Releases: ProtonMail/gopenpgp
Releases · ProtonMail/gopenpgp
Release version 2.4.1
Fixed bug with NewPGPSplitMessageFromArmored(armored) and PGPMessage.SeparateKeyAndData(). Those functions didn't parse AEAD encrypted messages correctly (eg messages encrypted with the latest versions of gnupg), resulting in a nil DataPacket.
Release version 2.4.0
Update underlying crypto library and add functionality to get the signature timestamp of a verified signature
Release version 2.3.1
Fix the verification of PGP/MIME message signatures:
- Improve the handling of the dual verification status so that it is considered invalid if both embedded and PGP/MIME signatures are invalid.
- start calling callback.OnVerified(status int) to communicate the status verification of the message.
Release version 2.3.0
Added Key.IsRevoked() to check the revocation status of a key and upgraded underlying crypto library to fix handling of revoked keys
Release version 2.2.5
The global pgp variable fields is now protected with a lock and dummy keys are locked and unlocked correctly
Release version 2.2.4
Fixed
- Use the provided
verifyTime
instead of the current time when verifying embedded signatures.
Release version 2.2.3
Changed
- Keys are now generated with ZLIB as optional compression algorithm
- Upgraded underlying crypto library
Release version 2.2.2
Added
NewKeyFromEntity
to create a key from an openpgp entity
Changed
- Improved documentation for differences between text and binary messages
Deprecated
(key *Key) Check() (bool, error)
is now deprecated, all keys are now checked upon import from x/crypto
Fixed
- Dummy keys now show the correct locked/unlocked status
Security
- All keys are now checked on parsing from the underlying library
v2.2.1: Merge pull request #140 from ProtonMail/release-2.2.1
Changed
- Changed the returned
SignatureVerificationError.Status
when trying to verify a message with no embedded signature. It used to returnconstants.SIGNATURE_NO_VERIFIER
and now returnsconstants.SIGNATURE_NOT_SIGNED
.
This change impacts :func (sk *SessionKey) DecryptAndVerify(...)
func (msg *PlainMessageReader) VerifySignature(...)
func (keyRing *KeyRing) Decrypt(...)
- Improved error messages for failures in password protected message decryption
Added
- Helper to access the SignatureVerificationError explicitly when decrypting streams in mobile apps:
func VerifySignatureExplicit( reader *crypto.PlainMessageReader, ) (signatureVerificationError *crypto.SignatureVerificationError, err error)
Release version 2.2.0
Add streaming API