Release version 2.4.9

Upgrade underlying go-crypto version

Release version 2.4.8

Add AEAD decryption support

Release version 2.4.7

• DecryptMIMEMessage will return the decrypted content in the OnBody callback, even when there's a signature verification error. That lets the caller decide whether they want to use the content with a warning or hard fail on signature errors.
• Key generation functions no longer return an error if either the name or email is empty

Release version 2.4.6

Fix MIME signature parsing issues

Release version 2.4.5

Deprecate SeparateKeyAndData, replace with (msg *PGPMessage) SplitMessage() to split PGP messages

Release version 2.4.4

Clone returned slices from SeparateKeyAndData

Release version 2.4.3

Security

• Fixed incorrect MDC parsing for session key decryption

Changed

• SeparateKeyAndData is now implemented in a more generic way, by checking for the location in the bytes of the last session key packet, then splitting the binary message after that point.

Fixed

• SeparateKeyAndData now correctly parses AEAD packets.
• (ap *AttachmentProcessor) Finish() now returns encryption errors correctly.

Release version 2.4.2

Update underlying crypto library and prevent AEAD messages from being created until the specification is stable

Release version 2.4.1

Fixed bug with NewPGPSplitMessageFromArmored(armored) and PGPMessage.SeparateKeyAndData(). Those functions didn't parse AEAD encrypted messages correctly (eg messages encrypted with the latest versions of gnupg), resulting in a nil DataPacket.

Release version 2.4.0

Update underlying crypto library and add functionality to get the signature timestamp of a verified signature