3.9.0 (Supreme 0.4.0)

• Shiny new documentation based on Material for MkDocs
• Move Attestation from Supreme to Indispensable
• Rename parse() to deserialize() in JwsSigned and JweEncrypted to align with COSE
• Rename CryptoPublicKey.Rsa -> CryptoPublicKey.RSA for consistency reasons
• Add HMAC JCA names, properties used in JSON Web Encryption

3.8.2 Hotfix

3.8.2 (Supreme 0.3.2)

• Less destructive Hotfix for for KT-71650
• Re-enables export of Asn1Element.Tag class to ObjC.

3.8.1 (Supreme 0.3.1)

• Hotfix for KT-71650
• Disables export of Asn1Element.Tag class to ObjC. Signum remains usable for KMP projects,
  the Tag class just cannot be directly accessed from Swift and ObjC any more.

3.8.0 (Supreme 0.3.0) Breaking Changes Ahead!

• Completely revamped ASN.1 Tag Handling
  • Properly handle multi-byte tags
  • Introduce a new data structure TLV.Tag with an accompanying TagClass enum and a constructed flag to accurately represent arbitrary tags up to ULong.MAX_VALUE
  • Make all tag parameters ULong to reflect support for multi-byte tags
  • Remove DERTags
  • Revamp implicit tagging (there is still work to be done, but at least it supports CONSTRUCTED ASN.1 elements)
• Refactor Int.Companion.decodeFromDer -> Int.Companion.decodeFromDerValue()
• Refactor Long.Companion.decodeFromDer -> Long.Companion.decodeFromDerValue()
• Introduce ULong.Companion.decodeFromDer which can handle overlong inputs, as long as they start with a valid ULong encoding
• Changed return type of Verifier::verify from KmmResult<Unit> to KmmResult<Success>. Usage is unchanged.
• Add ConfirmationClaim to represent Proof-of-Possesion Key Semantics for JWTs
• Add claims to JsonWebToken to implement Demonstrating Proof of Possession
• Replace JsonWebToken.confirmationKey by JsonWebToken.confirmationClaim, the implementation was wrong
• Introduce ULong.toAsn1VarInt() to encode ULongs into ASN.1 unsigned VarInts (not to be confused with
  multi^2_base'sUVarInt!)
• Introduce decodeAsn1VarULong() and decodeAsn1VarUInt() which can handle overlong inputs, as long as they start with a valid unsigned number encoding.
  • Comes in three ULong flavours:
    • Iterator<Byte>.decodeAsn1VarULong()
    • Iterable<Byte>.decodeAsn1VarULong()
    • ByteArray.decodeAsn1VarULong()
  • and three UInt flavours:
    • Iterator<Byte>.decodeAsn1VarUInt()
    • Iterable<Byte>.decodeAsn1VarUInt()
    • ByteArray.decodeAsn1VarUInt()
• Revamp implicit tagging
• Revamp Asn1Element.parse(), introducing new variants. This yields:
  • Asn1Element.parse() with the same semantics as before
  • Asn1Element.parse() alternative introduced, which takes a ByteIterator instead of a ByteArray
  • Asn1Element.parseAll() introduced, which consumes all bytes and returns a list of all ASN.1 elements (if parsing works)
    • Variant 1 takes a ByteIterator
    • Variant 2 takes a ByteArray
  • Asn1Element.parseFirst() introduced, which tries to only parse a single ASN.1 element from the input and leaves the rest untouched.
    • Variant 1 takes a ByteIterator and returns the element; the ByteIterator is advanced accordingly
    • Variant 2 takes a ByteArray and returns a Pair of (element, remainingBytes)
• More consistent low-level encoding and decoding function names:
  • encodeToAsn1Primitive to produce an Asn1Primitive that can directly be DER-encoded
  • encodeToAsn1ContentBytes to produce the content bytes of a TLV primitive (the V in TLV)
  • decodeToXXX to be invoked on an Asn1Primitive to decode a DER-encoded primitive into the target type
  • decodeFromAsn1ContentBytes to be invoked on the companion of the target type to decode the content bytes of a TLV primitive (the V in TLV)
• Update conventions -> Coroutines 1.9.0
• replace runCatching with catching to be extra-safe

3.8.1 (0.3.1 Supreme) Hotfix

3.8.1 (Supreme 0.3.1)

• Hotfix for KT-71650
• Disables export of Asn1Element.Tag class to ObjC. Signum remains usable for KMP projects,
  the Tag class just cannot be directly accessed from Swift and ObjC any more.

