v0.25.0

0.25.0 (2024-10-28)

Bug Fixes

• added @trust/keyto to dependencies of key-utils (bc5d6f6)
• added @trust/keyto to dependencies of key-utils (6bb8d9e)
• applied importProvidedOrGeneratedKey in KeyDidProvider (841a1da)
• fixed didManagerCreate test (b3b6756)
• lockfile (73415ed)
• musapKMS improved determineAlgorithm handling (24d8218)
• reverted dependency update of ssi-types in key-utils module (4150b25)
• reverted dependency update of ssi-types in key-utils module (1741bda)
• u8aintarrays do not work with REST (8c68022)
• workaround: Workaround (downgrade) for nist-weierstrauss being ESM only. refs #19 (should have a proper solution soon) (aff05cf)

Features

• Add JWS signature verification; Add cose key conversions and resolution (managed and external) (9f76393)
• Add support for setting or inferring kid and issuer. Which will be handy for JWS signing. Also split managed functions into separate functions, like we do for the external identifier resolution. (c17edaf)
• Add support to convert any identifier resolution to JWK and Key resolution (60da6b8)
• added calculation and querying based on jwk thumbprints (5ce83cc)
• added managed issuer identifier resolution (d5ca58e)
• added MusapKeyManagerSystem (5841d67)
• Added x509 validateX5cCertificateChain & validatePEMCertificateChain functions (3706e31)
• Allow main managed identifier get method to be lazy when a resolved identifier is passed in (28fb763)
• Allow main managed identifier get method to be lazy when a resolved identifier is passed in (7d4fa81)
• Allow to cleanup keys and have ephemeral keys. Remove dep on kms-local from KMS. Always calculate jwkThumbprints no matter the KMS used (94414ff)
• also allow passing in a resolved identifier next to identifier opts, so we do not have to resolve twice (70d2d15)
• Create seperate function to handle KMS managed identifiers of different types as the assumption always was DIDs (944b425)
• Expose managed identifier lazy result method, as we are using lazy resolution more and more (b2c8065)
• Expose subject alternative names. Make getting the public key JWK more resilient. Allow to blindly trust certificates for testing purposes (only when x5c has 1 element!) as we perform all kinds of checks including CA certificate extension verifications in the chain (675d6cb)
• External resolution of keys and validations for DIDs and x5c (01db327)
• Have a method on the Key Management System as well as a separate function to get a named or the default KMS. Remove dep/enum for kms local. We only have KMSs names at runtime. We should not rely on static KMS names ever! (c0ca69f)
• JWE JWT compact agent methods (6324f97)
• New JWS signature service that makes use of the managed identifier resolution, allowing for easier and more flexible JWT signing. (941996e)

Reverts

• Revert "chore: Allow default values for kms as kms is not optional in Veramo APIs" (708742c)

v0.24.0

0.24.0 (2024-08-01)

Bug Fixes

• added createKey functionality (fcb9e82)
• added enable sscd to musap react native kms (da8a411)
• breaking: Remove BLS crypto from Mattr for now. It is not very well maintained, and is proving to be very difficult in both Windows and React-Native environments. Will be replaced later with a different implementation (e097e25)
• Fix key usages for jwks when importing keys (c473572)
• fixed the sign function for musap rn kms (e3318e6)
• modified the decoding for sign in the musap module (8561b0d)
• modified the decoding for sign in the musap module (64a53c5)
• modified the decoding for sign in the musap module (34bba55)
• modified the decoding for sign in the musap module (e2a76a7)
• modified the decoding for sign in the musap module (7b6e68f)
• updated musap kms with recent changes from the musap react native lib (b1518de)

