From d359c0b2036403b14643b1f4ee45a0bdd797472e Mon Sep 17 00:00:00 2001 From: Claude Date: Thu, 16 Apr 2026 13:48:24 +0000 Subject: [PATCH] docs: update README for 0.2.0 and add CHANGELOG Bump the Gradle install snippets to 0.2.0 and extend the Supported Proof Mechanisms table so the full ecdsa-sd-2023 holder/verifier lifecycle (createBaseProof / deriveProof / verifyDerivedProof) is visible. Move the 0.2.0 release notes out of the README into a dedicated CHANGELOG.md following Keep-a-Changelog conventions. The README now links to CHANGELOG.md from a short Changelog section. 0.2.0 covers the five April 16, 2026 commits: the sd-2023 derivation/verification path (including the CBOR header and multibase-prefix spec fix), the ECDSA low-S malleability fix, key material zeroization, JSON-LD NFC ingress + W3C rdf-canon conformance tests, and the new GitHub Actions CI workflow. --- CHANGELOG.md | 46 ++++++++++++++++++++++++++++++++++++++++++++++ README.md | 12 +++++++++--- 2 files changed, 55 insertions(+), 3 deletions(-) create mode 100644 CHANGELOG.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..df71919 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,46 @@ +# Changelog + +All notable changes to `signet-core` are documented in this file. + +The format is loosely based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +## 0.2.0 — April 16, 2026 + +### Selective Disclosure (`ecdsa-sd-2023`) — full holder/verifier lifecycle +- New `SelectiveDisclosure.deriveProof(...)` — holder-side step that strips the + issuer HMAC key from the presented proof and emits a derived proof + (CBOR tag `0xd9 0x5d 0x01`) carrying `baseSignature`, `publicKey`, + per-quad signatures, a `c14n → HMAC` `labelMap`, and `mandatoryIndexes`. +- New `SelectiveDisclosure.verifyDerivedProof(...)` — verifier-side + reconstruction of the signed canonical form via `labelMap`; no HMAC key + required. +- Base proof CBOR header corrected to `0xd9 0x5d 0x00` and `proofValue` + multibase prefix corrected to `u` (base64url-no-pad) per W3C + VC-DI-ECDSA §3.5.2 / §3.5.3. `eddsa-rdfc-2022` and `ecdsa-rdfc-2022` + retain `z` (base58btc). + +### Security hardening +- ECDSA P-256 signatures are now normalized to **low-S** on sign and + rejected as malformed on verify, closing a signature-malleability path + where `(r, s)` and `(r, n − s)` both verified for the same message. + Affects `signEcdsaP256Raw` and `SelectiveDisclosure.signEcdsaP256`. +- Defensive **key material zeroization**: Ed25519 seed bytes, P-256 + private keys, and the `ecdsa-sd-2023` HMAC-SHA256 key are now wiped + via `try-finally` after use, reducing exposure in heap dumps, core + dumps, and swap. + +### JSON-LD canonicalization +- `JsonLdProcessor` applies **Unicode NFC** at the ingress boundary to + string literals and map keys, so composed/decomposed forms canonicalize + identically. Numeric type handling widened to `Short`, `Byte`, `Float`, + `BigDecimal`, `BigInteger`; unknown types now fail loudly. +- Added W3C `rdf-canon` conformance tests (vectors 001–006, 017, 020, + 021, 043, 053, 054, 076) covering blank-node relabeling, graph + isomorphism, RDF collections, and language-tagged literals. + +### Build & CI +- Added GitHub Actions workflow (`.github/workflows/ci.yml`) running + `./gradlew build` on every push and pull request with Temurin JDK 17, + Gradle wrapper caching, and a concurrency group that cancels superseded + runs on the same ref. diff --git a/README.md b/README.md index 1d4734c..3be0a31 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ This module has **zero Spring dependencies** and can be used in any Java 17+ app ```kotlin dependencies { - implementation("work.brodykim:signet-core:0.1.0") + implementation("work.brodykim:signet-core:0.2.0") } ``` @@ -28,7 +28,7 @@ dependencies { ```groovy dependencies { - implementation 'work.brodykim:signet-core:0.1.0' + implementation 'work.brodykim:signet-core:0.2.0' } ``` @@ -121,7 +121,9 @@ if (!result.valid()) { | JWS (VC-JWT) | Ed25519 | `CredentialSigner.signCredential()` | | DataIntegrity | eddsa-rdfc-2022 | `CredentialSigner.signWithDataIntegrity()` | | DataIntegrity | ecdsa-rdfc-2022 (P-256) | `CredentialSigner.signWithEcdsaDataIntegrity()` | -| Selective Disclosure | ecdsa-sd-2023 (P-256) | `SelectiveDisclosure.createBaseProof()` | +| Selective Disclosure (base) | ecdsa-sd-2023 (P-256) | `SelectiveDisclosure.createBaseProof()` | +| Selective Disclosure (derive) | ecdsa-sd-2023 (P-256) | `SelectiveDisclosure.deriveProof()` | +| Selective Disclosure (verify) | ecdsa-sd-2023 (P-256) | `SelectiveDisclosure.verifyDerivedProof()` | ## Supported Key Types @@ -154,6 +156,10 @@ This library implements the following specifications: > **Note:** This implementation is not certified by 1EdTech. See the [NOTICE](NOTICE) file for full compliance details. +## Changelog + +See [CHANGELOG.md](CHANGELOG.md) for release notes. + ## License Licensed under the [Apache License 2.0](../LICENSE).