- Add optimization for JSON-LD controller documents that are DID documents. When a controller ID resolves to a JSON-LD DID Document, then JSON-LD framing can be skipped when verifying verification method relationships if the verification relationship is one that is defined by the DID context.
- Use the
sizemethod to get the number of entries in thepurposeToProofsMap.
- Support passing multiple purposes in a single verify call.
- Add
NotFoundErrorname to error thrown when there are not enough proofs to match the passed supported suites and purposes during verification. LD suite implementations should not be relying the error message but can rely on thenameproperty of the error instead.
LinkedDataSignatureno longer callspurpose.validate; this function is instead called afterverifyProof(). This removes the responsibility of calling this function from LD suite implementations and places it in the main verify call from within jsigs instead. LD suites will still be passed a dummypurposein this version for backwards compatibility purposes that will successfully return a promise that resolves totruefrompurpose.validate(). Decoupling this from the suites both establishes a better separation of concerns and simplifies LD suites by reducing their responsibilities. LD suites are responsible for returing theverificationMethodused in their results so it can be passed topurpose.validate().- Add cache for hash of canonicalized document to enable its reuse when verifying multiple proofs on a single document.
- Use
Mapto internally represent contexts instead of an object. This optimizes better w/ v8.
- Use
tag: 'static'feature inextendContextLoader. This flag will inform the JSON-LD processor that the statically loaded contexts are, in fact, static and only need to be processed once.
- Move ensuring suite context to suite subclass. (Non-breaking change, added to support the 2018 signature suite.)
These changes were intended to be released in v9.0.0, so, releasing them as a patch.
- BREAKING: Implement automatic adding of the suite context to the document to be signed, (if it's not present already).
- BREAKING: Remove the case where the
documentargument insign()orverify()is a URL (instead of an object), since this is an unused feature, and a mixing of layers.
- BREAKING: Remove
verificationMethodparam from suite constructor. It is now strictly initialized fromkey.idorsigner.id. Increase validation on either key or signer/verifier parameters.
- Add missing
signerandverifierparameters to theLinkedDataSignatureconstructor. This issue causedthis.signerin subclasses to beundefined.
- In ProofSet, use the document's context for proof before defaulting to security context.
- Update karma setup, remove babel.
- BREAKING: Only support Node.js >=12.
- BREAKING: Drop support for deprecated
ownerproof property. - BREAKING: Drop support for deprecated
creatorproof property.
- BREAKING: No longer shipping browser bundles. Due to splitting out suites into other packages, it becomes more practical to create browser bundles at the application level with modern tools.
- BREAKING: No longer exporting
crypto-ldclasses. - BREAKING: Remove
PublicKeyProofPurpose. - BREAKING: Remove
GraphSignature2012suite. - BREAKING: Remove
LinkedDataSignature2015suite. - BREAKING: Remove bundled signature suites; all moved to external repos:
JwsLinkedDataSignaturesuite moved to https://github.com/digitalbazaar/jws-linked-data-signatureRsaSignature2018suite moved to https://github.com/digitalbazaar/rsa-signature-2018Ed25519Signature2018suite moved to https://github.com/digitalbazaar/ed25519-signature-2018
- BREAKING: Remove
compactProofparameter when signing and verifying. This means that going forward, documents are required to use the appropriate contexts for the proof that they're using (error will be thrown otherwise).
- BREAKING: Update to
[email protected]dep (uses JSON-LD 1.1).
- BREAKING: Drop support for Node.js v8.
- Use [email protected].
- Improve error handling when a JwsLinkedDataSignature is missing a "jws" property.
- Re-publish to fix package.json version.
- BREAKING: ECDSA signature support.
- Remove EcdsaKoblitzSignature2016 suite and tests.
- Remove bitcore-message dependency.
- Move feature to 'ecdsa-koblitz-signature-2016' package.
- BREAKING:
verify()'s results.error is now always aVerificationErrorinstance whereerror.errorsis an array that includes all of the errors that occurred during the verification process.
- Update node-forge and jsonld dependencies.
- Required jsonld.js >= 2.0.1.
- Update jsonld.js dependency to 2.0.0.
- Export
JwsLinkedDataSignaturein suites.
- Use [email protected] with support for Node 12 native Ed25519 crypto.
- Update dependencies.
- Use security-context@4:
- Add terms for EcdsaSecp256 signature suites.
- Add terms for EcdsaSecp256 keys.
- Add term DeriveSecretOperation.
- Use [email protected] which properly specifies the Node.js engine.
- Replace local copies of security contexts with
security-contextmodule.
- Handle compacting proofs that use a type-scoped proof term definition.