Features

• (WIP) added MusapKeyManagerSystem (f55926f)
• (WIP) added MusapKeyManagerSystem (809846d)
• added build script and android directory to musap-rn-kms module (9be5fb0)
• added delete function (ab72368)
• added mapper function for create key in musap kms and added the option to enable certain sscd's in the constructor (db5c8d3)
• added sign function (62dc3ab)
• Improve kid determination. Rename most kid arguments to kmsKeyRef, as these are only the internal KMS kids. Preventing confusion. Improve did functions to accept object args. (22f465c)
• remove isomorphic-webcrypto (1adc1fe)

v0.23.0

0.23.0 (2024-07-23)

Bug Fixes

• Did web keys and services options/args were not taken into account (fb37ba0)
• did web resolution from identifier was not taking keys into account that had no purpose set (8447426)
• did web resolution from identifier was not taking keys into account that had no purpose set (980075b)
• get or create primary identifier was incorrectly constructing the identifier provider from the DID method (d89542e)
• get or create primary identifier was not searching for the correct DID methods (8b1aad7)

Features

• generate key when private keys is not provided (090b8fa)
• Make key/vm from identifier/did functions more future proof and add option to search for controller keys and key types (f691789)

v0.22.0

0.22.0 (2024-07-02)

Bug Fixes

• better local DID Document conversion from identifiers (e332562)
• determine kid function can have a null verification method which was not taken into account (d80a945)
• getKey method was not looking at existing vms or purpose metadata values (36619d6)
• getKey method was not working well with did#vm or #vm key ids (b04eb3f)
• Key metadata was switched for Secp256k1 and Secp256r1 keys (ae174aa)
• kid determination of a key should look for jwk thumbprint as well (d00e984)
• our exported JWK depended on another lib, which is not needed. Also was not compatible with Jose, which is heavily used (8b20d61)
• x5c is an array in a JWK (58f607f)

chore

• remove did-provider-ebsi in favor of ebsi-support, which can also handle everything the old provider did (5299044)

Features

• Add service and key for EBSI DIDs (4ec6f18)
• Add support to find keys by thumbprint, and not have to resolve to DID resolution in all cases (d37c772)
• Added getAuthenticationKey getPrimaryIdentifier & createIdentifier to did-utils (7360ab6)

BREAKING CHANGES

• remove @sphereon/ssi-sdk-ext.did-provider-ebsi, which has been replaced with @sphereon/ssi-sdk.ebsi-support

v0.21.0

0.21.0 (2024-06-19)

Bug Fixes

• Multiple DID EBSI fixes (131faa0)

Features

• Ensure we can actually pass in bearer tokens & misc cleanups (4abc507)

v0.20.0

0.20.0 (2024-06-13)

Bug Fixes

• added a few fixes and type definitions (7040799)
• added keyManagerListKeys binding (e2f723b)
• Bugfix creating eth transactions (1d2e04d)
• fix base64url sanitizing (473c028)
• Fixed broken tests (07d320a)

Features

• (wip) added list keys functionality. the kms-local function works but we face error on key-manager level (bde93d3)
• Added secp256r1 key to createIdentifier() method (81fff51)
• Implemented conversion of public keys, rpc service and documentation (b0ac3b5)
• Implemented integration of the ebsi rpc service with the ebsi did provider (3c1ef0d)

v0.19.0

0.19.0 (2024-04-25)

Features

• Added secp256r1 key to createIdentifier() method (f8da68d)

v0.18.2

0.18.2 (2024-04-24)

Note: Version bump only for package @sphereon/ssi-sdk-ext.workspace

v0.18.1

0.18.1 (2024-04-04)

Bug Fixes

• Padding had incorrect length comparison (d141050)

v0.18.0

0.18.0 (2024-03-19)

Bug Fixes

• Key did provider fixes for invalid did:key encodings (194c480)
• Make sure bbs-sig packages are peer deps, because of heir poor Windows and RN support (32d6bd9)
• Make sure secp256k1 keys are compressed (15493c1)
• unknown point format (b25d6de)

Features

• Ensure proper key type is used for did:key in case codeName is JCS/EBSI (af11a99)