5.5.0 - X5CVerifier: support more signature algorithms

What's Changed

X5CVerifier: support more signature algorithms by @m-barthelemy in #238

Noticed jwt-kit’s X5CVerifier only supports ES256 while trying to use Ed25519 certs and signatures.
This PR tries to add support for ES384, ES512 and EdDSA (did not bother with RSA yet). Would that be an okay way of doing so?

Reviewers

Thanks to the reviewers for their help:

• @Ari4ka

This patch was released by @ptoffy

Full Changelog: 5.4.1...5.5.0

5.4.1 - Remove NSString API usage

What's Changed

Remove NSString API usage by @Cyberbeni in #243

resolves #242

Remove NSString API usage

This patch was released by @ptoffy

Full Changelog: 5.4.0...5.4.1

5.4.0

What's Changed

• Renew certs in x5c tests by @ptoffy in #241
• Add key removal functions to JWTKeyCollection by @ptoffy in #240

Full Changelog: 5.3.0...5.4.0

5.3.0

Behavioural change

This release includes a behavioural change (in #231). Before 5.3.0, the default VerifierPolicy in X5CVerifier.verifyJWS(_, as:, jsonDecoder:, policy:) was RFC5280Policy which was conflicting with the same policy being reused later. The new default policy is an EmptyPolicy which does nothing by itself.

What's Changed

• Finally remove @retroactive @unchecked Sendable from crypto types by @ptoffy in #232
• Fix for not honoring ValidationTimePayload's signedDate by @betaphi in #231
• Fix benchmarks by @ptoffy in #234
• Add MLDSA{65,87} support by @ptoffy in #229
• Fix benchmarks by @ptoffy in #236
• Add PEM representation init and property to EdDSA keys by @ptoffy in #237

New Contributors

• @betaphi made their first contribution in #231

Full Changelog: 5.2.0...5.3.0

5.2.0 - Make rawRepresentation and publicKey of EdDSA keys public

What's Changed

Make rawRepresentation and publicKey of EdDSA keys public by @tkrajacic in #230

Make rawRepresentation of EdDSA keys public
Make publicKey of EdDSA.PrivateKey public

This patch was released by @ptoffy

Full Changelog: 5.1.2...5.2.0

5.1.2 - Add `RSA-OAEP` to JWK algorithms to support decoding.

What's Changed

Add RSA-OAEP to JWK algorithms to support decoding. by @madsodgaard in #226

Fixes an issue where a JWKS failed to decode because it also contains encryption keys and therefore alg such as RSA-OAEP.

This does not add support for the cipher, but at least it will allow us to decode JWKS to use for signing where we might not be able to remove the encryption keys from the remote JWKS.

This patch was released by @0xTim

Full Changelog: 5.1.1...5.1.2

5.1.1 - Fix crash when verifying corrupted token

What's Changed

Fix crash when verifying corrupted token by @ptoffy in #217

Fix #213

This patch was released by @ptoffy

Full Changelog: 5.1.0...5.1.1

4.13.5

What's Changed

• [V4] Update v4 CI to use JWT v4 by @ptoffy in #159
• Update certs for new ones by @0xTim in #212
• [V4] Fix memory bug when loading keys by @ptoffy in #208

Full Changelog: 4.13.4...4.13.5

5.1.0 - Add FirebaseAuth identity token

What's Changed

Add FirebaseAuth identity token by @petrpavlik in #207

• Add support for Firebase Auth by introducing FirebaseAuthIdentityToken.
• Fix some unit tests not being run. Probably a regression cause by migration to the new testing framework.

Adding support for Firebase Authentication was okayed by @ptoffy, see here vapor/jwt#159.

I’ll also follow up with a PR for https://github.com/vapor/jwt once this is merged in.

This patch was released by @ptoffy

Full Changelog: 5.0.1...5.1.0

5.0.1 - Support Crypto 4.0.0

What's Changed

Support Crypto 4.0.0 by @0xTim in #199

Add support for the upcoming release of Swift Crypto 4.0.0

This patch was released by @0xTim

Full Changelog: 5.0.0...5.0.1