github a-sit-plus/signum 3.17.0
3.17.0 (Supreme 0.9.0)
on GitHub

one month ago
  • KDF Support
    • PBKDF2
    • HKDF
    • scrypt
  • RSA encryption using in-memory keys (no hardware-backed key management yet)
  • X.509 Revamp
    • Introduce X509SignatureAlgorithmDescription, which is the OID + params pair that identifies a X509SignatureAlgorithm
      • Instances of X509SignatureAlgorithm represent algorithms that are known to Signum
      • Test .isSupported() or .requireSupported() (with contract smart-cast support)
    • X509Certificate and Pkcs10CertificationRequest now use X509SignatureAlgorithmDescription to represent a non-validated signature algorithm
    • Refactor X509Certificate and TbsCertificate to store the raw signature as Asn1Primitive and the raw public key as Asn1Sequence enabling support for certificates with unsupported signature algorithms
      • Use the new KmmResult-returning decodedSignature and decodedPublicKey members to replace publicKey and signature, respectively.
      • The old publicKey and signature are being deprecated.
    • Refactor Pkcs10CertificationRequest to store the raw signature as Asn1Primitive enabling unsupported signature algorithms
      • Use the new KmmResult-returning decodedSignature and decodedPublicKey, respectively.
  • Add structured iterator-based decoding of Asn1Structure. Asn1Structure now implements Iterable<Asn1Element>:
    • Deprecate child accessors in Asn1Structure with deprecation level ERROR:
      • nextChild()
      • nextChildOrNull()
      • hasMoreChildren()
      • peek()
    • Add inner Iterator for child accesses
      • Add Iterator.reversed() method for getting a new iterator from an existing one, but with reversed direction, keeping the current index
      • Add Asn1Structure.reverseIterator() to get a reversed iterator right away, to iterate over all child elements in reverse.
    • Add decodeAs() for decoding ASN.1 structures via iterator-based lambda, moved trailing data check from decodeFromTlv() to decodeAs()
    • Refactor doDecode() implementations in Asn1Structure subclasses to use the new decodeAs() iterator-based API instead of deprecated child access methods.
  • Add SpecializedSymmetricEncryptionAlgorithm
    • This allows randomKey() etc to operate on COSE/JWE algorithms
  • Move constants of KnownOIDs into a discrete module indispensable-oids as extensions on the KnownOIDs object
    • → update your imports!
  • ASN.1 polishing:
    • rename Asn1Element.length property to Asn1Element.contentLength (and add a delegate with the old name and deprecation annotation to the new property)
    • Add missing Asn1.Real shorthand to the ASN.1 builder
    • Add Asn1Null constant
    • Add human-readable ASN.1 element prettyPrint() method
    • Make Asn1OctetString interface sealed
  • Strippable KnownOIDs
    • Move KnownOIDs into a discrete module indispensable-oids
  • OID descriptions:
    • KnownOIDs now implements MutableMap<ObjectIdentifier, String> to store and look up descriptions of Object Identifiers
    • OIDs can hence be described using KnownOIDs[theExpressionistsOid] = "Edvard Munch"
    • OID descriptions are exposed in accordance with the map interface: KnownOIDs[theExpressionistsOid] will yield "Edvard Munch" if this description was added prior.
    • All OIDs present in KnownOIDs shipped with the indispensable-oids module come with a description. To actually add them to all known descriptions, call KnownOIDs.describeAll() once.
  • Deprecate serialize() and deserialize() methods in COSE+ JOSE data classes
  • Clean up some function signatures:
    • SymmetricKey.toJsonWebKey now returns KmmResult
    • SymmetricEncryptionAlgorithm.toJweKwAlgorithm now returns KmmResult
    • SymmetricEncryptionAlgorithm.toJweEncryptionAlgorithm removed
  • In JwsHeader add property vcTypeMetadata with key vctm, see SD-JWT VC
  • Dependency Updates:
    • Kotlin 2.2.0
    • AGP 8.10.0
    • kotlincrypto:secure-random:0.3.2 -> kotlincrypto.random:crypto-rand:0.5.0
      • This fixes key generation in WASM/JS
    • kotlinx.io 0.7.0
    • Update to kotlinx.datetime 0.7.1.
      • This moves Instant and Clock to stdlib
      • (but introduces typealiases for easier migration)
      • Also forces serialization 1.9.0
    • Update to latest conventions plugin:
      • Bouncy Castle 1.81!!
      • Serialization 1.9.0
      • Coroutines 1.10.2
      • Ktor 3.2.2
      • Kotest 6.0.0.M5
Check out latest releases or
releases around a-sit-plus/signum 3.17.0

Don't miss a new signum release

NewReleases is sending notifications on new releases.

Get notifications