3.8.0 (Supreme 0.3.0) Breaking Changes Ahead!

• Completely revamped ASN.1 Tag Handling
  • Properly handle multi-byte tags
  • Introduce a new data structure TLV.Tag with an accompanying TagClass enum and a constructed flag to accurately represent arbitrary tags up to ULong.MAX_VALUE
  • Make all tag parameters ULong to reflect support for multi-byte tags
  • Remove DERTags
  • Revamp implicit tagging (there is still work to be done, but at least it supports CONSTRUCTED ASN.1 elements)
• Refactor Int.Companion.decodeFromDer -> Int.Companion.decodeFromDerValue()
• Refactor Long.Companion.decodeFromDer -> Long.Companion.decodeFromDerValue()
• Introduce ULong.Companion.decodeFromDer which can handle overlong inputs, as long as they start with a valid ULong encoding
• Changed return type of Verifier::verify from KmmResult<Unit> to KmmResult<Success>. Usage is unchanged.
• Add ConfirmationClaim to represent Proof-of-Possesion Key Semantics for JWTs
• Add claims to JsonWebToken to implement Demonstrating Proof of Possession
• Replace JsonWebToken.confirmationKey by JsonWebToken.confirmationClaim, the implementation was wrong
• Introduce ULong.toAsn1VarInt() to encode ULongs into ASN.1 unsigned VarInts (not to be confused with
  multi^2_base'sUVarInt!)
• Introduce decodeAsn1VarULong() and decodeAsn1VarUInt() which can handle overlong inputs, as long as they start with a valid unsigned number encoding.
  • Comes in three ULong flavours:
    • Iterator<Byte>.decodeAsn1VarULong()
    • Iterable<Byte>.decodeAsn1VarULong()
    • ByteArray.decodeAsn1VarULong()
  • and three UInt flavours:
    • Iterator<Byte>.decodeAsn1VarUInt()
    • Iterable<Byte>.decodeAsn1VarUInt()
    • ByteArray.decodeAsn1VarUInt()
• Revamp implicit tagging
• Revamp Asn1Element.parse(), introducing new variants. This yields:
  • Asn1Element.parse() with the same semantics as before
  • Asn1Element.parse() alternative introduced, which takes a ByteIterator instead of a ByteArray
  • Asn1Element.parseAll() introduced, which consumes all bytes and returns a list of all ASN.1 elements (if parsing works)
    • Variant 1 takes a ByteIterator
    • Variant 2 takes a ByteArray
  • Asn1Element.parseFirst() introduced, which tries to only parse a single ASN.1 element from the input and leaves the rest untouched.
    • Variant 1 takes a ByteIterator and returns the element; the ByteIterator is advanced accordingly
    • Variant 2 takes a ByteArray and returns a Pair of (element, remainingBytes)
• More consistent low-level encoding and decoding function names:
  • encodeToAsn1Primitive to produce an Asn1Primitive that can directly be DER-encoded
  • encodeToAsn1ContentBytes to produce the content bytes of a TLV primitive (the V in TLV)
  • decodeToXXX to be invoked on an Asn1Primitive to decode a DER-encoded primitive into the target type
  • decodeFromAsn1ContentBytes to be invoked on the companion of the target type to decode the content bytes of a TLV primitive (the V in TLV)
• Update conventions -> Coroutines 1.9.0
• replace runCatching with catching to be extra-safe

3.8.0 (Supreme 0.3.0)

Breaking Changes Ahead!

