- BREAKING: Convert to module (ESM).
- BREAKING: Require Node.js >=14.
- Update dependencies.
- Lint module.
- BREAKING:
.from()now routes to.fromKeyDocument()if the serialized key object has a@context. This update is to make for more secure behavior when creating key pair instances from "untrusted" key objects (say, fetched from the web etc).
- Implement
CryptoLD.fromKeyIdAPI. - Implement
LDKeyPair.fromKeyDocumentAPI. - Add support for revoked keys.
- BREAKING: Remove
LDVerifierKeyPairsubclass. Foldsigner()andverifier()methods into parentLDKeyPairclass. - BREAKING:
export()is now a sync function (no reason for it to be async). - BREAKING: Remove
keyPair.addPrivateKey()andkeyPair.addPublicKey(). Subclasses will just need to overrideexport()directly.
The breaking changes in v5 do not affect any application code, they only affect
key pair plugins such as
https://github.com/digitalbazaar/ed25519-verification-key-2020.
No changes necessary in application code upgrading from v5 from v4.
- Publish package.
- Fix
use()suite usage.
- Removed unused
sodium-nativedependency.
- Implement chai-like
.use()API for installing and specifying individual key types. - BREAKING: Extracted bundled Ed25519 and RSA key suites to their own libraries.
- BREAKING: Remove deprecated
.ownerinstance property - BREAKING: Remove deprecated
.passphraseinstance property, and theencrypt()anddecrypt()methods (these are no longer used). - BREAKING: Remove deprecated/unused
publicKeyandprivateKeyproperties. - BREAKING: Rename
.publicNode()to.export({publicKey: true}). - BREAKING:
.export()now requires explicitly stating whether you're exporting public or private key material. - BREAKING: Changed
verifyFingerprint()to used named params. - BREAKING: Changed
addPublicKey()andaddPrivateKey()to used named params.
The previous design (v3.7 and earlier) bundled two key types with this
library (RSA and Ed25519), which resulted in extraneous code and bundle size
for projects that only used one of them (or used some other suite). The
decision was made to extract those bundled suites to their own repositories,
and to add a builder-style .use() API to crypto-ld so that client code
could select just the suites they needed.
Since this was a comprehensive breaking change in usage, this also gave an opportunity to clean up and streamline the existing API, change function signatures to be consistent (for example, to consistently used named parameters), and to remove deprecated and unused APIs and properties.
Since this is a comprehensive breaking change, you will need to audit and change
pretty much all usage of crypto-ld and compatible key pairs. Specifically:
- Ed25519 and RSA keys are no longer imported from
crypto-ld, they'll need to be imported from their own packages. - Since key suites have been decoupled from
crypto-ld, it means that this library should only be used when a project is using multiple key suites. If you're just using a single suite, then you can use that suite directly, withoutcrypto-ld. - Most function param signatures have been changed to use
{}style named params.
- Add support for Node 12 Ed25519 generate, sign, and verify.
- Make
sodium-nativean optional dependency.
- Add
LDKeyPair.fromFingerprint()to create an Ed25519KeyPair instance from a fingerprint (for use withdid:keymethod code).
- Use [email protected] which properly specifies the Node.js engine.
- Fix incorrectly formatted engine tag in package file.
- The
util.base58PublicKeyFingerprintwas released in error. It has been replaced by theEd25519KeyPair.fingerprintFromPublicKeyAPI contained in this release.
- Add
util.base58PublicKeyFingerprinthelper for computing public key fingerprints. NOTE: this API was released in error, see release 3.5.1.
- Fix Ed25519 fingerprint generation when running in the browser.
- Enable use of a
seedto generate deterministic Ed25519 keys.
- Improve error handling related to the decoding of key material in
Ed25519KeyPair. This is helpful when dealing with key material that may be provided via command line or web UI.
- Remove
sodium-universaldependency to reduce the size of the browser bundle. - Ed25519 operations in Node.js use
sodium-nativeAPIs. - Ed25519 operations in the browser use
forgeAPIs. - Use
base64url-universalwhich eliminates the need for aBufferpolyfill when this module is used in the browser.
- Use [email protected]. The new
rsa.generateKeyPairAPI automatically uses native implementation when available in nodejs >= 10.12.0.
- BREAKING: Make key fingerprints conform to the latest multibase/multicodec specification. The fingerprints generated by 2.x and 3.x are different due to encoding changes.
- BREAKING: The only exports for this module are the three key classes:
LDKeyPair,Ed25519KeyPair, andRSAKeyPair.
- No need to bring in
utilin browser environment.
- Specify published files.
- BREAKING:
Ed25519KeyPairnow usespublicKeyBase58andprivateKeyBase58attributes, instead ofpublicKeyBaseandprivateKeyBase - BREAKING: Changed signature of
LDKeyPair.from()(oneoptionsparam instead of a separatedataandoptions) - Removed
ursasupport.- Node.js >= 10.12.0: use generateKeyPair().
- Earlier Node.js and browsers: use forge.
- NOTE: Newer Node.js versions are much faster at RSA key generation vs the forge fallback. It is highly recommended to use a newer Node.js.
- Switch from chloride to sodium-universal.
- Added
controllerattribute (to use instead of the deprecatedowner) - Added
sign()andverify()factory functions for use withjsonld-signatures - Add Karma browser testing support.
- Change keyType to type (do match DID Doc usage), add key owner
- Initial NPM release
- Moved LDKeyPair code from
did-io