Skip to content
This repository has been archived by the owner on Feb 27, 2023. It is now read-only.

Version 2.2.0
Compare
Choose a tag to compare
@csstaub csstaub released this 30 Nov 01:26
· 146 commits to master since this release
v2.2.0
This tag was signed with the committer’s verified signature.
csstaub Cedric Staub
GPG key ID: CF5A0B62B8712EBE
Verified
Learn about vigilant mode.
f61ac65
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Bug Fixes

  • Check that key size when matches cipher for DIRECT encryption mode (issue #204, fix in #205)
  • Fix auth tag length for A192CBC-HS384, A256CBC-HS512 to match spec (issue #206, fix in #207)

Note: We bumped the minor version in this release because the changes in #207 fixes a compatibility issue with the implementations of the A192CBC-HS384 and A256CBC-HS512 ciphers. The library didn't correctly follow the JOSE specification (RFC 7518) when encrypting and as a result ciphertexts produced with square/go-jose were incompatible with other JOSE implementations. Ciphertexts produced from other libraries with those ciphers would still decrypt correctly. If you were encrypting with A192CBC-HS384 and A256CBC-HS512 using old versions of this library there might be compatibility concerns when upgrading.

Assets 2
Loading