• Completely revamped ASN.1 Tag Handling
  • Properly handle multi-byte tags
  • Introduce a new data structure TLV.Tag with an accompanying TagClass enum and a constructed flag to accurately represent arbitrary tags up to ULong.MAX_VALUE
  • Make all tag parameters ULong to reflect support for multi-byte tags
  • Remove DERTags
  • Revamp implicit tagging (there is still work to be done, but at least it supports CONSTRUCTED ASN.1 elements)
• Refactor Int.Companion.decodeFromDer -> Int.Companion.decodeFromDerValue()
• Refactor Long.Companion.decodeFromDer -> Long.Companion.decodeFromDerValue()
• Introduce ULong.Companion.decodeFromDer which can handle overlong inputs, as long as they start with a valid ULong encoding
• Changed return type of Verifier::verify from KmmResult<Unit> to KmmResult<Success>. Usage is unchanged.
• Add ConfirmationClaim to represent Proof-of-Possesion Key Semantics for JWTs
• Add claims to JsonWebToken to implement Demonstrating Proof of Possession
• Replace JsonWebToken.confirmationKey by JsonWebToken.confirmationClaim, the implementation was wrong
• Introduce ULong.toAsn1VarInt() to encode ULongs into ASN.1 unsigned VarInts (not to be confused with
  multi^2_base'sUVarInt!)
• Introduce decodeAsn1VarULong() and decodeAsn1VarUInt() which can handle overlong inputs, as long as they start with a valid unsigned number encoding.
  • Comes in three ULong flavours:
    • Iterator<Byte>.decodeAsn1VarULong()
    • Iterable<Byte>.decodeAsn1VarULong()
    • ByteArray.decodeAsn1VarULong()
  • and three UInt flavours:
    • Iterator<Byte>.decodeAsn1VarUInt()
    • Iterable<Byte>.decodeAsn1VarUInt()
    • ByteArray.decodeAsn1VarUInt()
• Revamp implicit tagging
• Revamp Asn1Element.parse(), introducing new variants. This yields:
  • Asn1Element.parse() with the same semantics as before
  • Asn1Element.parse() alternative introduced, which takes a ByteIterator instead of a ByteArray
  • Asn1Element.parseAll() introduced, which consumes all bytes and returns a list of all ASN.1 elements (if parsing works)
    • Variant 1 takes a ByteIterator
    • Variant 2 takes a ByteArray
  • Asn1Element.parseFirst() introduced, which tries to only parse a single ASN.1 element from the input and leaves the rest untouched.
    • Variant 1 takes a ByteIterator and returns the element; the ByteIterator is advanced accordingly
    • Variant 2 takes a ByteArray and returns a Pair of (element, remainingBytes)
• More consistent low-level encoding and decoding function names:
  • encodeToAsn1Primitive to produce an Asn1Primitive that can directly be DER-encoded
  • encodeToAsn1ContentBytes to produce the content bytes of a TLV primitive (the V in TLV)
  • decodeToXXX to be invoked on an Asn1Primitive to decode a DER-encoded primitive into the target type
  • decodeFromAsn1ContentBytes to be invoked on the companion of the target type to decode the content bytes of a TLV primitive (the V in TLV)
• Update conventions -> Coroutines 1.0.9
• replace runCatching with catching to be extra-safe

Closed Issues:

• #116
• #117
• #121
• #125

3.7.0 (Supreme 0.2.0)

• Remove Swift verifier logic to obtain a general speed-up
• Implement supreme signing capabilities
• Introduce Attestation Data Structure
• Dependency Updates:
  • Kotlin 2.0.20
  • kotlinx.serialization 1.7.2 stable (bye, bye unofficial snapshot dependency!)
  • kotlinx-datetime 0.6.1

3.6.1

Externalise UVarInt

3.6.0: Signum

• Rebranding to Signum
  • maven coordinates: at.asitplus.signum:$module
  • modules
    • datatypes -> indispensable
    • datatypes-jws -> indispensable-josef
    • datatypes-cose -> indispensable-cosef
    • provider -> supreme
  • package renames
  • crypto -> signum
  • datatypes -> indispensable
  • jws -> josef
  • cose -> cosef
  • provider -> supreme

3.5.1

** Fixes **

• Publish provider pre-release to maven central

** Changes **

• Depend on newer conventions, which don't pull serialization snapshots in:
  • datatypes, datatypes-jws, and provider depend on stable serialization WITHOUT COSE SUPPORT
  • datatypes-cose pulls in latest 1.8.0 serialization SNAPSHOT from upstream
• ByteStringWrapper is not part of upstream snapshot cose serialization anymore,
  but implemented as part of datatypes-cose in package at.asitplus.crypto.datatypes.cose.io

Release 3.5.0

Fixes

• Fix calculation of JWK thumbprints according to RFC7638

Changes

• Add provider module that actually implements cryptography! (Currently in preview, signature verification only)
• Add COSE_Key header to CoseHeader, defined in OpenID for Verifiable Credential Issuance draft 13
• Fix serialization of COSE signature structures
• Refactor JsonWebKey:
  • Remove identifier, please use keyId or jwkThumbprint directly
  • Add equalsCryptographically() to compare two keys by their cryptographic properties only
• Externalise multibase implementation

3.2.2

• KmmResult 1.7.0
• Bignum 0.3.10 stable
• okio 3.9.0