Skip to content

v4.2.0

Latest
Latest
Compare
Choose a tag to compare
@quentinvernot quentinvernot released this 20 Jun 16:37
· 8 commits to master since this release
v4.2.0
14c5a8d
  • Add new OpenID Connect verification flow through the new OIDCAuthorizationCodeVerification method, see the updated guide for details
  • OIDC is now a valid pre-verified verification method with the new verificationFromPreverifiedOIDCSubject method
  • Deprecate createOidcNonceWithCompletionHandler, setOidcTestNonce, and verificationFromOIDCIDToken as they are now obsolete with the new OIDC verification flow)
  • The OIDCIDTokenVerificationMethod objects
    now contain the getProviderId and getProviderDisplayName methods, corresponding to the verification method's OIDC provider.
  • Invalid responses that do not come from the Tanker backend can now result in a NetworkError, instead of an InternalError
  • Limit maximum number of resource IDs * recipients to 100 in a single call to share
  • Add support for SDK downgrade between compatible versions even in case of changes to the local storage schema, see manage sdk versions for more details.
  • Downgrade severity for logs related to internal storage and HTTP requests from Info to Debug
  • Improve error messages for decrypt and getResourceID when the given encrypted data is empty. Note that decrypt will throw an InvalidArgument exception when that happens, not a DecryptionFailed.
  • Remove deprecated getDeviceList method

Padded Encryption

Tanker now uses a padded symmetric encryption scheme by default. Adding padding to encrypted data aims at hiding the length of the clear message, see the dedicated guide.

Assets 2
Loading