This release contains following improvements and bugfixes:
- Spring Boot stack upgraded to version
2.6.6
due to recent high severity CVE's. - Updated dependencies and documentation.
This release contains following improvements and bugfixes:
- Refactored code to allow easier usage of library for performance testing.
- Improved request logging, logging of custom object for activation status.
- Log4J library excluded from dependencies to avoid false alarms in scans due to recent vulnerabilities.
- Upgrade to Spring boot 2.6, updated dependencies.
- Minor bugfixes and documentation updates.
This release contains following improvements and bugfixes:
- REST client migrated to the
rest-client-base
project. - Improved logging.
- Dependency updates.
This release contains following improvements and bugfixes:
- Optional OTP code verification during activation.
- Device platform and model information is stored during activation.
- Improved logging of activation status and action steps.
- Dry run for signature verification.
- Dependency updates.
This release contains following improvements and bugfixes:
- Improved information entropy in PowerAuth online signatures using BASE64 encoding.
- Improved protection of encrypted status blob against possible replay attacks.
- Improved protection of payload encrypted by our ECIES scheme.
- Improved protocol reliability by allowing the mobile client to synchronize its counter with the server.
- Bouncy Castle library upgraded to version
1.64
. - Dependency updates related to security advisories.
This release contains following improvements and bugfixes:
- Java 11 support
- Support for activation using recovery codes and PUKs
- Confirmation of recovery codes
- Removal of existing PowerAuth tokens
- Bouncy Castle library upgraded to
1.61
- Dependency updates related to security advisories
This release contains following improvements and bug fixes:
- A new parameter
version
has been introduced to support different versions of PowerAuth protocol - Support for new
v3
endpoints, original support ofv2
endpoints are still available - Upgrade of activations from version
2
to version3
- Support for hash-based counter used in
v3
signatures - ECIES-based end-to-end encryption (
encrypt
,sign-and-encrypt
) - Improved packaging of jar using
spring-boot-maven-plugin
- Improved testability,
powerauth-java-cmd-lib
is more suitable for writing tests - Dependency updates