- Update local copy of security-v2 context.
- Correct inconsistencies in the LinkedDataSignature APIs that allowed for
optional
signerandverifierparameters in some places, but required those parameters in other places.
- Errors in proof verification reports now have a
toJSONmethod that allows the errors to be serialized properly when the report is stringified usingJSON.stringify.
- Update webpack externals to also support amd and commonjs names.
- Updated local copy of security-v2 context.
- NOTE: Updated jsonld to 1.5.0. Dependency and code updates will be required to continue using the native canonize bindings. See the jsonld.js 1.5.0 notes.
- BREAKING: Updated crypto-ld to 3.0.0. The exposed APIs changed the key fingerprint output encodings.
- Switch to eslint.
- Expose
useNativeCanonizeoption in constructors of suites that use rdf-canonize.
- JwsSignatures now default to
verificationMethodterm in the proof unless a legacy public key is being used. A legacy public key is one that has the deprecatedownerproperty instead of the newercontrollerproperty.
- Use crypto-ld@2.
- BREAKING: Remove Node.js 6.x support. If you need Node.js 6.x support please use the 2.x series or setup your own translation.
- Fix ProofSet suite matching.
- Ensure proof verification method matches key if given.
- Fix ProofSet proof matching.
- Use 2048-bit RSA keys in tests.
- Improve usage of Babel features.
- Move webpack-cli to dev dependency.
- Update to Babel 7.
- Add
compactProofflag that can be set tofalseto enable skipping compaction of proof(s) when it is known that the input document's (forsignorverify) JSON-LD@contextdefines all applicable proof terms using the same definitions as the JSON-LD@contextused internally by the library (i.e. the JSON-LD@contextdefined byconstants.SECURITY_CONTEXT_URL). This flag should only be set tofalseby advanced users that have ensured their software systems have strictly validated the input to ensure that it is safe and cannot be misinterpreted. If these guarantees can be met, then setting this flag tofalsemay be a useful optimization consideration.
- BREAKING:
signandverifyAPIs require suites and proof purpose instances to be passed.
- BREAKING: Removed API
wrapand injector support. - BREAKING: callback-based API is no longer supported.
- BREAKING: Removed exposed utility/helper functions.
- Karma PhantomJS support. Upstream deprecated PhantomJS and suggests headless Chrome or similar.
- Optimize
LinkedDataSignaturecreateVerifyDatato remove one round of compaction and one round of expansion. This eliminates a total of four rounds (2x compaction, 2x expansion) for sign+verify processes ascreateVerifyDatais used in bothsignandverify.
- Add in-browser support for ed25519.
- Fix bug with explicitly passed
undefinedoptions.
- Fix 1.0 compatibility issue with update of jsonld to 1.0.1.
- Update jsonld to 1.0.0.
- Use
chloride, a faster and better maintained implementation ofEd25519.
- Use RSASSA-PSS with
RsaSignature2018, not RSASSA-PKCS1-v1_5. Uses PS256 JWS algorithm (sha256 for all hashing including mgf1 and a salt length that matches the digest length, i.e. 32 bytes).
- Ensure
proofPurposeproperty's objects are framed as application suites containing references to public keys not direct public keys.
- Ensure key types are validated.
- Ensure proof node is sanitized prior to use as verification data.
- Expose
sanitizeProofNodefor suite-specific override.
- Expose
suiteson main API to allow for other libs to create plugins that extend them.
- Do not require
creatoroption.
- Only include
publicKeyin result ifcreatoris present. - Do not override
createdinproofoption ifdateis not given inoptions.
- Move cross-env to devDependencies.
- Add webpack support. Build and distribute bundles in
distdirectory. - Add node6 support. Use babel to generate files in
dist/node6directory. Used automatically at runtime. - Use karma for browser testing.
- Use node and karma test setup files that use a common test file.
- BREAKING:
verifynow returns an object withkeyResultsandverified.
- Support for RsaSignature2018.
- Support for Ed25519Signature2018.
- Support for
proofandproofPurpose. - Support for attaching and verifying multiple proofs (signatures) as a set on a single document.
- Add embedded security JSON-LD contexts. These are automatically used unless a
documentLoaderoption passed tosignorverifyoverrides this behavior.
- BREAKING: Removed bower support. Use npm and the bundles in the
distdirectory. - Remove grunt support in favor of package.json script targets.
- BREAKING: Removed deprecated options in
wrapfunction. Use theuseAPI instead.
- Add
keyvalidation incheckKeyAPI.
- EcdsaKoblitzSignature2016 signature algorithm.
- See git history for changes.