Releases: veraison/go-cose
Releases · veraison/go-cose
v1.3.0
What's Changed
- Add
COSE_Key
support by @setrofim in #146 - Retract v1.2.0 release by @setrofim in #153
- fix: typo UnataggedSign1Message -> UntaggedSign1Message by @spennymac in #148
- Key fixes by @setrofim in #154
- Remove unnecessary cbor marshal methods by @qmuntal in #155
- Centralize key validations and check more invalid cases by @qmuntal in #156
- Convert key tests to tabular tests by @qmuntal in #157
- Refactor Key to support custom parameters by @qmuntal in #158
- Validate key sizes and allow signing with empty public keys by @qmuntal in #159
- Deprecate AlgorithmEd25519 and provide AlgorithmEdDSA instead by @qmuntal in #160
- Make built-in types implement the new DigestSigner and DigestVerify interface by @qmuntal in #144
- Consolidate API names related to Key by @qmuntal in #161
- Rewrite interface{} to any by @qmuntal in #162
- Add support for RS256, RS384, RS512 constants by @hslatman in #163
- Improve Algorithm.String() message for unknown values by @qmuntal in #167
- Upgrade fxamacker/cbor to v2.5.0 by @qmuntal in #166
- Add support to
COSE_Countersignature
(RFC 9338) by @balena in #172 - Validate content type header parameter by @qmuntal in #176
- chore: fix duplicated import in the example by @shizhMSFT in #179
- docs: fix the syntax of CODEOWNERS by @shizhMSFT in #180
- Update Readme for the latest release by @SteveLasker in #182
- refactor!: deprecate crypto elliptic by @shizhMSFT in #187
- Document the Release Process by @SteveLasker in #188
- Add support for CWT Claims & Type in Protected Headers by @SteveLasker in #189
- docs: update docs for release process by @shizhMSFT in #193
New Contributors
- @spennymac made their first contribution in #148
- @hslatman made their first contribution in #163
- @balena made their first contribution in #172
Full Changelog: v1.1.0...v1.3.0
v1.3.0-rc.1
Cutting rc.1
based on no changes to alpha.1
https://github.com/veraison/go-cose/blob/main/release-management.md#pre-release
Full Changelog: v1.3.0-alpha.1...v1.3.0-rc.1
v1.3.0-alpha.1
What's Changed
- Add
COSE_Key
support by @setrofim in #146 - Retract v1.2.0 release by @setrofim in #153
- fix: typo UnataggedSign1Message -> UntaggedSign1Message by @spennymac in #148
- Key fixes by @setrofim in #154
- Remove unnecessary cbor marshal methods by @qmuntal in #155
- Centralize key validations and check more invalid cases by @qmuntal in #156
- Convert key tests to tabular tests by @qmuntal in #157
- Refactor Key to support custom parameters by @qmuntal in #158
- Validate key sizes and allow signing with empty public keys by @qmuntal in #159
- Deprecate AlgorithmEd25519 and provide AlgorithmEdDSA instead by @qmuntal in #160
- Make built-in types implement the new DigestSigner and DigestVerify interface by @qmuntal in #144
- Consolidate API names related to Key by @qmuntal in #161
- Rewrite interface{} to any by @qmuntal in #162
- Add support for RS256, RS384, RS512 constants by @hslatman in #163
- Improve Algorithm.String() message for unknown values by @qmuntal in #167
- Upgrade fxamacker/cbor to v2.5.0 by @qmuntal in #166
- Add support to
COSE_Countersignature
(RFC 9338) by @balena in #172 - Validate content type header parameter by @qmuntal in #176
- chore: fix duplicated import in the example by @shizhMSFT in #179
- docs: fix the syntax of CODEOWNERS by @shizhMSFT in #180
- Update Readme for latest release by @SteveLasker in #182
- refactor!: deprecate crypto elliptic by @shizhMSFT in #187
- Document the Release Process by @SteveLasker in #188
- Add support for CWT Claims & Type in Protected Headers by @SteveLasker in #189
- docs: update docs for release process by @shizhMSFT in #193
New Contributors
- @spennymac made their first contribution in #148
- @hslatman made their first contribution in #163
- @balena made their first contribution in #172
Full Changelog: v1.1.0...v1.3.0-alpha.1
v1.1.0
Add untagged COSE_Sign1
message support.
