-
MSRV is now Rust 1.41 due to changes in
Cargo.lock
format. See announcement. -
The
jwk::AlgorithmParameters::OctetKey
enum variant is now a newtype variant which takes ajwk::OctetKeyParameters
struct for its parameters. To migrate your existing code, you can do the following-jwk::AlgorithmParameters::OctetKey { +jwk::AlgorithmParameters::OctetKey(jwk::OctetKeyParameters { value: key, key_type: Default::default(), -} +})
(#125)
-
jws::Compact::decode_with_jwks
now supports JWK without analg
specified. However, a new parameter to specify an expected parameter had to be added to support this use case. This is to mitigate against issues like this. Existing usage of JWK with thealg
specified can simply add aNone
as the second parameter. (#130) -
Remove
StringOrUri
because it was hard to get theUri
type working properly. Replace all usage ofStringOrUri
withString
s instead. (#131)
- Add new
jwk::AlgorithmParameters::OctetKeyPair
variant to support (de)serializingOKP
key types. (#125) - Add support for JWK thumbprints (RFC 7638) (#156)
- Allow verifying tokens with a
keypair
asSecret
(#132)
- Fix computing Aad per the RFC by doing base64 encoding (#147)
- Add
jws::Compact::decode_with_jwks
method to decode a JWT with JWKs (#124)
- Replace
lazy_static
withonce_cell
(#123)
- Fix documentation build on 1.40 Nightly
There are no new feature except for some breaking changes to correct some errors.
All misspelling of octect
have been corrected to octet
. The following
types have been renamed and the old misspelt version is no longer available.
To migrate, you can simply do a case sensitive replace of Octect
with Octet
and
octect
with octet
in your code.
The following types have been renamed:
jwk::KeyType::Octect
🡒jwk::KeyType::Octet
jwk::KeyType::OctectKeyPair
🡒jwk::KeyType::OctetKeyPair
jwk::OctectKeyType
🡒jwk::OctetKeyType
jwk::OctectKeyType::Octect
🡒jwk::OctetKeyType::Octet
jwk::AlgorithmParameters::OctectKey
🡒jwk::AlgorithmParameters::OctetKey
The following functions have been renamed:
jwk::JWK::new_octect_key
🡒jwk::JWK::new_octet_key
jwk::JWK::octect_key
🡒jwk::JWK::octet_key
jwk::AlgorithmParameters::octect_key
🡒jwk::AlgorithmParameters::octet_key
This release also fixes the
Clippy trivially_copy_pass_by_ref
lint
by modifying function arguments that would have taken a reference of a 1 byte value that
implements Copy
to take the value of itself. This mainly affects all struct methods
of the following types
There should be no need to modify your code for this because the types are Copy
.
jwa::SignatureAlgorithm
jwa::KeyManagementAlgorithm
jwa::ContentEncryptionAlgorithm
jwk::KeyType
There are no new features except for ring dependency changes.
- biscuit now depends on ring 0.16.5
- Changed internal usage of ring's AEAD APIs
- Removed
Compact::to_string
.Compact
now implementsDisplay
which has a blanket implementation ofstd::string::ToString
. Use that instead. This should not break any users becausestd::string::ToString
is used by thestd
prelude.
There are no new features or API changes except for ring dependency changes.
- Minimum supported Rust version is now 1.36 due to Ring's usage of newer Rust features
- biscuit now depends on ring 0.16
- Minimum Rust 1.31 is needed for editions support on dependencies
- biscuit now depends on ring 0.14
- Minimum Rust 1.31 is needed for editions support on dependencies
- Minimum Rust 1.27.2 supported. Older versions might build, but this might not be supported.
- Ring 0.13.2 minimum required. This breaks with other libraries using any other versions
- Add ECDSA support (lawliet89#95)
- Additional claims validation (lawliet89#99)
- RSA signature validation with only the exponent and modulus (lawliet89#100)
There are breaking changes in this release:
ring
was upgraded to 0.12. Until #619 lands, this crate will now be incompatible with all other crates that uses a different version ofring
.jwa::rng
is no longer public- #84 All AES GCM encryption now requires a user provided nonce. See this example.
SignatureAlgorithm::verify
now returnsResult<(), Error>
instead ofResult<bool, Error>
.- Bumped various dependencies, although they should not break any user facing code:
lazy_static
,data-encoding
.
Other non-breaking changes include:
- New helper
function in
JWKSet
to find key by Key ID - New helper functions in
jws::Compact
to retrieve parts without signature verification.
There are no breaking changes in this release.
Added a convenience validate_times
function to jwe::Compact
and jws::Compact
that allows
quick temporal validation if their payloads are ClaimSet
s.
This release adds no new features and breaks no API. It simply bumps ring
to 0.11.
This release adds no new features and breaks no API. It simply bumps Chrono and Ring to their newest version.
Update dependency to ring
0.9.4 so that different versions of ring
can no longer be used in a Rust build.
There are no new features or API change.
Minor bug fix release. Fixed incorrect ECDSA signature verification.
Thanks to @hobofan.
This is a major breaking release. Not all algorithms, verification, and features are supported yet.
- JSON Web Encryption support (JWE)
- JSON Web Key (JWK)
- Replaced
rustc_serialize
withserde
- Support custom headers for JWS
- Added a
biscuit::Empty
convenice empty struct that users can plug into type parameters when they do not need them, such as the type parameter of custom headers. - Added
SingleOrMultiple
andStringOrUri
enums to better represent the types of values that the JOSE RFCs allow.
biscuit::JWT
is no longer a struct. It is now a type alias forjws::Compact
, which according to the RFC, is the compact serialization of a JSON Web Signature (JWS).- Moved
biscuit::Algorithm
tobiscuit::jwa::SignatureAlgorithm
to better reflect its use. - Various internal traits that should be implementation detail and opaque to users of
biscuit
have been changed, added, or removed.
This is an initial release after forking from Version 1.1.6 of Keats/rust-jwt
.
- Added RSA signing and verification
- Added ECDSA verification (signing support is pending addition of support in
ring
)