0.6.2
zandbelt
released this
14 Apr 19:31
·
29 commits
to version-0.6.2.x
since this release
Security
- use fixed size of IV size of 16 bytes for
AES-CBC
(#11) ; thanks @securedimensions
Features
- allow compilation against OpenSSL 3 with
#define OPENSSL_API_COMPAT 0x10000000L
- add support for
A128GCM
andA192GCM
encryption (#4) - extract
cjose_jwe_encrypt_iv
to allow explicit IV (#9) ; thanks @rnapier - preserve key order in order to be able to compare serialized JWTs (#2)
Bugfixes
- fix memory leak already addressed in
cjose_jws_build_dig_sha
when a JWS is reused for validation (#12) ; thanks @traeak - fix double free on decrypt ek rsa padding failure (#6)
- fix buffer overflow in
test_cjose_jwe_multiple_recipients
(#10) ; thanks @mpsun - check that JWE object has any CEK at all, return error if it doesn't (#5) ; thanks @veselov
- check result of
cek = cjose_get_alloc()(cek_len)
injwe.c
(cisco#110) ; thanks @marcstern - replace calls to
free()
withcjose_get_dealloc()
in _cjose_jws_build_hdr (#7) ; thanks @zachmann
Other
- cleanup some warnings about
\param
lines in header files (#1) ; thanks @jogu - minor updates for conformance (#3) ; thanks @ajishna
- compile against older versions of check (cisco#91) ; thanks @treydock
- rename
free()
tofree_func()
instruct key_fntable
for memory leak detectors (cisco#109) ; thanks @marcstern