• feat: JSONWebCertificateChain general availability
• feat: Resolve cnf key using network
• feat: HTTP loading for JWKS and x5u certificates
• feat: Certificate chain verifier (Apple platforms or when X509 trait is set)
• feat: Import/export X509.Certificate's public key and private key
• !fix: Symmetric key length minimum for HS algorithms
• fix: JSONPointer setter handling value when JSONWebFieldEncodable
• fix: Throw error when JWS/JWE base64url is invalid
• fix: More appropriate error types in SecKey and JWS/JWE
• fix: Normalizing key data for JWK thumbprint
• fix: X509.Certificate key thumbprint fails for SPKI
• fix: SPKI/PKCS8 parsing in AnyJSONWebKey did not work
• !chore: Drop iOS 14/macOS 11 support
• chore: Minor refactor to fix linter and sonar issues
• tests: Add negative and security input tests

What's Changed

• feat: SD-JWT data structures and claims
• feat: SD-JWT key binding verification
• feat: SW-JWT disclosure and conceal implementation
• feat: JWS algorithm argument became optional on creation
• tests: Add SD-JWT tests
• tests: Add more tests for JSONPointer and SDJWT serialization

• feat: Support ES256K algorithm
• feat: Update HPKE to draft 15
• feat: Handling deserializing compressed raw ECC keys
• chore: Refactoring ASN1 containers' serialization method
• chore: Use symmetric key as P256K private key backing
• chore: Minor certificate refactor

• fix: Improve performance when using common algorithms
• fix: Improve performance of equal check
• fix: Improve performance of AtomicValue for registry lookup
• fix: Improve performance of base64url encode/decode
• fix: Improve performance of compact JWS/JWE generation
• chore: Remove dead codes

• fix: Timinig attack on JWE decryption when multiple key is provided
• fix: MLDSA structs conformance to AKP parameters

The API has reached a stable state, marking our transition to version 1.0.

• feat: Support HPKE JOSE draft 14 (HPKE-7, info parameters)
• feat: Allow to iterate on storage
• feat: Support SHA3 hash functions
• !chore: Drop Swift 5.10
• chore: Update to Swift-Crypto 4
• chore: Minor refactors of HPKE and linting

• feat: JWS initializer from payload and algorithm
• fix: Xcode 26 error for MLDSA
• chore: Remove AnyCodable type as value of storage dictionary

• feat: MLDSA support in macOS/iOS 26 (draft)
• feat: Support HPKE's encryption algorithm without psk support (draft)
• feat: Support WebAssembly (no pthread)
• feat: Curve25519 DER serialization/deserialization
• feat: Optional dependency of X509/swift-certificates via traits
• feat: Support PKCS8 v2
• feat: Expose RFC5480 algorithms
• fix: Swift 6.2 warnings
• fix: Build issue in older macos and CodeQL
• !chore: Make JSONWebKeyAESCBCHMAC generic for hash function
• !chore: Refactor ConcatKDF function
• !chore: Use AtomicValue alias for atomic operation on registeries
• !chore: Changed EncryptedKeyHandler signature for more control of mutated headers
• chore: Remove unnecessary Container parameter in JSONWebContainerParameters
• chore: Fix some sonar issues
• chore: Use new certificate's private key sign method
• chore: Update dependencies

• feat: Key matching for POP (cnf claim) from JWKS
• feat: Support RSA-OAEP-384, RSA-OAEP-512 in non-Darwin platforms
• feat: Add JSONWebPrivateKey protocol
• feat: Support Fully-Specified Algorithms for JOSE draft
• feat: Support of AKP algorithms when standardized in future
• feat: Support for MLDSA/MLKEM key types and abstracts regarding draft-7
• feat: Support APK key thumbprinting
• !feat: Key accessors are now only available in related key type
• [Breaking] !feat: Default symmetric-key is 256bit now
• fix: Add PBES2 salt when not provided
• fix: Validating generic keys when initialized from storage
• fix: Prevent crash when reading SecureEnclave keys rawRepresentation
• fix: PKCS8 thumbprinting must be not allowed
• fix: JSONWebKeySymmetric is hashable
• [Breaking] !chore: Remove argument name for String conversion method
• [Breaking] !chore: JSONWebContainer is not sendable anymore, if it is used directly
• chore: Remove redundant subscriptions of storage
• chore: SymmetricKey and Certificate to conform JSONWebValueEncodable/Decodable
• chore: Base64URL conversions from any UInt8 collection (Data, [UInt8], etc.)
• chore: Make JSONWebContainer immutable, introducing MutableJSONWebContainer
• chore: Keys are conforming to JSONWebContainer
• chore: Initialize keys using init instead of create
• chore: Initialize key from another key
• chore: Test functions naming linted
• chore: Minor refactors and improvements
• chore: Remove CryptoSwift dependency and use BoringSSL instead for RSA_1.5
• chore: Refactor ASN1 encoding support, remove unused codes
• chore: Better algorithm classifications
• docs: Update and improve docc documentation

• feat: Support Curve25519 import/export from DER (SPKI/PKCS8)
• feat: JWK's private key extraction from X509 cerificate
• feat: JSONWebKeySet methods for append, filter, match, remove keys
• feat: JSONWebKeySet initialize from URL in Darwin platforms
• feat: Matching JWKS key for header instead of algorithm/kid
• feat: Set kid to thumbprint if no keyId is set
• feat: Decrease build size by removing Foundation dependency (Linux)
• !feat: Remove unnecessary public key class from algorithm registration functions
• !fix: Remove unnecessary throwing in JWKSet methods
• fix: More accurate algorithm to find appropriate key for verify or decrypting
• fix: Detect RSA is private or public instead of failed initializing
• fix: Add missing tests
• chore: Minor code improvements
• chore: fix a bunch of typos in the documentations and the code itself (#16)
• chore: More efficient base64 initialization
• chore: Remove AnyKeyPath conformance to Sendable
• chore: General hashing and equity check for private keys using public keys
• chore: Add accessors for [Cerfificate] in JSONWebValue
• chore: Make tirvial methods inlinable for performance
• docs: More documentation