What's Changed
- Correct return error code when key cannot be decoded by @yogeshbdeshpande in #130
- Add precise error conditions to verifier unit tests by @yogeshbdeshpande in #136
- fix: deterministic encode cose_sign / cose_sign1 sig_signature by @shizhMSFT in #135
- Add untagged COSE_Sign1 support by @setrofim in #143
New Contributors
Full Changelog: v1.0.0...v1.1.0
1.0.0
📘Documentation
go-cose readme
What's Changed
- Sign1 by @thomas-fossati in #1
- Sign1 bells and whistles by @thomas-fossati in #2
- add license check by @thomas-fossati in #3
- Add gluecose conformance tests by @qmuntal in #19
- Fix CI and add first fuzz test by @qmuntal in #20
- Add PS256 conformance tests by @qmuntal in #21
- Remote Signing by @shizhMSFT in #51
- add Sign1Message benchmarks by @qmuntal in #54
- Mark COSE Sign as experimental by @thomas-fossati in #58
- Remove design.md as remote signing has merged by @SteveLasker in #57
- Documentation cleanup by @qmuntal in #61
- Guard against race conditions in RegisterAlgorithm by @qmuntal in #62
- Use curve modulo instead of field size to calculate ECDSA signature length by @qmuntal in #60
- Fix integer range rendering by @qmuntal in #63
- Update readme with release info by @SteveLasker in #65
- Remove cose.Verify1 and update cose.Sign1 by @qmuntal in #67
- Ensure IV and Partial IV are not both present by @qmuntal in #66
- Correct README to reflect the defork from mozilla/go-cose by @yogeshbdeshpande in #69
- Create Reports folder under go-cose by @yogeshbdeshpande in #70
- Upload NCC Public Report by @kevin-henry-ncc in #77
- Fail-safe check on RSA by @shizhMSFT in #72
- Ensure critical header contains valid labels by @qmuntal in #78
- Error if unprotected header contains crit param by @qmuntal in #81
- Add baseline security process by @SteveLasker in #4
- Improve Sign1Message.Sign1() docs by @qmuntal in #85
- upload coverage to codecov.io by @qmuntal in #84
- Validate generic headers by @qmuntal in #87
- Increase headers type validation coverage by @qmuntal in #89
- Update README.md and SECURITY.md from alpha.1 to rc.1 by @FeynmanZhou in #91
- Enhance reports folder README.md and also top level README.md by @yogeshbdeshpande in #93
- Upload the Trail of Bits public security assessment report by @ESultanik in #94
- Add Trail of Bits Security Review by @SteveLasker in #96
- refactor!: accept message content instead of digest for sign and verify by @shizhMSFT in #101
- chore: upgrade ci to go 1.18 and go 1.19 by @shizhMSFT in #103
- Reduce FuzzSign1 memory consumption by @qmuntal in #104
- Update cose-spec from draft to RFC 9052 by @fxamacker in #109
- Improve README.md examples by @qmuntal in #111
- Use cbor.SortCoreDeterministic for CBOR encoding by @qmuntal in #113
- fix example in the readme by @thomas-fossati in #114
- Check EC point is on curve at Verifier instantiation by @thomas-fossati in #116
New Contributors
- @thomas-fossati made their first contribution in #1
- @SteveLasker made their first contribution in #57
- @yogeshbdeshpande made their first contribution in #69
- @kevin-henry-ncc made their first contribution in #77
- @FeynmanZhou made their first contribution in #91
- @ESultanik made their first contribution in #94
- @fxamacker made their first contribution in #109
Full Changelog: v1...v1.0.0
v1.0.0-rc.2
📘Documentation
What's Changed
- Update README.md and SECURITY.md from alpha.1 to rc.1 by @FeynmanZhou in #91
- Enhance reports folder README.md and also top level README.md by @yogeshbdeshpande in #93
- Upload the Trail of Bits public security assessment report by @ESultanik in #94
- Add Trail of Bits Security Review by @SteveLasker in #96
- refactor!: accept message content instead of digest for sign and verify by @shizhMSFT in #101
- chore: upgrade ci to go 1.18 and go 1.19 by @shizhMSFT in #103
- Reduce FuzzSign1 memory consumption by @qmuntal in #104
- Update cose-spec from draft to RFC 9052 by @fxamacker in #109
- Improve README.md examples by @qmuntal in #111
- Use cbor.SortCoreDeterministic for CBOR encoding by @qmuntal in #113
New Contributors
- @FeynmanZhou made their first contribution in #91
- @ESultanik made their first contribution in #94
- @fxamacker made their first contribution in #109
Full Changelog: v1.0.0-rc.1...v1.0.0-rc.2
v1.0.0-rc.1
📘Documentation
Security Reviews
ncc group go-cose Security Assessment
What's Changed
- Documentation cleanup by @qmuntal in #61
- Guard against race conditions in RegisterAlgorithm by @qmuntal in #62
- Use curve modulo instead of field size to calculate ECDSA signature length by @qmuntal in #60
- Fix integer range rendering by @qmuntal in #63
- Update readme with release info by @SteveLasker in #65
- Remove cose.Verify1 and update cose.Sign1 by @qmuntal in #67
- Ensure IV and Partial IV are not both present by @qmuntal in #66
- Correct README to reflect the defork from mozilla/go-cose by @yogeshbdeshpande in #69
- Create Reports folder under go-cose by @yogeshbdeshpande in #70
- Upload NCC Public Report by @kevin-henry-ncc in #77
- Fail-safe check on RSA by @shizhMSFT in #72
- Ensure critical header contains valid labels by @qmuntal in #78
- Error if unprotected header contains crit param by @qmuntal in #81
- Add baseline security process by @SteveLasker in #4
- Improve Sign1Message.Sign1() docs by @qmuntal in #85
- upload coverage to codecov.io by @qmuntal in #84
- Validate generic headers by @qmuntal in #87
- Increase headers type validation coverage by @qmuntal in #89
New Contributors
- @yogeshbdeshpande made their first contribution in #69
- @kevin-henry-ncc made their first contribution in #77
Full Changelog: v1.0.0-alpha.1...v1.0.0-rc.1
v1.0.0-alpha.1
Documentation 📘
What's Changed
- Sign1 by @thomas-fossati in #1
- Sign1 bells and whistles by @thomas-fossati in #2
- add license check by @thomas-fossati in #3
- Add gluecose conformance tests by @qmuntal in #19
- Fix CI and add first fuzz test by @qmuntal in #20
- Add PS256 conformance tests by @qmuntal in #21
- Remote Signing by @shizhMSFT in #51
- add Sign1Message benchmarks by @qmuntal in #54
- Mark COSE Sign as experimental by @thomas-fossati in #58
- Remove design.md as remote signing has merged by @SteveLasker in #57
New Contributors
- @thomas-fossati made their first contribution in #1
- @SteveLasker made their first contribution in #57
Full Changelog: https://github.com/veraison/go-cose/commits/v1.0.0-alpha.1