From 7f45ff7f25b00f17e4dd55e584f2e1c7b8d9a432 Mon Sep 17 00:00:00 2001 From: Poovamraj T T Date: Wed, 16 Mar 2022 21:18:41 +0530 Subject: [PATCH] Catch up v4 to master (#552) * Bump `jackson-databind` dependency to 2.13.2 (#542) * Bump `jackson-databind` dependency to 2.13 * Update build.gradle * Update build.gradle * Deprecate ES256K Algorithm (#543) * [SDK-3192] Deprecate secp256k1 curve for EC Algorithms * Documentation update * Release 3.19.0 Co-authored-by: Evan Sims Co-authored-by: James Anderson --- CHANGELOG.md | 12 ++++++++++++ README.md | 4 ++-- lib/build.gradle | 2 +- .../java/com/auth0/jwt/algorithms/Algorithm.java | 8 ++++++++ 4 files changed, 23 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0b8231d4..84686b4b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,17 @@ # Change Log +## [3.19.0](https://github.com/auth0/java-jwt/tree/3.19.0) (2022-03-14) +[Full Changelog](https://github.com/auth0/java-jwt/compare/3.18.3...3.19.0) + +**Deprecated** +- Deprecate ES256K Algorithm [\#543](https://github.com/auth0/java-jwt/pull/543) ([poovamraj](https://github.com/poovamraj)) + +**Fixed** +- fix typos in JWTVerifier#verify docstring [\#526](https://github.com/auth0/java-jwt/pull/526) ([OdunlamiZO](https://github.com/OdunlamiZO)) + +**Security** +- Bump `jackson-databind` dependency to 2.13.2 [\#542](https://github.com/auth0/java-jwt/pull/542) ([evansims](https://github.com/evansims)) + ## [3.18.3](https://github.com/auth0/java-jwt/tree/3.18.3) (2022-01-13) [Full Changelog](https://github.com/auth0/java-jwt/compare/3.18.2...3.18.3) diff --git a/README.md b/README.md index 9fbb2138..0f847cca 100644 --- a/README.md +++ b/README.md @@ -23,14 +23,14 @@ The library is available on both Maven Central and Bintray, and the Javadoc is p com.auth0 java-jwt - 3.18.3 + 3.19.0 ``` ### Gradle ```gradle -implementation 'com.auth0:java-jwt:3.18.3' +implementation 'com.auth0:java-jwt:3.19.0' ``` ## Available Algorithms diff --git a/lib/build.gradle b/lib/build.gradle index 9dcf7e40..a83ccbc5 100644 --- a/lib/build.gradle +++ b/lib/build.gradle @@ -47,7 +47,7 @@ javadoc { } dependencies { - implementation 'com.fasterxml.jackson.core:jackson-databind:2.12.6' + implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.2' testImplementation 'org.bouncycastle:bcprov-jdk15on:1.70' testImplementation 'junit:junit:4.13.2' diff --git a/lib/src/main/java/com/auth0/jwt/algorithms/Algorithm.java b/lib/src/main/java/com/auth0/jwt/algorithms/Algorithm.java index 0b4e74b7..f3405f6e 100644 --- a/lib/src/main/java/com/auth0/jwt/algorithms/Algorithm.java +++ b/lib/src/main/java/com/auth0/jwt/algorithms/Algorithm.java @@ -177,7 +177,11 @@ public static Algorithm HMAC256(byte[] secret) throws IllegalArgumentException { * @param keyProvider the provider of the Public Key and Private Key for the verify and signing instance. * @return a valid ECDSA256 Algorithm. * @throws IllegalArgumentException if the Key Provider is null. + * @deprecated The SECP-256K1 Curve algorithm has been disabled beginning in Java 15. + * Use of this method in those unsupported Java versions will throw a {@link java.security.SignatureException}. + * This method will be removed in the next major version. See for additional information */ + @Deprecated public static Algorithm ECDSA256K(ECDSAKeyProvider keyProvider) throws IllegalArgumentException { return new ECDSAAlgorithm("ES256K", "SHA256withECDSA", 32, keyProvider); } @@ -189,7 +193,11 @@ public static Algorithm ECDSA256K(ECDSAKeyProvider keyProvider) throws IllegalAr * @param privateKey the key to use in the signing instance. * @return a valid ECDSA256 Algorithm. * @throws IllegalArgumentException if the provided Key is null. + * @deprecated The SECP-256K1 Curve algorithm has been disabled beginning in Java 15. + * Use of this method in those unsupported Java versions will throw a {@link java.security.SignatureException}. + * This method will be removed in the next major version. See for additional information */ + @Deprecated public static Algorithm ECDSA256K(ECPublicKey publicKey, ECPrivateKey privateKey) throws IllegalArgumentException { return ECDSA256K(ECDSAAlgorithm.providerForKeys(publicKey, privateKey)); }