Releases · OpenIDC/cjose · GitHub

24 Apr 07:17

zandbelt

0.6.2.3 Latest

Latest

Security

disable RSA PKCS 1.5 by default (#22); thanks @thalman

Other

avoid using empty prototypes; support Clang 15 and XCode 14.3
build shared library on Cygwin by adding -no-undefined to LDFLAGS (#20); thanks @fd00
reformat using clang-format-18.1.3
regenerate autoconf files using autoconf 2.72
update github actions to avoid warnings

Contributors

fd00 and thalman

Assets 23

cjose-0.6.2.3-1.el7.x86_64.rpm

39.9 KB 2024-04-24T08:49:08Z
cjose-0.6.2.3-1.el8.x86_64.rpm

45.7 KB 2024-04-24T08:49:07Z
cjose-0.6.2.3-1.el9.x86_64.rpm

46.2 KB 2024-04-24T08:49:07Z
cjose-0.6.2.3.tar.gz

481 KB 2024-04-24T07:17:33Z
cjose-devel-0.6.2.3-1.el7.x86_64.rpm

12.5 KB 2024-04-24T08:49:06Z
cjose-devel-0.6.2.3-1.el8.x86_64.rpm

17 KB 2024-04-24T08:49:06Z
cjose-devel-0.6.2.3-1.el9.x86_64.rpm

16.7 KB 2024-04-24T08:49:06Z
libcjose-dev_0.6.2.3-1.bionic_amd64.deb

41.6 KB 2024-04-24T08:49:03Z
libcjose-dev_0.6.2.3-1.bookworm_amd64.deb

43.1 KB 2024-04-24T08:49:03Z
libcjose-dev_0.6.2.3-1.bullseye_amd64.deb

43.7 KB 2024-04-24T08:49:03Z
Source code (zip)

2024-04-24T07:07:39Z
Source code (tar.gz)

2024-04-24T07:07:39Z

12 Jul 09:02

zandbelt

0.6.2.2

Security

use fixed authentication tag length of 16 octets in AES GCM decryption (cisco#125)

Other

avoid use of assert (cisco#123) ; thanks @groovyfeng
fix make on srcdir != builddir (#17) ; thanks @fd00

Contributors

fd00 and groovyfeng

Assets 21

24 Oct 09:43

zandbelt

0.6.2.1

Features

preserve key order in cjose_header_get_raw as well (#16)

Bugfixes

fix a memory leak in cjose_jws_import() for invalid JWS (#14)

Other

don't use STACK_ALLOC in cjose_concatkdf_derive (#15)

Packaging

add packages for RHEL 9, Debian Bookworm and Ubuntu Jammy

Assets 21

14 Apr 19:31

zandbelt

0.6.2

Security

use fixed size of IV size of 16 bytes for AES-CBC (#11) ; thanks @securedimensions

Features

allow compilation against OpenSSL 3 with #define OPENSSL_API_COMPAT 0x10000000L
add support for A128GCM and A192GCM encryption (#4)
extract cjose_jwe_encrypt_iv to allow explicit IV (#9) ; thanks @rnapier
preserve key order in order to be able to compare serialized JWTs (#2)

Bugfixes

fix memory leak already addressed in cjose_jws_build_dig_sha when a JWS is reused for validation (#12) ; thanks @traeak
fix double free on decrypt ek rsa padding failure (#6)
fix buffer overflow in test_cjose_jwe_multiple_recipients (#10) ; thanks @mpsun
check that JWE object has any CEK at all, return error if it doesn't (#5) ; thanks @veselov
check result of cek = cjose_get_alloc()(cek_len) in jwe.c (cisco#110) ; thanks @marcstern
replace calls to free() with cjose_get_dealloc() in _cjose_jws_build_hdr (#7) ; thanks @zachmann

Other

cleanup some warnings about \param lines in header files (#1) ; thanks @jogu
minor updates for conformance (#3) ; thanks @ajishna
compile against older versions of check (cisco#91) ; thanks @treydock
rename free() to free_func() in struct key_fntable for memory leak detectors (cisco#109) ; thanks @marcstern

Contributors

jogu, rnapier, and 8 other contributors

Assets 15