAlgorithm class
- Generating random non-symmetric keys
- cryptoKeyPair getter on JsonWebKey returning a
KeyPair
fromcrypto_keys
package - Breaking Change: loading jwk set from
package
orfile
url no longer supported by default. The new classJsonWebKeySetLoader
can be used to override this behavior or manage the way jwk sets are loaded from an url.
- Add
allowedAlgorithms
argument also in JWT
- Fix security issue: JWS with algorithm
none
was previously verified, now you can specify which algorithms are allowed and by defaultnone
is not allowed.
- Initial version