java-packages/jose4j
SHA256
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9 Commits 1 Branch 0 Tags
main
Commit Graph

6 Commits

Author SHA256 Message Date
Fridrich Strba
4d3e26c576 OBS-URL: https://build.opensuse.org/package/show/Java:packages/jose4j?expand=0&rev=8 2024-09-24 05:12:28 +00:00
Fridrich Strba
b870e61426 Accepting request 1153823 from home:mcalmer:branches:Java:packages 
- update to 0.9.5
- important changes:
  * fix denial of service (CPU consumption) via a large p2c
    (aka PBES2 Count) value - CVE-2023-51775 (bsc#1220726)
  * Add RFC 8037 support:
    EdDSA for JWS with Ed25519 & Ed448 (needs Java 17)
    X25519 & X448 ECDH for JWE (needs Java 11)
    OKP (Octet Key Pair) type for JWK
  * Add support for the ES256K JWS alg (ECDSA using secp256k1 curve
    and SHA-256 per RFC8812) and the secp256k1 EC JWK crv
  * Add support for producing RFC9278 JWK Thumbprint URI values
  * more changes in the Release Notes
    https://bitbucket.org/b_c/jose4j/wiki/Release%20Notes
- Remove: PBES2-check-iteration-count.patch
- fix package group

OBS-URL: https://build.opensuse.org/request/show/1153823
OBS-URL: https://build.opensuse.org/package/show/Java:packages/jose4j?expand=0&rev=6
 2024-03-01 09:45:26 +00:00
Fridrich Strba
cb9d992c3e OBS-URL: https://build.opensuse.org/package/show/Java:packages/jose4j?expand=0&rev=5 2024-02-21 13:52:44 +00:00
Fridrich Strba
bd3bc7599a Accepting request 1142594 from home:mcalmer:branches:Java:packages 
- Check iteration of Pbes2HmacShaWithAesKey algorithm
  CVE-2023-31582 (bsc#1216609)
  Added: PBES2-check-iteration-count.patch

- update to 0.5.1
- changes since 0.5.0
  * Addressed #65 so that the "class " prefix is not on the logger
    names of AlgorithmFactory
  * Addressed #63 with support for additional/arbitrary parameters
    in JWK
  * Addressed #64 by adding key_ops to JWK
  * Addressed #58 by having JwtClaims getAudience() and
    getStringListClaimValue(name) return an empty list rather than
    null when the claim isn’t present
- changes since 0.4.4
  * Addressed #37 with some fairly rudimentary but useful support
    for PEM encoded public keys
  * Addressed #54 by enabling HttpsJwks.getJsonWebKeys() to continue
    to use the existing cache when an exception is thrown from
    refresh().
    Default behavior is unchanged and
    setRetainCacheOnErrorDuration(...) must be called with a value
    larger than zero to get the new behavior.
  * #36 Added support for RFC 7638 JWK thumbprints
  * Addressed #35 by allowing the caller of various JOSE and JWT
    functionality to specify a particular JCA provider by name for
    cryptographic operations
  * Addressed #44 by providing a generic callback to JwtConsumer
    to customize each JWS/JWE
  * Addressed #43 now supports the 'crit' header

OBS-URL: https://build.opensuse.org/request/show/1142594
OBS-URL: https://build.opensuse.org/package/show/Java:packages/jose4j?expand=0&rev=4
 2024-01-29 17:20:41 +00:00
Fridrich Strba
9e8a43cb6f OBS-URL: https://build.opensuse.org/package/show/Java:packages/jose4j?expand=0&rev=2 2023-10-25 15:48:26 +00:00
Tomáš Chvátal
52921f3246 Accepting request 340920 from home:dmacvicar:java 
The jose.4.j library is an open source (Apache 2.0) implementation of JWT and the JOSE specification suite. It is written in Java and relies solely on the JCA APIs for cryptography.

OBS-URL: https://build.opensuse.org/request/show/340920
OBS-URL: https://build.opensuse.org/package/show/Java:packages/jose4j?expand=0&rev=1
 2015-11-10 09:29:35 +00:00