Skip to content

Releases: ProtonMail/gopenpgp

Release version 2.4.2

13 Jan 13:57
@wussler wussler
v2.4.2
16358e8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.4.2

Update underlying crypto library and prevent AEAD messages from being created until the specification is stable

Assets 2
Loading

Release version 2.4.1

10 Jan 15:53
@wussler wussler
v2.4.1
6c08b55
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.4.1

Fixed bug with NewPGPSplitMessageFromArmored(armored) and PGPMessage.SeparateKeyAndData(). Those functions didn't parse AEAD encrypted messages correctly (eg messages encrypted with the latest versions of gnupg), resulting in a nil DataPacket.

Assets 2
Loading

Release version 2.4.0

21 Dec 18:08
@wussler wussler
v2.4.0
3aafa3c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.4.0

Update underlying crypto library and add functionality to get the signature timestamp of a verified signature

Assets 2
Loading

Release version 2.3.1

15 Dec 11:01
@wussler wussler
v2.3.1
eec2885
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.3.1

Fix the verification of PGP/MIME message signatures:

  • Improve the handling of the dual verification status so that it is considered invalid if both embedded and PGP/MIME signatures are invalid.
  • start calling callback.OnVerified(status int) to communicate the status verification of the message.
Assets 2
Loading

Release version 2.3.0

15 Nov 15:09
@wussler wussler
v2.3.0
eb1cf0f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.3.0

Added Key.IsRevoked() to check the revocation status of a key and upgraded underlying crypto library to fix handling of revoked keys

Assets 2
Loading

Release version 2.2.5

11 Nov 16:32
@wussler wussler
v2.2.5
420bb96
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.2.5

The global pgp variable fields is now protected with a lock and dummy keys are locked and unlocked correctly

Assets 2
Loading

Release version 2.2.4

29 Sep 14:57
@wussler wussler
v2.2.4
d1b2846
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.2.4

Fixed

  • Use the provided verifyTime instead of the current time when verifying embedded signatures.
Assets 2
Loading

Release version 2.2.3

21 Sep 12:05
@wussler wussler
v2.2.3
0b639a2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.2.3

Changed

  • Keys are now generated with ZLIB as optional compression algorithm
  • Upgraded underlying crypto library
Assets 2
Loading

Release version 2.2.2

04 Aug 11:28
@wussler wussler
v2.2.2
88d6696
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.2.2

Added

  • NewKeyFromEntity to create a key from an openpgp entity

Changed

  • Improved documentation for differences between text and binary messages

Deprecated

  • (key *Key) Check() (bool, error) is now deprecated, all keys are now checked upon import from x/crypto

Fixed

  • Dummy keys now show the correct locked/unlocked status

Security

  • All keys are now checked on parsing from the underlying library
Assets 2
Loading

v2.2.1: Merge pull request #140 from ProtonMail/release-2.2.1

27 Jul 12:35
@wussler wussler
v2.2.1
dc08a38
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.2.1: Merge pull request #140 from ProtonMail/release-2.2.1

Changed

  • Changed the returned SignatureVerificationError.Status when trying to verify a message with no embedded signature. It used to return constants.SIGNATURE_NO_VERIFIER and now returns constants.SIGNATURE_NOT_SIGNED.
    This change impacts :
    • func (sk *SessionKey) DecryptAndVerify(...)
    • func (msg *PlainMessageReader) VerifySignature(...)
    • func (keyRing *KeyRing) Decrypt(...)
  • Improved error messages for failures in password protected message decryption

Added

  • Helper to access the SignatureVerificationError explicitly when decrypting streams in mobile apps: 
     func VerifySignatureExplicit(
 	reader *crypto.PlainMessageReader,
 ) (signatureVerificationError *crypto.SignatureVerificationError, err error)
Assets 2
Loading